Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-10255 (GCVE-0-2019-10255)
Vulnerability from cvelistv5 – Published: 2019-03-28 15:30 – Updated: 2024-08-04 22:17
VLAI?
EPSS
Summary
An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:17:19.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"name": "FEDORA-2019-a6e1287e76",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"
},
{
"name": "FEDORA-2019-9e67979b2a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-12T02:06:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"name": "FEDORA-2019-a6e1287e76",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"
},
{
"name": "FEDORA-2019-9e67979b2a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"name": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"name": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"name": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"name": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4",
"refsource": "MISC",
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"name": "FEDORA-2019-a6e1287e76",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"
},
{
"name": "FEDORA-2019-9e67979b2a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10255",
"datePublished": "2019-03-28T15:30:39",
"dateReserved": "2019-03-28T00:00:00",
"dateUpdated": "2024-08-04T22:17:19.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jupyter:jupyterhub:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"0.9.5\", \"matchCriteriaId\": \"BD187FC8-D1B3-44B8-92EB-9EDD35DA60D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.7.7\", \"matchCriteriaId\": \"791BCAA5-DEE0-4ACC-A6B1-5CBE021E33C9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de redirecci\\u00f3n abierta para todos los navegadores en Jupyter Notebook, en versiones anteriores a la 5.7.7, y en algunos navegadores (Chrome, Firefox) en JupyterHub, en versiones anteriores a la 0.9.5, permite que los enlaces manipulados accedan a la p\\u00e1gina de inicio de sesi\\u00f3n, lo que redirigir\\u00e1 a un sitio malicioso despu\\u00e9s de un inicio de sesi\\u00f3n exitoso. No se ven afectados los servidores que ejecutan un prefijo \\\"base_url\\\".\"}]",
"id": "CVE-2019-10255",
"lastModified": "2024-11-21T04:18:45.393",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2019-03-28T16:29:00.567",
"references": "[{\"url\": \"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-601\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-10255\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-03-28T16:29:00.567\",\"lastModified\":\"2024-11-21T04:18:45.393\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de redirecci\u00f3n abierta para todos los navegadores en Jupyter Notebook, en versiones anteriores a la 5.7.7, y en algunos navegadores (Chrome, Firefox) en JupyterHub, en versiones anteriores a la 0.9.5, permite que los enlaces manipulados accedan a la p\u00e1gina de inicio de sesi\u00f3n, lo que redirigir\u00e1 a un sitio malicioso despu\u00e9s de un inicio de sesi\u00f3n exitoso. No se ven afectados los servidores que ejecutan un prefijo \\\"base_url\\\".\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jupyter:jupyterhub:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.9.5\",\"matchCriteriaId\":\"BD187FC8-D1B3-44B8-92EB-9EDD35DA60D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.7.7\",\"matchCriteriaId\":\"791BCAA5-DEE0-4ACC-A6B1-5CBE021E33C9\"}]}]}],\"references\":[{\"url\":\"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
OPENSUSE-SU-2024:11242-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
jupyter-notebook-6.2.0-1.4 on GA media
Notes
Title of the patch
jupyter-notebook-6.2.0-1.4 on GA media
Description of the patch
These are all security issues fixed in the jupyter-notebook-6.2.0-1.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11242
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "jupyter-notebook-6.2.0-1.4 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the jupyter-notebook-6.2.0-1.4 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11242",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11242-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-6524 page",
"url": "https://www.suse.com/security/cve/CVE-2016-6524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9971 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14041 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8768 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10255 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11358/"
}
],
"title": "jupyter-notebook-6.2.0-1.4 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11242-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.aarch64",
"product_id": "jupyter-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.aarch64",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.aarch64",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "python36-notebook-6.2.0-1.4.aarch64",
"product_id": "python36-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "python36-notebook-lang-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "python38-notebook-6.2.0-1.4.aarch64",
"product_id": "python38-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "python38-notebook-lang-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.aarch64",
"product": {
"name": "python39-notebook-6.2.0-1.4.aarch64",
"product_id": "python39-notebook-6.2.0-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.aarch64",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.aarch64",
"product_id": "python39-notebook-lang-6.2.0-1.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.ppc64le",
"product_id": "jupyter-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "python36-notebook-6.2.0-1.4.ppc64le",
"product_id": "python36-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "python36-notebook-lang-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "python38-notebook-6.2.0-1.4.ppc64le",
"product_id": "python38-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "python38-notebook-lang-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.ppc64le",
"product": {
"name": "python39-notebook-6.2.0-1.4.ppc64le",
"product_id": "python39-notebook-6.2.0-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.ppc64le",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.ppc64le",
"product_id": "python39-notebook-lang-6.2.0-1.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.s390x",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.s390x",
"product_id": "jupyter-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.s390x",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.s390x",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.s390x",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.s390x",
"product": {
"name": "python36-notebook-6.2.0-1.4.s390x",
"product_id": "python36-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.s390x",
"product_id": "python36-notebook-lang-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.s390x",
"product": {
"name": "python38-notebook-6.2.0-1.4.s390x",
"product_id": "python38-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.s390x",
"product_id": "python38-notebook-lang-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.s390x",
"product": {
"name": "python39-notebook-6.2.0-1.4.s390x",
"product_id": "python39-notebook-6.2.0-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.s390x",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.s390x",
"product_id": "python39-notebook-lang-6.2.0-1.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "jupyter-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "jupyter-notebook-6.2.0-1.4.x86_64",
"product_id": "jupyter-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "jupyter-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "jupyter-notebook-lang-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "jupyter-notebook-latex-6.2.0-1.4.x86_64",
"product": {
"name": "jupyter-notebook-latex-6.2.0-1.4.x86_64",
"product_id": "jupyter-notebook-latex-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python36-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "python36-notebook-6.2.0-1.4.x86_64",
"product_id": "python36-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python36-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "python36-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "python36-notebook-lang-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python38-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "python38-notebook-6.2.0-1.4.x86_64",
"product_id": "python38-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python38-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "python38-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "python38-notebook-lang-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python39-notebook-6.2.0-1.4.x86_64",
"product": {
"name": "python39-notebook-6.2.0-1.4.x86_64",
"product_id": "python39-notebook-6.2.0-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python39-notebook-lang-6.2.0-1.4.x86_64",
"product": {
"name": "python39-notebook-lang-6.2.0-1.4.x86_64",
"product_id": "python39-notebook-lang-6.2.0-1.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "jupyter-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "jupyter-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jupyter-notebook-latex-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64"
},
"product_reference": "jupyter-notebook-latex-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "python36-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "python36-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x"
},
"product_reference": "python36-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "python36-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python36-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "python36-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "python38-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "python38-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x"
},
"product_reference": "python38-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "python38-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python38-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "python38-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64"
},
"product_reference": "python39-notebook-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le"
},
"product_reference": "python39-notebook-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x"
},
"product_reference": "python39-notebook-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64"
},
"product_reference": "python39-notebook-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-notebook-lang-6.2.0-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
},
"product_reference": "python39-notebook-lang-6.2.0-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-6524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-6524"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-6524",
"url": "https://www.suse.com/security/cve/CVE-2016-6524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-6524"
},
{
"cve": "CVE-2016-9971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9971"
}
],
"notes": [
{
"category": "general",
"text": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9971",
"url": "https://www.suse.com/security/cve/CVE-2016-9971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9971"
},
{
"cve": "CVE-2018-14041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14041"
}
],
"notes": [
{
"category": "general",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14041",
"url": "https://www.suse.com/security/cve/CVE-2018-14041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-8768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8768"
}
],
"notes": [
{
"category": "general",
"text": "In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is \u0027fixed\u0027 by jQuery after sanitization, making it dangerous.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8768",
"url": "https://www.suse.com/security/cve/CVE-2018-8768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-8768"
},
{
"cve": "CVE-2019-10255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10255"
}
],
"notes": [
{
"category": "general",
"text": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10255",
"url": "https://www.suse.com/security/cve/CVE-2019-10255"
},
{
"category": "external",
"summary": "SUSE Bug 1131105 for CVE-2019-10255",
"url": "https://bugzilla.suse.com/1131105"
},
{
"category": "external",
"summary": "SUSE Bug 1131652 for CVE-2019-10255",
"url": "https://bugzilla.suse.com/1131652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-10255"
},
{
"cve": "CVE-2019-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"notes": [
{
"category": "general",
"text": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://www.suse.com/security/cve/CVE-2019-11358"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:jupyter-notebook-latex-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python36-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python38-notebook-lang-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-6.2.0-1.4.x86_64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.aarch64",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.ppc64le",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.s390x",
"openSUSE Tumbleweed:python39-notebook-lang-6.2.0-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11358"
}
]
}
CERTFR-2024-AVI-1103
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 ifix 01 | ||
| IBM | QRadar SIEM | Security QRadar Log Management AQL Plugin versions antérieures à 1.1.0 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 (fixpack) GA | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 (fixpack) GA | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.0 ifix 01 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11_ifix001 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": " Security QRadar Log Management AQL Plugin versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.0 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11_ifix001",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"name": "CVE-2023-41334",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41334"
},
{
"name": "CVE-2023-37536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37536"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2024-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22871"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2018-15209",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15209"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2018-17100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17100"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2022-34266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34266"
},
{
"name": "CVE-2020-35521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35521"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2024-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2019-6128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6128"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2024-45082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45082"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2023-4759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4759"
},
{
"name": "CVE-2017-11613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11613"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2024-41752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41752"
},
{
"name": "CVE-2023-50447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50447"
},
{
