Lucene search
+L

4 matches found

vulnersOsv
vulnersOsv
added 2024/06/11 10:15 p.m.5 views

lftakakura-mage-ai (=0.9.37a1), mage-ai (>=0.0.6 <=0.9.72) potentially affected by CVE-2024-35225 via jupyter-server-proxy (>=3.2.1 <=3.2.3)

jupyter-server-proxy PYPI version =3.2.1, =0.0.6, =0.9.72 Source cves: CVE-2024-35225 Source advisory: OSV:PYSEC-2024-236...

9.6CVSS7.2AI score0.00442EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/06/11 9:45 p.m.16 views

CVE-2024-35225 Jupyter Server Proxy has a reflected XSS issue in host parameter

Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting XSS issue. The /proxy endpoint accepts a host path segmen...

9.6CVSS5.7AI score0.00442EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/11 9:45 p.m.57 views

CVE-2024-35225 Jupyter Server Proxy has a reflected XSS issue in host parameter

Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting XSS issue. The /proxy endpoint accepts a host path segmen...

9.6CVSS0.00442EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2024/06/11 9:12 p.m.4 views

lftakakura-mage-ai (=0.9.37a1), mage-ai (>=0.0.6 <=0.9.72) potentially affected by CVE-2024-35225 via jupyter-server-proxy (>=3.2.1 <=3.2.3)

jupyter-server-proxy PYPI version =3.2.1, =0.0.6, =0.9.72 Source cves: CVE-2024-35225 Source advisory: OSV:GHSA-FVCQ-4X64-HQXR...

9.6CVSS7.2AI score0.00442EPSS
Exploits0
Rows per page
Query Builder