Jupyter Notebook 代码问题漏洞

Jupyter Notebook is a suite of open source web applications for creating and sharing code and illustrative text documents. A security vulnerability exists in Jupyter Notebook Core versions prior to 4.11.2, which stems from the inclusion of an arbitrary code execution in jupytercore...

CVE-2022-2428

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests...

Design/Logic Flaw

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests...

UBUNTU-CVE-2022-2428

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests...

CVE-2022-2428

CVE-2022-2428 affects GitLab EE/CE where a crafted tag in the Jupyter Notebook viewer enables an attacker to issue arbitrary HTTP requests. The issue affects all GitLab releases before 15.1.6, and across 15.2 (15.2.0–15.2.4) and 15.3 (15.3.0–15.3.2). Notably, the vulnerability is tied to the Jupy...

CVE-2022-2428

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests...

CVE-2022-2428

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests...

CVE-2022-2428

A crafted tag in the Jupyter Notebook viewer in GitLab EE/CE affecting all versions before 15.1.6, 15.2 to 15.2.4, and 15.3 to 15.3.2 allows an attacker to issue arbitrary HTTP requests...

CVE-2022-2428

Removed by vendor...

Mageia: Security Advisory (MGASA-2022-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated jupyter-notebook packages fix security vulnerability

It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. CVE-2018-19351 It was discovered that Jupyter Notebook...

MGASA-2022-0323 Updated jupyter-notebook packages fix security vulnerability

It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. CVE-2018-19351 It was discovered that Jupyter Notebook...

The vulnerability of the ipynb Notebook component of the Git-based software platform for collaborative code development on GitLab allows a hacker to send arbitrary HTTP requests.

The vulnerability of the ipynb Notebook component of the Git-based software development platform for collaborative code editing on GitLab is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to send arbitrary HTTP requests remotely...

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook arises from buffer overflow in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the IBM i2 Analyst’s Notebook visual analysis tool arises from an overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a attacker to execute arbitrary code using a specially created file...

USN-5585-1: Jupyter Notebook vulnerabilities

It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. This issue only affected Ubuntu 18.04 LTS. CVE-2018-19351 It...

USN-5585-1 jupyter-notebook vulnerabilities

It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. This issue only affected Ubuntu 18.04 LTS. CVE-2018-19351 It...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Jupyter Notebook vulnerabilities (USN-5585-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5585-1 advisory. It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack ...

PT-2022-4615 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 15.1.6 GitLab versions 15.2 through 15.2.4 GitLab versions 15.3 through 15.3.2 Description: The issue is related to insufficient input validation in the ipynb Notebook component of GitLab, a platform for collaborative...

The vulnerability of the System Management Mode (SMM) implementation in HP notebook BIOS microprogramming systems allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the System Management Mode SMM implementation in HP notebook BIOS microprogramming systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause system failures...

The vulnerability of the System Management Mode (SMM) implementation in HP notebook BIOS microprogramming systems allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the System Management Mode SMM implementation in HP notebook BIOS microprogramming systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause system failures...