"name": "CVE-2018-18508",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18508"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2014-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1544"
},
{
"name": "CVE-2023-4421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4421"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50292"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2020-25648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25648"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-17007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17007"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2023-38289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38289"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2010-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2015-7182",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7182"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2018-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16335"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2020-19144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19144"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2017-12627",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12627"
},
{
"name": "CVE-2018-17101",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17101"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2014-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
},
{
"name": "CVE-2020-26261",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26261"
},
{
"name": "CVE-2023-24816",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24816"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2019-17546",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17546"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2022-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2020-15110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15110"
},
{
"name": "CVE-2023-25435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2017-18869",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18869"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2022-0891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0891"
},
{
"name": "CVE-2018-7456",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7456"
},
{
"name": "CVE-2023-38288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38288"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2017-18013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18013"
},
{
"name": "CVE-2023-25194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2016-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1938"
},
{
"name": "CVE-2017-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11698"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2024-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38337"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-12404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12404"
},
{
"name": "CVE-2019-14973",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14973"
},
{
"name": "CVE-2020-36191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36191"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2020-19131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19131"
},
{
"name": "CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2018-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5784"
},
{
"name": "CVE-2018-17000",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17000"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2020-35523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35523"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2022-34749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-11745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
},
{
"name": "CVE-2019-11729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
},
{
"name": "CVE-2024-34102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34102"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2021-32862",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32862"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2024-4367",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4367"
},
{
"name": "CVE-2024-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25016"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2023-25434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
},
{
"name": "CVE-2024-29896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29896"
},
{
"name": "CVE-2015-7181",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7181"
},
{
"name": "CVE-2020-18768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18768"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2017-5461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5461"
},
{
"name": "CVE-2014-1569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1569"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2017-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11695"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2017-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11697"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2018-19210",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19210"
},
{
"name": "CVE-2013-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2099"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-10255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10255"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-35524",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35524"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-35522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35522"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2017-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11696"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-1103",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177142",
"url": "https://www.ibm.com/support/pages/node/7177142"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177223",
"url": "https://www.ibm.com/support/pages/node/7177223"
},
{
"published_at": "2024-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179044",
"url": "https://www.ibm.com/support/pages/node/7179044"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179156",
"url": "https://www.ibm.com/support/pages/node/7179156"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179166",
"url": "https://www.ibm.com/support/pages/node/7179166"
},
{
"published_at": "2024-12-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178835",
"url": "https://www.ibm.com/support/pages/node/7178835"
}
]
}
CERTFR-2024-AVI-1103
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 ifix 01 | ||
| IBM | QRadar SIEM | Security QRadar Log Management AQL Plugin versions antérieures à 1.1.0 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 (fixpack) GA | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 (fixpack) GA | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.0 ifix 01 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11_ifix001 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": " Security QRadar Log Management AQL Plugin versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.0 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11_ifix001",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"name": "CVE-2023-41334",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41334"
},
{
"name": "CVE-2023-37536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37536"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2024-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22871"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2018-15209",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15209"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2018-17100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17100"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2022-34266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34266"
