10 matches found
EUVD-2020-0093
Malware in sbrugna...
CVE-2020-26261
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
CVE-2020-26261
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
CVE-2020-26261
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
PYSEC-2020-52
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
Design/Logic Flaw
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
PYSEC-2020-52
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
CVE-2020-26261 user-readable api tokens in systemd units
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...
GHSA-CG54-GPGR-4RM6 user-readable api tokens in systemd units for JupyterHub
Impact user API tokens issued to single-user servers are specified in the environment of systemd units, which are accessible to all users. In particular, the-littlest-jupyterhub is affected, which uses systemdspawner by default. Patches Patched in jupyterhub-systemdspawner v0.15 Workarounds No...
JupyterHub Security Breach
JupyterHub is a multi-user server for Jupyter. A security vulnerability exists in jupyterhub-systemdspawner, which stems from a vulnerability in systemdspawner that allows JupyterHub to generate single-user laptop servers using systemd. Prior to version 0.15, user API tokens sent to the single-us...