6 matches found
appyter (>=0.18.3 <=0.18.11), chronix2grid (>=0.1.0rc1 <=1.0.2) +22 more potentially affected by CVE-2022-24757 via jupyter-server (>=0.0.5 <=1.13.5)
jupyter-server PYPI version =0.0.5, =0.18.3, =0.1.0rc1, =0.0.1.dev7, =3.0.0b2, =2.0.0b1, =0.1.0, =0.18.0, =0.2.0, =0.0.18, =0.2.1, =0.0.2, =0.1.0, =4.3.2 and more Source cves: CVE-2022-24757 Source advisory: OSV:GHSA-P737-P57G-4CPR...
CVE-2022-24757
creationtimestamp| type| source ---|---|--- 2022-03-23 23:28:57+00:00| seen| https://t.me/cibsecurity/39441...
appyter (>=0.18.3 <=0.18.11), chronix2grid (>=0.1.0rc1 <=1.0.2) +22 more potentially affected by CVE-2022-24757 via jupyter-server (>=0.0.5 <=1.13.5)
jupyter-server PYPI version =0.0.5, =0.18.3, =0.1.0rc1, =0.0.1.dev7, =3.0.0b2, =2.0.0b1, =0.1.0, =0.18.0, =0.2.0, =0.0.18, =0.2.1, =0.0.2, =0.1.0, =4.3.2 and more Source cves: CVE-2022-24757 Source advisory: OSV:PYSEC-2022-179...
CVE-2022-24757 Sensitive Auth & Cookie data stored in Jupyter server logs
The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are...
CVE-2022-24757 Sensitive Auth & Cookie data stored in Jupyter server logs
The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are...
CVE-2022-24757
CVE-2022-24757 affects the Jupyter Server backend used by Jupyter web applications. The issue arises when 5xx errors trigger logging of sensitive information (auth cookies and header values) in server logs, which do not require root access and can be read by an attacker. The root cause is exposur...