},
{
"name": "CVE-2020-35521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35521"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2024-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2019-6128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6128"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2024-45082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45082"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2023-4759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4759"
},
{
"name": "CVE-2017-11613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11613"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2024-41752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41752"
},
{
"name": "CVE-2023-50447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50447"
},
{
"name": "CVE-2018-18508",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18508"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2014-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1544"
},
{
"name": "CVE-2023-4421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4421"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2023-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50292"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2020-25648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25648"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2019-17007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17007"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2023-38289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38289"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2010-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2015-7182",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7182"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2018-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16335"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2020-19144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19144"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2017-12627",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12627"
},
{
"name": "CVE-2018-17101",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17101"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2014-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
},
{
"name": "CVE-2020-26261",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26261"
},
{
"name": "CVE-2023-24816",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24816"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2019-17546",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17546"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2022-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2020-15110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15110"
},
{
"name": "CVE-2023-25435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2017-18869",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18869"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2022-0891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0891"
},
{
"name": "CVE-2018-7456",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7456"
},
{
"name": "CVE-2023-38288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38288"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2017-18013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18013"
},
{
"name": "CVE-2023-25194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2016-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1938"
},
{
"name": "CVE-2017-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11698"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2024-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38337"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-12404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12404"
},
{
"name": "CVE-2019-14973",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14973"
},
{
"name": "CVE-2020-36191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36191"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2020-19131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19131"
},
{
"name": "CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2018-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5784"
},
{
"name": "CVE-2018-17000",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17000"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2020-35523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35523"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2022-34749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-11745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
},
{
"name": "CVE-2019-11729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
},
{
"name": "CVE-2024-34102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34102"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2021-32862",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32862"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2024-4367",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4367"
},
{
"name": "CVE-2024-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25016"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2023-25434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
},
{
"name": "CVE-2024-29896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29896"
},
{
"name": "CVE-2015-7181",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7181"
},
{
"name": "CVE-2020-18768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18768"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2017-5461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5461"
},
{
"name": "CVE-2014-1569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1569"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2017-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11695"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2017-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11697"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2018-19210",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19210"
},
{
"name": "CVE-2013-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2099"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-10255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10255"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-35524",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35524"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-35522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35522"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2017-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11696"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-1103",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177142",
"url": "https://www.ibm.com/support/pages/node/7177142"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177223",
"url": "https://www.ibm.com/support/pages/node/7177223"
},
{
"published_at": "2024-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179044",
"url": "https://www.ibm.com/support/pages/node/7179044"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179156",
"url": "https://www.ibm.com/support/pages/node/7179156"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179166",
"url": "https://www.ibm.com/support/pages/node/7179166"
},
{
"published_at": "2024-12-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178835",
"url": "https://www.ibm.com/support/pages/node/7178835"
}
]
}
GHSA-RV62-4PMJ-XW6H
Vulnerability from github – Published: 2019-04-02 15:46 – Updated: 2023-09-05 12:34
VLAI?
Summary
Open Redirect vulnerability in jupyterhub and notebook
Details
An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.6 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.
Severity ?
