Lucene search

[email protected]CVE-2023-51277

HistoryJan 05, 2024 - 5:15 a.m.

CVE-2023-51277

2024-01-0505:15:08

[email protected]

web.nvd.nist.gov

cve-2023-51277

nbviewer-app

jupyter notebook viewer

security vulnerability

get-task-allow entitlement

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.1%

JSON

nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-task-allow entitlement for release builds.

Affected configurations

NVD

Node

tinowagnerjupyter_notebook_viewerRange<0.1.6macos

CPENameOperatorVersion
tinowagner:jupyter_notebook_viewertinowagner jupyter notebook viewerlt0.1.6

CPE	Name	Operator	Version
tinowagner:jupyter_notebook_viewer	tinowagner jupyter notebook viewer	lt	0.1.6

References

developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087731

github.com/tuxu/nbviewer-app/commit/dc1e4ddf64c78e13175a39b076fa0646fc62e581

github.com/tuxu/nbviewer-app/compare/0.1.5...0.1.6

www.youtube.com/watch?v=c0nawqA_bdI

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.1%

JSON

Related for CVE-2023-51277

prion1 nvd1 cvelist1 osv1