Fedora 21 : ipython-2.4.1-8.fc21 (2015-14901)

Add upstream patch to fix XSS vulnerability bug 1259405 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 22 : ipython-2.4.1-8.fc22 (2015-14902)

Add upstream patch to fix XSS vulnerability bug 1259405 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora Update for ipython FEDORA-2015-14901

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for ipython FEDORA-2015-14902

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2015-0372 Updated ipython packages fix CVE-2015-6938

Updated ipython packages fix security vulnerability: In IPython, local folder name was used in HTML templates without escaping, allowing XSS in said pages by carefully crafting folder name and URL to access it CVE-2015-6938...

Updated ipython packages fix CVE-2015-6938

Updated ipython packages fix security vulnerability: In IPython, local folder name was used in HTML templates without escaping, allowing XSS in said pages by carefully crafting folder name and URL to access it CVE-2015-6938...

Updated ipython package fixes security vulnerability

JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack CVE-2015-4707. POST requests exposed via the...

MGASA-2015-0300 Updated ipython package fixes security vulnerability

JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack CVE-2015-4707. POST requests exposed via the...

PT-2017-6869 · Project Jupyter +3 · Python +3

Name of the Vulnerable Software and Affected Versions: IPython versions 2.0 through 2.4.0 IPython versions 3.0 through 3.2.2 Description: Cross-site request forgery in the REST API is possible. IPython is a command shell, and this issue affects its REST API. Recommendations: For IPython versions...

[SECURITY] Fedora 21 Update: ipython-2.4.1-7.fc21

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

[SECURITY] Fedora 22 Update: ipython-2.4.1-7.fc22

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

Fedora 21 : ipython-2.4.1-7.fc21 (2015-11767)

Fix CSRF issue. - Fix font-awesome paths bug 1219956 - Add upstream patch to fix PyQt4 import bug 1219997 - Use python2 macros, fix python3 shebang fix Fix fontawesome path Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

Fedora 22 : ipython-2.4.1-7.fc22 (2015-11677)

Fix CSRF issue. - Fix font-awesome paths bug 1219956 - Add upstream patch to fix PyQt4 import bug 1219997 - Use python2 macros, fix python3 shebang fix Fix fontawesome path Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

Fedora Update for ipython FEDORA-2015-11767

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for ipython FEDORA-2015-11677

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : devel/ipython -- CSRF possible remote execution vulnerability (81326883-2905-11e5-a4a5-002590263bf5)

Kyle Kelley reports : Summary: POST requests exposed via the IPython REST API are vulnerable to cross-site request forgery CSRF. Web pages on different domains can make non-AJAX POST requests to known IPython URLs, and IPython will honor them. The user's browser will automatically send IPython...

devel/ipython -- CSRF possible remote execution vulnerability

Kyle Kelley reports: Summary: POST requests exposed via the IPython REST API are vulnerable to cross-site request forgery CSRF. Web pages on different domains can make non-AJAX POST requests to known IPython URLs, and IPython will honor them. The user's browser will automatically send IPython...

IPython JSON Error Response Cross-Site Scripting Vulnerability

IPython is an enhanced version of Python's native interactive shell. IPython suffers from cross-site scripting vulnerabilities that could be exploited by attackers to execute arbitrary script code in the context of an affected website in a browser without the user's knowledge. This could allow an...

FreeBSD : devel/ipython -- remote execution (a4460ac7-192c-11e5-9c01-bcaec55be5e5)

Kyle Kelley reports : Summary: JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack. This affects...

devel/ipython -- remote execution

Kyle Kelley reports: Summary: JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack. This affects use...