Jupyter

Jupyter Server

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-35178

  • EPSS 0.73%
  • Published 06.06.2024 16:15:11
  • Last modified 21.11.2024 09:19:52

The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crac...

4.3

CVE-2023-49080

  • EPSS 0.24%
  • Published 04.12.2023 21:15:34
  • Last modified 21.11.2024 08:32:46

The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. Unhandled errors in API requests coming from an authenticated user include traceback...

6.1

CVE-2023-39968

  • EPSS 0.42%
  • Published 28.08.2023 21:15:07
  • Last modified 21.11.2024 08:16:08

jupyter-server is the backend for Jupyter web applications. Open Redirect Vulnerability. Maliciously crafted login links to known Jupyter Servers can cause successful login or an already logged-in session to be redirected to arbitrary sites, which sh...

6.1

CVE-2023-40170

  • EPSS 0.63%
  • Published 28.08.2023 21:15:07
  • Last modified 21.11.2024 08:18:55

jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on `/files/` URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via "Open image in new tab". This issu...

9

CVE-2022-29241

  • EPSS 0.24%
  • Published 14.06.2022 21:15:15
  • Last modified 21.11.2024 06:58:47

Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a value of `root_dir` that contains the starting us...

7.5

CVE-2022-24757

  • EPSS 0.32%
  • Published 23.03.2022 21:15:08
  • Last modified 21.11.2024 06:51:01

The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered,...

6.1

CVE-2020-26275

Exploit
  • EPSS 0.34%
  • Published 21.12.2020 18:15:15
  • Last modified 21.11.2024 05:19:43

The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause t...

5.5

CVE-2020-26232

  • EPSS 0.23%
  • Published 24.11.2020 21:15:11
  • Last modified 21.11.2024 05:19:36

Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted...