3 matches found
a2 (>=0.1.0 <=0.3.17), acryl-datahub-gx-plugin (>=0.14.0.3 <=1.1.1rc4) +333 more potentially affected by CVE-2024-35178 via jupyter-server (>=0.0.5 <=2.14.0)
jupyter-server PYPI version =0.0.5, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 - atacworks =0.3.4 and more Source cves: CVE-2024-35178 Source advisory: OSV:GHSA-HRW6-WG82-CM62...
CVE-2024-35178 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-jupyter-server...
CVE-2024-35178
CVE-2024-35178 affects Jupyter Server on Windows, where unauthenticated attackers can leak the NTLMv2 password hash of the Windows user running the server. This can enable cracking the hash to gain access to the host or other networked systems, or allow NTLM relay-style access to additional machi...