{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T11:20:55.787","vulnerabilities":[{"cve":{"id":"CVE-2021-21376","sourceIdentifier":"security-advisories@github.com","published":"2021-03-23T16:15:14.173","lastModified":"2024-11-21T05:48:13.773","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OMERO.web is open source Django-based software for managing microscopy imaging. OMERO.web before version 5.9.0 loads various information about the current user such as their id, name and the groups they are in, and these are available on the main webclient pages. This represents an information exposure vulnerability. Some additional information being loaded is not used by the webclient and is being removed in this release. This is fixed in version 5.9.0."},{"lang":"es","value":"OMERO.web es un software de código abierto basado en Django para administrar imágenes microscópicas. OMERO.web versiones anteriores a 5.9.0 carga diversa información sobre el usuario actual, como su identificación, nombre y los grupos en los que se encuentra, y estos están disponibles en las páginas principales del cliente web. Esto representa una vulnerabilidad de exposición de la información. Parte de la información adicional que se está cargando no es usada por el cliente web y se eliminará en esta versión. Esto es corregido en versión 5.9.0"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openmicroscopy:omero.web:*:*:*:*:*:*:*:*","versionEndExcluding":"5.9.0","matchCriteriaId":"FE6BE44A-DB7D-4846-BEBE-9C96D2294B94"}]}]}],"references":[{"url":"https://github.com/ome/omero-web/blob/master/CHANGELOG.md#590-march-2021","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/ome/omero-web/commit/952f8e5d28532fbb14fb665982211329d137908c","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/ome/omero-web/security/advisories/GHSA-gfp2-w5jm-955q","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://pypi.org/project/omero-web/","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://www.openmicroscopy.org/security/advisories/2021-SV1/","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://github.com/ome/omero-web/blob/master/CHANGELOG.md#590-march-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/ome/omero-web/commit/952f8e5d28532fbb14fb665982211329d137908c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/ome/omero-web/security/advisories/GHSA-gfp2-w5jm-955q","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://pypi.org/project/omero-web/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://www.openmicroscopy.org/security/advisories/2021-SV1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}