15 matches found
EUVD-2024-1797
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-28188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users...
CVE-2024-28188
Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...
Missing Authentication
jupyter-scheduler is vulnerable to Missing Authentication. The vulnerability is due to a missing authentication check on the /scheduler/runtimeenvironments API endpoint, allowing unauthenticated users to obtain the list of Conda environment names on the server...
amazon-sagemaker-jupyter-scheduler (>=3.2.1 <=3.2.2), argo-jupyter-scheduler (>=0.0.1 <=2024.6.1rc1) +3 more potentially affected by CVE-2024-28188 via jupyter-scheduler (=2.12.0)
jupyter-scheduler PYPI version =2.12.0 is affected by a known vulnerability. The following packages have a transitive dependency on jupyter-scheduler and may be impacted: - amazon-sagemaker-jupyter-scheduler =3.2.1, =0.0.1, =0.1.0, =1.4.16, =1.2.0, =1.3.11 Source cves: CVE-2024-28188 Source...
GHSA-V9G2-G7J4-4JXC jupyter-scheduler's endpoint is missing authentication
Impact jupyterscheduler is missing an authentication check in Jupyter Server on an API endpoint GET /scheduler/runtimeenvironments which lists the names of the Conda environments on the server. In affected versions, jupyterscheduler allows an unauthenticated user to obtain the list of Conda...
jupyter-scheduler's endpoint is missing authentication
Impact jupyterscheduler is missing an authentication check in Jupyter Server on an API endpoint GET /scheduler/runtimeenvironments which lists the names of the Conda environments on the server. In affected versions, jupyterscheduler allows an unauthenticated user to obtain the list of Conda...
CVE-2024-28188
Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...
CVE-2024-28188
Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...
UBUNTU-CVE-2024-28188
Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...
CVE-2024-28188 jupyter-scheduler's endpoint is missing authentication
Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...
CVE-2024-28188 jupyter-scheduler's endpoint is missing authentication
Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...
CVE-2024-28188
The vulnerability CVE-2024-28188 affects the Jupyter Scheduler extension, where an unauthenticated API endpoint can expose the list of Conda environments for a server’s jupyter-scheduler users. Root cause: missing authentication on the runtime_environments endpoint in Jupyter Server. Impact: disc...
CVE-2024-28188 jupyter-scheduler's endpoint is missing authentication
Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...
Jupyter Scheduler 安全漏洞
Jupyter Scheduler is a JupyterLab extension for running laptop jobs from the Jupyter organization. A security vulnerability exists in Jupyter Scheduler that stems from the fact that a user's list of conda environments may be publicly available, potentially revealing information about the projects...