GHSA-P737-P57G-4CPR Insertion of Sensitive Information into Log File in Jupyter notebook
Impact What kind of vulnerability is it? Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter Server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and ga...