1255 matches found
Jupyter Notebook Python Library 7.0.0 < 7.2.2 (CVE-2024-43805)
Jupyter Notebook is an extensible environment for interactive and reproducible computing. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked...
Jupyter Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/jupyter' class MetasploitModule 'Jupyter Login Utility', 'Description' = %...
SUSE CVE-2024-43805
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
BIT-JUPYTERLAB-2024-43805 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
BIT-JUPYTER-NOTEBOOK-2024-43805 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
alactions (>=0.0.7 <=0.0.11), ale-uy (=1.5.0) +72 more potentially affected by CVE-2024-43805 via notebook (>=7.0.0 <=7.2.1)
notebook PYPI version =7.0.0, =0.0.7, =1.0.1, =1.6.4, =0.0.1, =0.0.1, =0.1.8, =0.0.2, =0.20.0, =1.0.0, =0.3.2, =0.4.0 and more Source cves: CVE-2024-43805 Source advisory: OSV:GHSA-9Q39-RMJ3-P4R2...
GHSA-9Q39-RMJ3-P4R2 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...
HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...
UBUNTU-CVE-2024-43805
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
CVE-2024-43805
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
CVE-2024-43805 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
CVE-2024-43805
CVE-2024-43805 affects JupyterLab and Jupyter Notebook where a user opens a malicious notebook or Markdown file in preview mode can lead to data access and arbitrary requests performed as the attacked user. Affected versions include JupyterLab v3.6.8, v4.2.5 and Jupyter Notebook v7.2.2; patches e...
CVE-2024-43805
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
CVE-2024-43805 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
CVE-2024-43805 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...
JupyterLab 安全漏洞
JupyterLab is a JupyterLab open source extensible environment for interactive and repeatable computation, based on the Jupyter Notebook and architecture. A security vulnerability exists in JupyterLab that originates from opening a malicious notebook or Markdown file with Markdown cells using the...
Security update for python-notebook (moderate)
openSUSE Security Update: Security update for python-notebook Announcement ID: openSUSE-SU-2024:0231-1 Rating: moderate References: 1227583 Cross-References: CVE-2019-11358 CVE-2021-32798 CVSS scores: CVE-2019-11358 NVD : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2021-32798 NVD : 9.6...
CVE-2024-25633
CVE-2024-25633 affects eLabFTW, where versions 4.4.0 up to (and not including) 5.0.0 allow regular users to create new, validated accounts within their team. If anonymous access is enabled, unauthenticated users can create accounts in any team. The issue was fixed starting with version 5.0.0 (Feb...
OPENSUSE-SU-2024:0231-1 Security update for python-notebook
This update for python-notebook fixes the following issues: - Update to 5.7.11 sanitizer fix CVE-2021-32798 boo1227583 - Update to 5.7.10 no upstream changelog - Update to 5.7.9 Update JQuery dependency to version 3.4.1 to fix security vulnerability CVE-2019-11358 Update from preact to React...
SUSE CVE-2021-32798
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim...