Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this issue. There are no known workarounds.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:50
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
14 Jul 2023, 18:59
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-269 |
CWE-427 |
References | (DEBIAN) https://www.debian.org/security/2023/dsa-5422 - Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
09 Jun 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2022-10-26 20:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-39286
Mitre link : CVE-2022-39286
CVE.ORG link : CVE-2022-39286
JSON object : View
Products Affected
fedoraproject
- fedora
debian
- debian_linux
jupyter
- jupyter_core