15 matches found
Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2
Summary Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2 Vulnerability Details CVEID:CVE-2024-22415 DESCRIPTION: jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters +...
CVE-2024-22415
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
OPENSUSE-SU-2024:13601-1 jupyter-lsp-2.2.2-1.1 on GA media
These are all security issues fixed in the jupyter-lsp-2.2.2-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2024-22415
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
Path Traversal
jupyterlsp is vulnerable to Path Traversal. The vulnerability due to Installations of jupyter-lsp running in environments without configured file system access control. This flaw allows an attacker to modify the jupyter root directory...
CVE-2024-22415 vulnerabilities
Vulnerabilities for packages: py3-jupyter-lsp...
CVE-2024-22415 vulnerabilities
Vulnerabilities for packages: py3-jupyter-lsp...
Design/Logic Flaw
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
CVE-2024-22415
CVE-2024-22415 relates to the jupyter-lsp server extension for JupyterLab. The vulnerability stems from unsecured endpoints that, when the jupyter-server is exposed to untrusted networks, permit unauthorised access and modification of files outside the jupyter root. Fix: upgrade to version 2.2.2 ...
CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
GHSA-4QHP-652W-C22X Unsecured endpoints in the jupyter-lsp server extension
Impact Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root...
autopilotml (>=1.0.1 <=1.0.14), chicken-coop (>=0.0.1 <=0.0.5) +13 more potentially affected by CVE-2024-22415 via jupyter-lsp (>=2.2.0 <=2.2.1)
jupyter-lsp PYPI version =2.2.0, =1.0.1, =0.0.1, =0.0.1, =1.16.0, =0.0.1, =0.0.22, =0.82.0, =1.0.4, =0.1.0.2, =0.0.2, =0.0.12 - zftracker =0.0.3 Source cves: CVE-2024-22415 Source advisory: OSV:GHSA-4QHP-652W-C22X...
Unsecured endpoints in the jupyter-lsp server extension
Impact Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root...