clinical-genomics CVE Vulnerabilities & Metrics

Focus on clinical-genomics vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About clinical-genomics Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with clinical-genomics. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total clinical-genomics CVEs: 4
Earliest CVE date: 03 May 2022, 09:15 UTC
Latest CVE date: 30 Sep 2024, 16:15 UTC

Latest CVE reference: CVE-2024-47531

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical clinical-genomics CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 2.85

Max CVSS: 6.4

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	2
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS clinical-genomics CVEs

These are the five CVEs with the highest CVSS scores for clinical-genomics, sorted by severity first and recency.

CVE-2022-1592 clinical-genomics Published on 05 May 2022, 11:15 UTC (CVSS: 6.4)
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
CVE-2022-1554 clinical-genomics Published on 03 May 2022, 09:15 UTC (CVSS: 5.0)
Path Traversal due to `send_file` call in GitHub repository clinical-genomics/scout prior to 4.52.
CVE-2024-47531 clinical-genomics Published on 30 Sep 2024, 16:15 UTC (CVSS: 0)
Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users' devices or data. This vulnerability is fixed in 4.89.
CVE-2024-47530 clinical-genomics Published on 30 Sep 2024, 16:15 UTC (CVSS: 0)
Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lack of scheme validation, HTTPS Downgrade Attack can be performed on the users. This vulnerability is ...

All CVEs for clinical-genomics

CVE-2024-47531 clinical-genomics vulnerability CVSS: 0 30 Sep 2024, 16:15 UTC

Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and opening may lead to the compromise of users' devices or data. This vulnerability is fixed in 4.89.

CVE-2024-47530 clinical-genomics vulnerability CVSS: 0 30 Sep 2024, 16:15 UTC

Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lack of scheme validation, HTTPS Downgrade Attack can be performed on the users. This vulnerability is fixed in 4.89.

CVE-2022-1592 clinical-genomics vulnerability CVSS: 6.4 05 May 2022, 11:15 UTC

Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...

CVE-2022-1554 clinical-genomics vulnerability CVSS: 5.0 03 May 2022, 09:15 UTC

Path Traversal due to `send_file` call in GitHub repository clinical-genomics/scout prior to 4.52.