Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2015-0372
HistorySep 15, 2015 - 5:55 p.m.

Updated ipython packages fix CVE-2015-6938

2015-09-1517:55:06
Gentoo Foundation
advisories.mageia.org
9

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.7%

JSON

Updated ipython packages fix security vulnerability: In IPython, local folder name was used in HTML templates without escaping, allowing XSS in said pages by carefully crafting folder name and URL to access it (CVE-2015-6938).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchipython< 2.3.0-1.2ipython-2.3.0-1.2.mga4
Mageia5noarchipython< 2.3.0-2.3ipython-2.3.0-2.3.mga5

Related

nessus 5
openvas 3
fedora 3
cve 1
osv 3
debiancve 1
prion 1
cvelist 1
github 1
ubuntucve 1
nvd 1
freebsd 1
nessus
nessus
Fedora 22 : ipython-2.4.1-8.fc22 (2015-14902)
2015-09-18 00:00:00
Fedora 21 : ipython-2.4.1-8.fc21 (2015-14901)
2015-09-18 00:00:00
openSUSE Security Update : IPython / python3-IPython (openSUSE-2015-638)
2015-10-09 00:00:00
openvas
openvas
Fedora Update for ipython FEDORA-2015-14901
2015-09-18 00:00:00
Mageia: Security Advisory (MGASA-2015-0372)
2015-10-15 00:00:00
Fedora Update for ipython FEDORA-2015-14902
2015-09-18 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: ipython-2.4.1-8.fc21
2015-09-18 03:52:51
[SECURITY] Fedora 22 Update: ipython-2.4.1-8.fc22
2015-09-18 01:34:41
[SECURITY] Fedora 23 Update: ipython-3.2.1-3.fc23
2015-09-25 08:54:17
cve
cve
CVE-2015-6938
2015-09-21 19:59:05
osv
osv
PYSEC-2015-26
2015-09-21 19:59:00
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
2022-05-14 02:04:49
PYSEC-2015-24
2015-09-21 19:59:00
debiancve
debiancve
CVE-2015-6938
2015-09-21 19:59:05
prion
prion
Cross site request forgery (csrf)
2015-09-21 19:59:00
cvelist
cvelist
CVE-2015-6938
2015-09-21 19:00:00
github
github
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
2022-05-14 02:04:49
ubuntucve
ubuntucve
CVE-2015-6938
2015-09-21 00:00:00
nvd
nvd
CVE-2015-6938
2015-09-21 19:59:05
freebsd
freebsd
devel/ipython -- multiple vulnerabilities
2015-09-01 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.7%

JSON
Related for MGASA-2015-0372
nessus5openvas3fedora3cve1osv3debiancve1prion1cvelist1github1ubuntucve1nvd1freebsd1