5 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-41942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the...
CVE-2024-41942 vulnerabilities
Vulnerabilities for packages: py3-jupyterhub...
pythoncharmers-meta (>=0.1.0 <=0.2.1) potentially affected by CVE-2024-41942 via jupyterhub (=5.0.0b2)
jupyterhub PYPI version =5.0.0b2 is affected by a known vulnerability. The following packages have a transitive dependency on jupyterhub and may be impacted: - pythoncharmers-meta =0.1.0, =0.2.1 Source cves: CVE-2024-41942 Source advisory: OSV:GHSA-9X4Q-3GXW-849F...
conda-store (>=2024.6.1 <=2024.11.2), cylc-uiserver (>=0.1.0 <=0.3.0) +13 more potentially affected by CVE-2024-41942 via jupyterhub (>=0.8.1 <=4.0.2)
jupyterhub PYPI version =0.8.1, =2024.6.1, =0.1.0, =0.0.4, =1.3.7, =1.0.0, =0.2.0, =0.1.0, =0.0.0, =0.1.0, =0.10.0, =0.2.25, =0.0.1, =0.1.0, =0.0.2, =0.0.9 Source cves: CVE-2024-41942 Source advisory: OSV:GHSA-9X4Q-3GXW-849F...
CVE-2024-41942 JupyterHub has a privilege escalation vulnerability with the `admin:users` scope
JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that...