Lucene search
K

9 matches found

OSV
OSV
added 2023/08/29 11:34 p.m.35 views

GHSA-64X5-55RW-9974 cross-site inclusion (XSSI) of files in jupyter-server

Impact Improper cross-site credential checks on /files/ URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via "Open image in new tab". Patches Jupyter Server 2.7.2 Workarounds Use lower performance...

4.6CVSS5.3AI score0.00542EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2022/09/12 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2022-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.05664EPSS
Exploits2References8
Ubuntu
Ubuntu
added 2022/08/30 9:26 a.m.52 views

USN-5585-1: Jupyter Notebook vulnerabilities

It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. This issue only affected Ubuntu 18.04 LTS. CVE-2018-19351 It...

7.5CVSS6.1AI score0.01741EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/08/30 12:0 a.m.75 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Jupyter Notebook vulnerabilities (USN-5585-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5585-1 advisory. It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack ...

7.5CVSS6.1AI score0.01741EPSS
Exploits1References9
vulnersOsv
vulnersOsv
added 2022/05/14 1:10 a.m.7 views

arpes (>=1.0.0 <=2.2.0), convert-and-download (>=0.1.3 <=0.2.4) +24 more potentially affected by CVE-2019-9644 via notebook (>=4.2.3 <=5.7.5)

notebook PYPI version =4.2.3, =1.0.0, =0.1.3, =1.0.0b1, =0.0.2, =1.31.7.dev0, =0.1.1.10, =0.2.1, =0.1.6.2, =0.1.2, =0.1.0, =0.5.0, =1.0.1, =0.1.1, =1.0.1 - marvin-python-toolbox =0.0.4 and more Source cves: CVE-2019-9644 Source advisory: OSV:GHSA-HHX8-CR55-QCXX...

5.4CVSS6.5AI score0.01636EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/03 4:15 p.m.44 views

Security Bulletin: Jupyter vulnerabilities affect IBM Spectrum Conductor 2.3 and IBM Spectrum Conductor with Spark 2.2.1

Summary There are multiple vulnerabilities in the Jupyter notebook used by IBM Spectrum Conductor with Spark 2.2.1 and IBM Spectrum Conductor 2.3.0. IBM Spectrum Conductor has addressed the applicable CVEs. Vulnerability Details CVE-ID: CVE-2019-9644 Description: Jupyter Notebook could allow a...

6.1CVSS0.9AI score0.01741EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.27 views

Fedora 30 : python-notebook (2019-a6e1287e76)

Security fix for CVE-2019-10255, CVE-2019-9644. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

6.1CVSS6.4AI score0.01741EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/04/12 12:0 a.m.39 views

Fedora 29 : python-notebook (2019-9e67979b2a)

Security fix for CVE-2019-10255, CVE-2019-9644. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

6.1CVSS6.4AI score0.01741EPSS
Exploits0References3
CVE
CVE
added 2019/03/12 6:0 a.m.104 views

CVE-2019-9644

Jupyter Notebook before 5.7.6 is affected by an XSSI vulnerability that allows inclusion of resources on malicious pages when users are authenticated to a Jupyter server. The issue arises from improper handling of cross-site script inclusion and can lead to exposure of resource contents (notably ...

5.4CVSS5.6AI score0.01636EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder