2 matches found
CVE-2026-54528
JupyterLab Git is a Git extension for JupyterLab. Prior to 0.54.0, jupyterlab-git uses fnmatch.fnmatchcase in GitHandler.prepare in jupyterlabgit/handlers.py to enforce excludedpaths, allowing an authenticated user on a case-insensitive filesystem to vary URL path casing and read excluded...
PT-2026-51066
Name of the Vulnerable Software and Affected Versions jupyterlab-git versions prior to 0.54.0 Description An authenticated user on a case-insensitive filesystem such as macOS APFS or Windows NTFS can bypass the excluded paths security control. The issue occurs because the GitHandler.prepare...