249 matches found
PYSEC-2022-12
IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary...
CVE-2022-21699 Execution with Unnecessary Privileges in ipython
IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary...
CVE-2022-21699
IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary...
CVE-2022-21699 Execution with Unnecessary Privileges in ipython
IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary...
CVE-2022-21699 Execution with Unnecessary Privileges in ipython
IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary...
CVE-2022-21699
IPython Interactive Python is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary...
CVE-2022-21699
CVE-2022-21699 affects IPython and allows cross-user code execution by IPython potentially executing config files from the current working directory. The vulnerability arises from not properly managing cross-user temporary files, enabling one user to run code as another on the same machine. Publi...
ipython -- Execution with Unnecessary Privileges
IPython project reports: IPython 8.0.1, 7.31.1 and 5.11 are security releases that change some default values in order to prevent potential Execution with Unnecessary Privileges...
PT-2022-4801 · Python +4 · Python +4
Name of the Vulnerable Software and Affected Versions: IPython versions prior to 7.31.1 IPython versions prior to 8.0.1 IPython versions prior to 7.16.3 Description: The issue is related to arbitrary code execution achieved by not properly managing cross-user temporary files. This allows one user...
cylc-uiserver (>=0.1.0 <=0.3.0), jhub-swarmspawner (>=0.2.0 <=0.2.6) +2 more potentially affected by CVE-2021-41247 via jupyterhub (>=1.0.0 <=1.4.2)
jupyterhub PYPI version =1.0.0, =0.1.0, =0.2.0, =0.2.25, =0.0.1, =0.1.6 Source cves: CVE-2021-41247 Source advisory: OSV:GHSA-CW7P-Q79F-M2V7...
cylc-uiserver (>=0.1.0 <=0.3.0), jhub-swarmspawner (>=0.2.0 <=0.2.6) +2 more potentially affected by CVE-2021-41247 via jupyterhub (>=1.0.0 <=1.4.2)
jupyterhub PYPI version =1.0.0, =0.1.0, =0.2.0, =0.2.25, =0.0.1, =0.1.6 Source cves: CVE-2021-41247 Source advisory: OSV:PYSEC-2021-386...
USN-4855-1 ipython vulnerability
It was discovered that IPython did not properly sanitize certain input. If a user were tricked into opening a specially crafted notebook file, a remote attacker could possibly use this issue to execute arbitrary code...
USN-4855-1: IPython vulnerability
It was discovered that IPython did not properly sanitize certain input. If a user were tricked into opening a specially crafted notebook file, a remote attacker could possibly use this issue to execute arbitrary code...
Pylane - An Python VM Injector With Debug Tools, Based On GDB
Pylane is a python vm injector with debug tools, based on gdb and ptrace. Pylane uses gdb to trace python process, inject and run some code in its python vm. Usage use inject command to inject a python script in an process: pylane inject use shell command to inject an interactive shell: pylane...
Cross-site Scripting (XSS)
invenio-previewer is vulnerable to cross-site scripting XSS. It does not escape the user-uploaded file and directly render the file in the JSON, Markdown and iPython Notebook previewers, allowing an attacker to inject arbitrary Javascript into a victim's browser using a malicious file...
GHSA-J9M2-6HQ2-4R3C Cross-site Scripting in invenio-previewer
Cross-Site Scripting XSS vulnerability in JSON, Markdown and iPython Notebook previewers Impact Several Cross-Site Scripting XSS vulnerabilities have been found in the JSON, Markdown and iPython Notebook previewers. The vulnerabilities would allow a malicous user to upload a JSON, Markdown or...
Cross-site Scripting in invenio-previewer
Cross-Site Scripting XSS vulnerability in JSON, Markdown and iPython Notebook previewers Impact Several Cross-Site Scripting XSS vulnerabilities have been found in the JSON, Markdown and iPython Notebook previewers. The vulnerabilities would allow a malicous user to upload a JSON, Markdown or...
Python-Nubia - A Command-Line And Interactive Shell Framework
Nubia is a lightweight framework for building command-line applications with Python. It was originally designed for the “logdevice interactive shell aka. ldshell” at Facebook. Since then it was factored out to be a reusable component and several internal Facebook projects now rely on it as a quic...
Gitlab IPython notebooks component cross-site scripting vulnerability
GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository , which has similar features to Github , you can access the project's file content , commit history , bug lists , etc. GitLab Community Edition CE is...
CVE-2017-0923
Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting...