9 matches found
CVE-2022-29238
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...
Linux Distros Unpatched Vulnerability : CVE-2022-29238
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with...
SUSE CVE-2022-29238
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...
Mageia: Security Advisory (MGASA-2022-0323)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5585-1: Jupyter Notebook vulnerabilities
It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. This issue only affected Ubuntu 18.04 LTS. CVE-2018-19351 It...
3deecelltracker (>=0.5.0a0 <=1.0.0), abracadabra (>=0.0.0 <=0.0.7) +101 more potentially affected by CVE-2022-29238 via notebook (>=4.2.3 <=6.4.11)
notebook PYPI version =4.2.3, =0.5.0a0, =0.0.0, =1.0.0, =1.0.0, =0.1.1, =1.0.1, =0.0.48, =1.0.0, =0.3.4, =0.1.0rc1, =0.0.1, =0.2.1 - combnetdep =1.0.0 and more Source cves: CVE-2022-29238 Source advisory: OSV:GHSA-V7VQ-3X77-87VG...
CVE-2022-29238 Forced Browsing in Jupyter Notebook
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...
CVE-2022-29238
CVE-2022-29238 affects Jupyter Notebook prior to 6.4.12, where authenticated requests to the notebook server could access files that are hidden but not inaccessible when ContentsManager.allow_hidden = False is used. The underlying issue is that hidden files/directories could be read if their name...
CVE-2022-29238
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...