7 matches found
CVE-2023-25574
jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...
EUVD-2023-29521
Malicious code in bioql PyPI...
CVE-2023-25574
jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...
CVE-2023-25574 JupyterHub's LTI13Authenticator: JWT signature not validated
jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...
CVE-2023-25574 JupyterHub's LTI13Authenticator: JWT signature not validated
jupyterhub-ltiauthenticator is a JupyterHub authenticator for learning tools interoperability LTI. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request. Only use...
CVE-2023-25574
CVE-2023-25574 concerns jupyterhub-ltiauthenticator’s LTI13Authenticator. The issue: LTI13Authenticator, added in version 1.3.0, did not validate JWT signatures, potentially allowing forged authentication requests when the JupyterHub instance is configured to use this authenticator. Affected depl...
JupyterHub 数据伪造问题漏洞
JupyterHub is a JupyterHub open source multi-user server for Jupyter. A Data Forgery Issue vulnerability exists in JupyterHub version 1.3.0 that stems from LTI13Authenticator not verifying JWT signatures, which could lead to forged requests being authorized...