Fedora: Security Advisory for python-notebook (FEDORA-2024-1673c2696e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

CVE-2024-22421 Potential authentication and CSRF tokens leak in JupyterLab

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

CVE-2024-22421 Potential authentication and CSRF tokens leak in JupyterLab

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

CVE-2024-22421

CVE-2024-22421 affects JupyterLab and relates to a redirect vulnerability in older jupyter-server versions. If a user clicks a malicious link, their Authorization and XSRFToken can be exposed to a third party when running vulnerable jupyter-server. Affected JupyterLab releases are 4.1.0b2, 4.0.11...

CVE-2024-22421

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

alactions (>=0.0.7 <=0.0.11), ale-uy (=1.5.0) +36 more potentially affected by CVE-2024-22421 via notebook (>=7.0.0 <=7.0.6)

notebook PYPI version =7.0.0, =0.0.7, =1.0.1, =0.0.1, =0.20.0, =0.0.1, =0.1.1, =0.2.0, =1.6.0, =1.16.0, =1.18.0.post1 - lp-aicloud =4.0.0 and more Source cves: CVE-2024-22421 Source advisory: OSV:GHSA-44CC-43RP-5947...

alactions (>=0.0.7 <=0.0.11), ale-uy (=1.5.0) +36 more potentially affected by CVE-2024-22420 via notebook (>=7.0.0 <=7.0.6)

notebook PYPI version =7.0.0, =0.0.7, =1.0.1, =0.0.1, =0.20.0, =0.0.1, =0.1.1, =0.2.0, =1.6.0, =1.16.0, =1.18.0.post1 - lp-aicloud =4.0.0 and more Source cves: CVE-2024-22420 Source advisory: OSV:GHSA-4M77-CMPX-VJC4...

CVE-2023-51277

nbviewer-app aka Jupyter Notebook Viewer before 0.1.6 has the get-task-allow entitlement for release builds...

CVE-2023-51277

nbviewer-app aka Jupyter Notebook Viewer before 0.1.6 has the get-task-allow entitlement for release builds...

Design/Logic Flaw

nbviewer-app aka Jupyter Notebook Viewer before 0.1.6 has the get-task-allow entitlement for release builds...

CVE-2023-51277

nbviewer-app aka Jupyter Notebook Viewer before 0.1.6 has the get-task-allow entitlement for release builds...

CVE-2023-51277

CVE-2023-51277 affects nbviewer-app (Jupyter Notebook Viewer) prior to version 0.1.6, where the release build incorrectly included the get-task-allow entitlement. This misconfiguration can enable loading of untrusted code, with reported high impact on confidentiality, integrity, and availability....

CVE-2023-51277

nbviewer-app aka Jupyter Notebook Viewer before 0.1.6 has the get-task-allow entitlement for release builds...

Jupyter Notebook Viewer Security Vulnerability

Jupyter Notebook Viewer is a macOS application for viewing Jupyter/IPython notebooks. A security vulnerability exists in Jupyter Notebook Viewer prior to version 0.1.6, which stems from a problem with the get-task-allow function and can be exploited by an attacker to load untrusted code...

January 2, 2024, update for OneNote 2016 (KB5002500)

January 2, 2024, update for OneNote 2016 KB5002500 This article discusses update 5002500 for Microsoft OneNote 2016 that was released on January 2, 2024.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply...

Velociraptor 0.7.1 Release

Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...

Velociraptor 0.7.1 Release

Written by Dr. Michael Cohen Sigma Support, ETW Multiplexing, Local Encrypted Storage and New VQL Capabilities Highlight the Last Release of 2023 Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities th...

Malicious code in jupyter-notebook-deps (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 149056bec7a565568bd2ddea92746e800266ecb291da0df46551b2d1766551bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8721 Malicious code in jupyter-notebook-deps (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 149056bec7a565568bd2ddea92746e800266ecb291da0df46551b2d1766551bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...