11 matches found
EUVD-2021-0104
Malware in sbrugna...
CVE-2021-41194
FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if createusers=True and t...
Unauthorized Access
jupyterhub-firstuseauthenticator is vulnerable to unauthorized access. When create users=True is set, An attacker is able to access the user files and create a parallel path...
Improper Access Control in jupyterhub-firstuseauthenticator
Impact When JupyterHub is used with FirstUseAuthenticator, the vulnerability allows unauthorized access to any user's account if createusers=True and the username is known or guessed. Patches Upgrade to jupyterhub-firstuseauthenticator to 1.0, or apply patch...
GHSA-5XVC-VGMP-JGC3 Improper Access Control in jupyterhub-firstuseauthenticator
Impact When JupyterHub is used with FirstUseAuthenticator, the vulnerability allows unauthorized access to any user's account if createusers=True and the username is known or guessed. Patches Upgrade to jupyterhub-firstuseauthenticator to 1.0, or apply patch...
CVE-2021-41194
FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if createusers=True and t...
Code injection
FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if createusers=True and t...
PYSEC-2021-384
FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if createusers=True and t...
CVE-2021-41194
CVE-2021-41194 affects the JupyterHub integration FirstUseAuthenticator. In versions prior to 1.0.0, if create_users = True and a user name is known or guessed, an attacker could gain unauthorized access to any user’s account. Mitigation: upgrade to version 1.0.0 or apply the patch referenced in ...
CVE-2021-41194 Improper Access Control in jupyterhub-firstuseauthenticator
FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. When JupyterHub is used with FirstUseAuthenticator, a vulnerability in versions prior to 1.0.0 allows unauthorized access to any user's account if createusers=True and t...
JupyterHub 安全漏洞
JupyterHub is a JupyterHub open source multi-user server for Jupyter. A security vulnerability exists in versions prior to JupyterHub 1.0.0 that stems from a vulnerability that allows unauthorized access to any user's account when JupyterHub is used with FirstUseAuthenticator...