61 matches found
Astra Linux - уязвимость в jupyter-core
Jupyter Core is a package for the core common functionalities of Jupyter projects. Prior to version 4.11.2, Jupyter Core contained an arbitrary code execution vulnerability in “jupytercore,” which stemmed from “jupytercore” executing untrusted files in the CWD environment. This vulnerability...
ROOT-APP-PYPI-CVE-2025-30167 CVE-2025-30167 in rootio-jupyter_core - Patched by Root
Root has patched CVE-2025-30167 in the rootio-jupytercore package for Root:PyPI. Multiple fixed versions available...
EUVD-2022-0129
Malicious code in bioql PyPI...
EUVD-2025-16771
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-39286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution...
Linux Distros Unpatched Vulnerability : CVE-2025-30167
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared...
python311-jupyter-core-5.8.1-1.1 on GA media (moderate)
python311-jupyter-core-5.8.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15272-1 Rating: moderate Cross-References: CVE-2025-30167 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
SUSE CVE-2025-30167
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...
OPENSUSE-SU-2025:15272-1 python311-jupyter-core-5.8.1-1.1 on GA media
These are all security issues fixed in the python311-jupyter-core-5.8.1-1.1 package on the GA media of openSUSE Tumbleweed...
The vulnerability in the Jupyter Core environment for interactive code development and execution, related to an uncontrolled element in the search process, allows attackers to exploit their privileges.
The vulnerability in the Jupyter Core environment for interactive code development and execution is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2025-30167
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...
Unauthorized Configuration Manipulation
Jupyter Core is vulnerable to Unauthorized Configuration Manipulation. The vulnerability is due to improper access control on the %PROGRAMDATA% directory, allowing unprivileged users to write configuration files that affect other users on shared Windows systems...
abracadabra (>=0.0.0 <=0.0.7), ac-solver (=0.1.0) +308 more potentially affected by CVE-2025-30167 via jupyter-core (>=4.10.0 <=5.8.0)
jupyter-core PYPI version =4.10.0, =0.0.0, =0.14.0.3, =1.0.0, =0.1.23, =0.20.0, =0.9.5, =0.1.0, =0.0.4, =1.0.1, =0.1.0, =1.0.1, =1.0.1, =1.0.14 and more Source cves: CVE-2025-30167 Source advisory: OSV:GHSA-33P9-3P43-82VQ...
Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...
GHSA-33P9-3P43-82VQ Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...
ac-solver (=0.1.0), airosentris (>=0.1.23 <=0.1.31) +189 more potentially affected by CVE-2025-30167 via jupyter-core (>=5.0.0 <=5.7.2)
jupyter-core PYPI version =5.0.0, =0.1.23, =0.20.0, =0.9.5, =0.1.0, =0.1.0, =1.0.1, =1.0.1, =0.3.1, =0.1.1, =0.1.0, =0.3.0, =0.1.0, =0.1.7 and more Source cves: CVE-2025-30167 Source advisory: SNYK:PYTHON-JUPYTERCORE-10300774...
Uncontrolled Search Path Element
Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to the shared %PROGRAMDATA% directory being searched for configuration files. An attacker can introduce unintended behavior and affect other users by creating malicious configuration files in the...
CVE-2025-30167
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...
UBUNTU-CVE-2025-30167
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...
CVE-2025-30167 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...