91 matches found
MAL-2025-1606 Malicious code in lsp-sample-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3952d2630fc48e566e4d96081001b64dcc66120b7d8b6102c663f11412dbfa36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-22415
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
Malicious code in chialisp-lsp-runner (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6dd3d79d6053db1cd153f11977e45ca5dabfc1ed73e22a68e807ce879e5be59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1073 Malicious code in chialisp-lsp-runner (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6dd3d79d6053db1cd153f11977e45ca5dabfc1ed73e22a68e807ce879e5be59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11083 Malicious code in ruby-lsp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23d59cae1de4c2853d318ad10197c82dc6f10fe194854b704b477cc20b271184 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in clarity-lsp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d50678beb5a4a291bb4ab69b2eb693fe20be992d14d36cbcfae5fee26bbb65c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10902 Malicious code in clarity-lsp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d50678beb5a4a291bb4ab69b2eb693fe20be992d14d36cbcfae5fee26bbb65c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
OPENSUSE-SU-2024:13601-1 jupyter-lsp-2.2.2-1.1 on GA media
These are all security issues fixed in the jupyter-lsp-2.2.2-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2024-22415
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
Path Traversal
jupyterlsp is vulnerable to Path Traversal. The vulnerability due to Installations of jupyter-lsp running in environments without configured file system access control. This flaw allows an attacker to modify the jupyter root directory...
CVE-2024-22415 vulnerabilities
Vulnerabilities for packages: py3-jupyter-lsp...
CVE-2024-22415 vulnerabilities
Vulnerabilities for packages: py3-jupyter-lsp...
Design/Logic Flaw
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
CVE-2024-22415
CVE-2024-22415 relates to the jupyter-lsp server extension for JupyterLab. The vulnerability stems from unsecured endpoints that, when the jupyter-server is exposed to untrusted networks, permit unauthorised access and modification of files outside the jupyter root. Fix: upgrade to version 2.2.2 ...
CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
autopilotml (>=1.0.1 <=1.0.14), chicken-coop (>=0.0.1 <=0.0.5) +13 more potentially affected by CVE-2024-22415 via jupyter-lsp (>=2.2.0 <=2.2.1)
jupyter-lsp PYPI version =2.2.0, =1.0.1, =0.0.1, =0.0.1, =1.16.0, =0.0.1, =0.0.22, =0.82.0, =1.0.4, =0.1.0.2, =0.0.2, =0.0.12 - zftracker =0.0.3 Source cves: CVE-2024-22415 Source advisory: OSV:GHSA-4QHP-652W-C22X...
Unsecured endpoints in the jupyter-lsp server extension
Impact Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root...
GHSA-4QHP-652W-C22X Unsecured endpoints in the jupyter-lsp server extension
Impact Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root...