vivo-project/Vitro

on GitHub

137 releases

new releases every 1 month 1 week

last release was 04/05/2024

last checked yesterday at 9:34 PM

Vitro is a "full stack" framework for building semantic web applications. It is not domain specific.

CVE History

CVE	Published	CVSS v2	CVSS v3
CVE-2019-6986	January 28, 2019	7.5 HIGH	5 MEDIUM
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request.