4 matches found
CVE-2025-30167
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...
CVE-2025-30167 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration...
The vulnerability of the Jupyter Core environment for interactive code development and execution allows attackers to expose protected information, upload and execute code with elevated privileges.
The vulnerability in the Jupyter Core environment for interactive code development and execution is related to errors in privilege management. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information, upload and execute code with elevated privileges...
azure-arm-nb-extensions (>=0.0.1 <=0.0.2), chemscraper (>=0.1.0 <=0.2.0) +17 more potentially affected by CVE-2022-39286 via jupyter-core (>=4.10.0 <=4.11.1)
jupyter-core PYPI version =4.10.0, =0.0.1, =0.1.0, =1.0.0, =0.0.5, =0.0.6, =0.2.8, =9.0.2, =0.3.20, =0.0.4, =1.0.0, =0.3.5.dev2659611866, =0.0.1, =0.0.3 and more Source cves: CVE-2022-39286 Source advisory: OSV:PYSEC-2022-42974...