15 matches found
EUVD-2021-0141
Malware in sbrugna...
CVE-2021-39160
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
Code injection in nbgitpuller
Impact Due to an unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. Patches 0.10.2 Workarounds None, other than upgrade to 0.10.2 or downgrade to 0.8.x. For more information If you have any questions or comments about this...
GHSA-MQ5P-2MCR-M52J Code injection in nbgitpuller
Impact Due to an unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. Patches 0.10.2 Workarounds None, other than upgrade to 0.10.2 or downgrade to 0.8.x. For more information If you have any questions or comments about this...
Remote Code Execution (RCE)
nbgitpuller is vulnerable to remote code execution. The vulnerability exists due to lack of sanitization of input in the user environment when visiting maliciously crafted links...
CVE-2021-39160
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
CVE-2021-39160
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
PYSEC-2021-315
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
PYSEC-2021-315
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
PYSEC-2021-316
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
Input validation
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
CVE-2021-39160 Code injection in nbgitpuller
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...
CVE-2021-39160
nbgitpuller is a Jupyter server extension that is vulnerable to arbitrary code execution due to unsanitized input when visiting crafted links. The issue affects the component responsible for syncing a git repository to a local path and has been fixed in version 0.10.2; users are advised to upgrad...
nbgitpuller 操作系统命令注入漏洞
nbgitpuller is an open source Jupyter server extension for synchronizing a git repository to a local path . An operating system command injection vulnerability exists in versions prior to nbgitpuller 0.10.2. The vulnerability stems from the lack of effective validation and escaping of user input,...
PT-2021-22417 · Unknown · Nbgitpuller
Name of the Vulnerable Software and Affected Versions: nbgitpuller versions prior to 0.10.2 Description: The issue arises due to unsanitized input, allowing arbitrary code execution in the user environment when visiting maliciously crafted links. Recommendations: For versions prior to 0.10.2,...