Lucene search
+L

91 matches found

OSV
OSV
added 2025/02/28 4:0 p.m.3 views

MAL-2025-1606 Malicious code in lsp-sample-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3952d2630fc48e566e4d96081001b64dcc66120b7d8b6102c663f11412dbfa36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:44 p.m.7 views

CVE-2024-22415

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

9.8CVSS9.4AI score0.00491EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 8:16 a.m.4 views

Malicious code in chialisp-lsp-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6dd3d79d6053db1cd153f11977e45ca5dabfc1ed73e22a68e807ce879e5be59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/02/03 8:16 a.m.2 views

MAL-2025-1073 Malicious code in chialisp-lsp-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6dd3d79d6053db1cd153f11977e45ca5dabfc1ed73e22a68e807ce879e5be59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/11/27 6:19 a.m.9 views

MAL-2024-11083 Malicious code in ruby-lsp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23d59cae1de4c2853d318ad10197c82dc6f10fe194854b704b477cc20b271184 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/25 12:20 a.m.3 views

Malicious code in clarity-lsp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d50678beb5a4a291bb4ab69b2eb693fe20be992d14d36cbcfae5fee26bbb65c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/11/25 12:20 a.m.8 views

MAL-2024-10902 Malicious code in clarity-lsp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d50678beb5a4a291bb4ab69b2eb693fe20be992d14d36cbcfae5fee26bbb65c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.5 views

OPENSUSE-SU-2024:13601-1 jupyter-lsp-2.2.2-1.1 on GA media

These are all security issues fixed in the jupyter-lsp-2.2.2-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS9.6AI score0.00491EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/01/20 3:10 a.m.5 views

SUSE CVE-2024-22415

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

9.8CVSS6.9AI score0.00491EPSS
Exploits0References3
Veracode
Veracode
added 2024/01/19 2:30 p.m.19 views

Path Traversal

jupyterlsp is vulnerable to Path Traversal. The vulnerability due to Installations of jupyter-lsp running in environments without configured file system access control. This flaw allows an attacker to modify the jupyter root directory...

9.8CVSS6.6AI score0.00491EPSS
Exploits0References4Affected Software1
Chainguard
Chainguard
added 2024/01/18 9:15 p.m.42 views

CVE-2024-22415 vulnerabilities

Vulnerabilities for packages: py3-jupyter-lsp...

9.8CVSS7AI score0.00491EPSS
Exploits0
Wolfi
Wolfi
added 2024/01/18 9:15 p.m.32 views

CVE-2024-22415 vulnerabilities

Vulnerabilities for packages: py3-jupyter-lsp...

9.8CVSS7.2AI score0.00491EPSS
Exploits0
Prion
Prion
added 2024/01/18 9:15 p.m.17 views

Design/Logic Flaw

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

7.5CVSS7.1AI score0.00491EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/18 8:27 p.m.17 views

CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

7.3CVSS7.1AI score0.00491EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/18 8:27 p.m.45 views

CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

7.3CVSS9.7AI score0.00491EPSS
Exploits0References2
CVE
CVE
added 2024/01/18 8:27 p.m.333 views

CVE-2024-22415

CVE-2024-22415 relates to the jupyter-lsp server extension for JupyterLab. The vulnerability stems from unsecured endpoints that, when the jupyter-server is exposed to untrusted networks, permit unauthorised access and modification of files outside the jupyter root. Fix: upgrade to version 2.2.2 ...

9.8CVSS9.3AI score0.00491EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/01/18 8:27 p.m.37 views

CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

7.3CVSS9.1AI score0.00491EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2024/01/18 4:12 p.m.4 views

autopilotml (>=1.0.1 <=1.0.14), chicken-coop (>=0.0.1 <=0.0.5) +13 more potentially affected by CVE-2024-22415 via jupyter-lsp (>=2.2.0 <=2.2.1)

jupyter-lsp PYPI version =2.2.0, =1.0.1, =0.0.1, =0.0.1, =1.16.0, =0.0.1, =0.0.22, =0.82.0, =1.0.4, =0.1.0.2, =0.0.2, =0.0.12 - zftracker =0.0.3 Source cves: CVE-2024-22415 Source advisory: OSV:GHSA-4QHP-652W-C22X...

9.8CVSS7.7AI score0.00491EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/01/18 4:12 p.m.25 views

Unsecured endpoints in the jupyter-lsp server extension

Impact Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root...

9.8CVSS7.2AI score0.00491EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/01/18 4:12 p.m.6 views

GHSA-4QHP-652W-C22X Unsecured endpoints in the jupyter-lsp server extension

Impact Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root...

7.3CVSS7AI score0.00491EPSS
Exploits0References5
Rows per page
Query Builder