Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2022/03/25 7:20 p.m.5 views

appyter (>=0.18.3 <=0.18.11), chronix2grid (>=0.1.0rc1 <=1.0.2) +22 more potentially affected by CVE-2022-24757 via jupyter-server (>=0.0.5 <=1.13.5)

jupyter-server PYPI version =0.0.5, =0.18.3, =0.1.0rc1, =0.0.1.dev7, =3.0.0b2, =2.0.0b1, =0.1.0, =0.18.0, =0.2.0, =0.0.18, =0.2.1, =0.0.2, =0.1.0, =4.3.2 and more Source cves: CVE-2022-24757 Source advisory: OSV:GHSA-P737-P57G-4CPR...

7.5CVSS7.1AI score0.01207EPSS
Exploits0
Circl
Circl
added 2022/03/23 11:28 p.m.9 views

CVE-2022-24757

creationtimestamp| type| source ---|---|--- 2022-03-23 23:28:57+00:00| seen| https://t.me/cibsecurity/39441...

7.5CVSS7.3AI score0.01207EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/03/23 9:15 p.m.4 views

appyter (>=0.18.3 <=0.18.11), chronix2grid (>=0.1.0rc1 <=1.0.2) +22 more potentially affected by CVE-2022-24757 via jupyter-server (>=0.0.5 <=1.13.5)

jupyter-server PYPI version =0.0.5, =0.18.3, =0.1.0rc1, =0.0.1.dev7, =3.0.0b2, =2.0.0b1, =0.1.0, =0.18.0, =0.2.0, =0.0.18, =0.2.1, =0.0.2, =0.1.0, =4.3.2 and more Source cves: CVE-2022-24757 Source advisory: OSV:PYSEC-2022-179...

7.5CVSS7.1AI score0.01207EPSS
Exploits0
Cvelist
Cvelist
added 2022/03/23 8:20 p.m.27 views

CVE-2022-24757 Sensitive Auth & Cookie data stored in Jupyter server logs

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are...

7.5CVSS7.7AI score0.01207EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/03/23 8:20 p.m.8 views

CVE-2022-24757 Sensitive Auth & Cookie data stored in Jupyter server logs

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are...

7.5CVSS7.5AI score0.01207EPSS
Exploits0References2
CVE
CVE
added 2022/03/23 8:20 p.m.138 views

CVE-2022-24757

CVE-2022-24757 affects the Jupyter Server backend used by Jupyter web applications. The issue arises when 5xx errors trigger logging of sensitive information (auth cookies and header values) in server logs, which do not require root access and can be read by an attacker. The root cause is exposur...

7.5CVSS7.5AI score0.01207EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder