Lucene search
+L

10 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-40170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on /files/ URLs could allow exposure of certain file contents,...

6.1CVSS6.2AI score0.00542EPSS
Exploits0References3
openvas
openvas
added 2023/09/16 12:0 a.m.22 views

Fedora: Security Advisory (FEDORA-2023-3d77cfc654)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS5.5AI score0.00586EPSS
Exploits0References4
nessus
nessus
added 2023/09/09 12:0 a.m.23 views

Fedora 38 : python-jupyter-server (2023-88c411e973)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-88c411e973 advisory. Security fix for python-jupyter-server. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

6.1CVSS5.9AI score0.00586EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2023/08/29 11:34 p.m.6 views

3-04-2025-ttm (=0.1.0), a-mailx (=0.1.0) +4999 more potentially affected by CVE-2023-40170 via jupyter-server (>=0.0.5 <=2.7.0)

jupyter-server PYPI version =0.0.5, =0.1.0, =1.0.3, =0.1.8, =0.1.0, =1.0.0, =0.0.1, =0.1.3, =0.1.3, =0.1.4 and more Source cves: CVE-2023-40170 Source advisory: OSV:GHSA-64X5-55RW-9974...

6.1CVSS6.3AI score0.00542EPSS
Exploits0
circl
circl
added 2023/08/29 12:16 a.m.6 views

CVE-2023-40170

creationtimestamp| type| source ---|---|--- 2023-08-29 00:16:58+00:00| seen| https://t.me/cibsecurity/69321...

6.1CVSS6AI score0.00542EPSS
Exploits0References1
wolfi
wolfi
added 2023/08/28 9:15 p.m.39 views

CVE-2023-40170 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

6.1CVSS7.1AI score0.00542EPSS
Exploits0
vulnersosv
vulnersosv
added 2023/08/28 9:15 p.m.5 views

3-04-2025-ttm (=0.1.0), a-mailx (=0.1.0) +4999 more potentially affected by CVE-2023-40170 via jupyter-server (>=0.0.5 <=2.7.0)

jupyter-server PYPI version =0.0.5, =0.1.0, =1.0.3, =0.1.8, =0.1.0, =1.0.0, =0.0.1, =0.1.3, =0.1.3, =0.1.4 and more Source cves: CVE-2023-40170 Source advisory: OSV:PYSEC-2023-157...

6.1CVSS6.3AI score0.00542EPSS
Exploits0
osv
osv
added 2023/08/28 8:1 p.m.26 views

CVE-2023-40170 cross-site inclusion (XSSI) of files in jupyter-server

jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on /files/ URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via "Open image in new tab". This issue has been addressed in commit 87a49272728 which h...

4.6CVSS5.6AI score0.00542EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2023/08/28 8:1 p.m.16 views

CVE-2023-40170 cross-site inclusion (XSSI) of files in jupyter-server

jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on /files/ URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via "Open image in new tab". This issue has been addressed in commit 87a49272728 which h...

4.6CVSS6.6AI score0.00542EPSS
Exploits0References4
alpinelinux
alpinelinux
added 2023/08/28 8:1 p.m.31 views

CVE-2023-40170

jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on /files/ URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via "Open image in new tab". This issue has been addressed in commit 87a49272728 which h...

6.1CVSS6.1AI score0.00542EPSS
Exploits0
Rows per page
Query Builder