Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD290351C9-6F5C-11E5-A2A1-002590263BF5
HistorySep 01, 2015 - 12:00 a.m.

devel/ipython -- multiple vulnerabilities

2015-09-0100:00:00
vuxml.freebsd.org
17

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.015

Percentile

87.1%

JSON

Matthias Bussonnier reports:

Summary: Local folder name was used in HTML templates without
escaping, allowing XSS in said pages by carefully crafting folder
name and URL to access it.
URI with issues:

GET /tree/**

Benjamin RK reports:

Vulnerability: A maliciously forged file opened for editing can
execute javascript, specifically by being redirected to /files/ due
to a failure to treat the file as plain text.
URI with issues:

GET /edit/**

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchipython< 3.2.2UNKNOWN

Related

nessus 6
fedora 3
mageia 1
openvas 4
nvd 2
ubuntucve 2
cvelist 2
debiancve 2
prion 2
osv 6
github 2
cve 2
gentoo 1
nessus
nessus
Fedora 23 : ipython-3.2.1-3.fc23 (2015-16128)
2015-09-28 00:00:00
FreeBSD : devel/ipython -- multiple vulnerabilities (290351c9-6f5c-11e5-a2a1-002590263bf5)
2015-10-12 00:00:00
openSUSE Security Update : IPython / python3-IPython (openSUSE-2015-638)
2015-10-09 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: ipython-3.2.1-3.fc23
2015-09-25 08:54:17
[SECURITY] Fedora 22 Update: ipython-2.4.1-8.fc22
2015-09-18 01:34:41
[SECURITY] Fedora 21 Update: ipython-2.4.1-8.fc21
2015-09-18 03:52:51
mageia
mageia
Updated ipython packages fix CVE-2015-6938
2015-09-15 17:55:06
openvas
openvas
Fedora Update for ipython FEDORA-2015-14902
2015-09-18 00:00:00
Mageia: Security Advisory (MGASA-2015-0372)
2015-10-15 00:00:00
Fedora Update for ipython FEDORA-2015-14901
2015-09-18 00:00:00
nvd
nvd
CVE-2015-6938
2015-09-21 19:59:05
CVE-2015-7337
2015-09-29 19:59:07
ubuntucve
ubuntucve
CVE-2015-6938
2015-09-21 00:00:00
CVE-2015-7337
2015-09-29 00:00:00
cvelist
cvelist
CVE-2015-7337
2015-09-29 19:00:00
CVE-2015-6938
2015-09-21 19:00:00
debiancve
debiancve
CVE-2015-7337
2015-09-29 19:59:07
CVE-2015-6938
2015-09-21 19:59:05
prion
prion
Cross site request forgery (csrf)
2015-09-21 19:59:00
Design/Logic Flaw
2015-09-29 19:59:00
osv
osv
PYSEC-2015-24
2015-09-21 19:59:00
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
2022-05-14 02:04:49
PYSEC-2015-26
2015-09-21 19:59:00
github
github
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
2022-05-14 02:04:49
Improper Input Validation in Jupyter Notebook
2022-05-17 03:25:49
cve
cve
CVE-2015-6938
2015-09-21 19:59:05
CVE-2015-7337
2015-09-29 19:59:07
gentoo
gentoo
IPython: User-assisted execution of arbitrary code
2015-12-17 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.015

Percentile

87.1%

JSON
Related for 290351C9-6F5C-11E5-A2A1-002590263BF5
nessus6fedora3mageia1openvas4nvd2ubuntucve2cvelist2debiancve2prion2osv6github2cve2gentoo1