Browse all 4 CVE security advisories affecting GMOD. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GMOD is an open-source bioinformatics toolkit for genome annotation and visualization, widely used in research and academic institutions. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure default configurations. The platform's modular architecture, while flexible, has introduced attack surfaces through plugins and web interfaces. Notable security incidents include multiple CVEs affecting components like Chado and GBrowse, where flaws in database queries and session management led to unauthorized access. Despite these issues, GMOD remains essential for genomic data analysis, requiring careful hardening and regular updates to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-20002 | GMOD Apollo Generation of Error Message Containing Sensitive Information — ApolloCWE-209 | 5.3 | Medium | 2025-03-05 |
| CVE-2025-24924 | GMOD Apollo Missing Authentication for Critical Function — ApolloCWE-306 | 9.8 | Critical | 2025-03-05 |
| CVE-2025-23410 | GMOD Apollo Relative Path Traversal — ApolloCWE-23 | 9.8 | Critical | 2025-03-04 |
| CVE-2025-21092 | GMOD Apollo Incorrect Privilege Assignment — ApolloCWE-266 | 6.5 | Medium | 2025-03-04 |
This page lists every published CVE security advisory associated with GMOD. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.