Lucene search

GHSA-44CC-43RP-5947 JupyterLab vulnerable to potential authentication and CSRF tokens leak

🗓️ 19 Jan 2024 20:10:28Reported by GoogleType

osv🔗 osv.dev👁 15 Views

JupyterLab potential authentication and CSRF tokens leak, patched in JupyterLab 4.1.0b2, 4.0.11, and 3.6.7. Upgrade jupyter-server to version 2.7.2 to counter the vulnerability

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 15
Prion	Design/Logic Flaw	19 Jan 202421:15	–	prion
Cvelist	CVE-2024-22421 Potential authentication and CSRF tokens leak in JupyterLab	19 Jan 202420:45	–	cvelist
OSV	BIT-JUPYTER-BASE-NOTEBOOK-2024-22421	6 Mar 202410:53	–	osv
OSV	CVE-2024-22421	19 Jan 202421:15	–	osv
OSV	BIT-JUPYTERLAB-2024-22421	6 Mar 202410:54	–	osv
OSV	BIT-JUPYTER-NOTEBOOK-2024-22421	6 Mar 202410:53	–	osv
NVD	CVE-2024-22421	19 Jan 202421:15	–	nvd
Veracode	Information Disclosure	22 Jan 202405:58	–	veracode
CVE	CVE-2024-22421	19 Jan 202421:15	–	cve
Debian CVE	CVE-2024-22421	19 Jan 202421:15	–	debiancve

Source	Link
github	www.github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-22421
github	www.github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6
github	www.github.com/jupyterlab/jupyterlab/commit/1ef7a4fa0202ebdf663e1cc0b45c8813a34a0b96
github	www.github.com/jupyterlab/jupyterlab/commit/fccd83dc4441da0384ee3fd1322c3b2d9ad4caaa
github	www.github.com/jupyterlab/jupyterlab
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/UQJKNRDRFMKGVRIYNNN6CKMNJDNYWO2H

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Jan 2024 20:28Current

6.7Medium risk

Vulners AI Score6.7

CVSS36.5 - 7.6

EPSS0.00102