Lucene search
Veracode Vulnerability DatabaseVERACODE:32806HistoryNov 05, 2021 - 3:33 a.m.
Session Fixation
2021-11-0503:33:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
0.001 Low
EPSS
Percentile
26.7%
jupyterhub is vulnerable to session fixation. The vulnerability exists due to the incomplete logout in the single-user server. An attacker is able to reinstate another user’s session if another active session is open.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jupyterhub | le | 1.4.2 | |
| jupyterhub | le | 1.4.2 |
Related
osv
osv
CVE-2021-41247
2021-11-04 18:15:08
incomplete JupyterHub logout with simultaneous JupyterLab sessions
2021-11-08 18:02:37
BIT-jupyterhub-2021-41247
2024-03-06 10:53:59
prion
prion
Open redirect
2021-11-04 18:15:00
cvelist
cvelist
CVE-2021-41247 incomplete logout in JupyterHub
2021-11-04 17:15:11
ubuntucve
ubuntucve
CVE-2021-41247
2021-11-04 00:00:00
nvd
nvd
CVE-2021-41247
2021-11-04 18:15:08
cve
cve
CVE-2021-41247
2021-11-04 18:15:08
debiancve
debiancve
CVE-2021-41247
2021-11-04 18:15:08
github
github
incomplete JupyterHub logout with simultaneous JupyterLab sessions
2021-11-08 18:02:37