6.1 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "notebook"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.7.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "jupyterhub"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-10255"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:55:52Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.6 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.",
"id": "GHSA-rv62-4pmj-xw6h",
"modified": "2023-09-05T12:34:54Z",
"published": "2019-04-02T15:46:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10255"
},
{
"type": "WEB",
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"type": "WEB",
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"type": "WEB",
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"type": "WEB",
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-rv62-4pmj-xw6h"
},
{
"type": "PACKAGE",
"url": "https://github.com/jupyter/notebook"
},
{
"type": "WEB",
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Open Redirect vulnerability in jupyterhub and notebook"
}
FKIE_CVE-2019-10255
Vulnerability from fkie_nvd - Published: 2019-03-28 16:29 - Updated: 2024-11-21 04:18
Severity ?
Summary
An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jupyter | jupyterhub | * | |
| jupyter | notebook | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jupyter:jupyterhub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD187FC8-D1B3-44B8-92EB-9EDD35DA60D4",
"versionEndExcluding": "0.9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*",
"matchCriteriaId": "791BCAA5-DEE0-4ACC-A6B1-5CBE021E33C9",
"versionEndExcluding": "5.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected."
},
{
"lang": "es",
"value": "Una vulnerabilidad de redirecci\u00f3n abierta para todos los navegadores en Jupyter Notebook, en versiones anteriores a la 5.7.7, y en algunos navegadores (Chrome, Firefox) en JupyterHub, en versiones anteriores a la 0.9.5, permite que los enlaces manipulados accedan a la p\u00e1gina de inicio de sesi\u00f3n, lo que redirigir\u00e1 a un sitio malicioso despu\u00e9s de un inicio de sesi\u00f3n exitoso. No se ven afectados los servidores que ejecutan un prefijo \"base_url\"."
}
],
"id": "CVE-2019-10255",
"lastModified": "2024-11-21T04:18:45.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-28T16:29:00.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2019-09283
Vulnerability from cnvd - Published: 2019-04-01
VLAI Severity ?
Title
Jupyter Notebook和JupyterHub开放重定向漏洞
Description
Jupyter Notebook是一套用于创建、共享代码和说明性文本文档的开源Web应用程序。JupyterHub是一款用于Jupyter的多用户服务器。
Jupyter Notebook 5.7.7之前版本和JupyterHub 0.9.5之前版本中存在开放重定向漏洞。攻击者可借助特制的链接利用该漏洞将用户重定向到恶意的网站。
Severity
中
Patch Name
Jupyter Notebook和JupyterHub开放重定向漏洞的补丁
Patch Description
Jupyter Notebook是一套用于创建、共享代码和说明性文本文档的开源Web应用程序。JupyterHub是一款用于Jupyter的多用户服务器。
Jupyter Notebook 5.7.7之前版本和JupyterHub 0.9.5之前版本中存在开放重定向漏洞。攻击者可借助特制的链接利用该漏洞将用户重定向到恶意的网站。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
Impacted products
| Name | ['Jupyter JupyterHub <0.9.5', 'Jupyter Notebook <5.7.7'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-10255"
}
},
"description": "Jupyter Notebook\u662f\u4e00\u5957\u7528\u4e8e\u521b\u5efa\u3001\u5171\u4eab\u4ee3\u7801\u548c\u8bf4\u660e\u6027\u6587\u672c\u6587\u6863\u7684\u5f00\u6e90Web\u5e94\u7528\u7a0b\u5e8f\u3002JupyterHub\u662f\u4e00\u6b3e\u7528\u4e8eJupyter\u7684\u591a\u7528\u6237\u670d\u52a1\u5668\u3002\n\nJupyter Notebook 5.7.7\u4e4b\u524d\u7248\u672c\u548cJupyterHub 0.9.5\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u94fe\u63a5\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u6076\u610f\u7684\u7f51\u7ad9\u3002",
"discovererName": "unknwon",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-09283",
"openTime": "2019-04-01",
"patchDescription": "Jupyter Notebook\u662f\u4e00\u5957\u7528\u4e8e\u521b\u5efa\u3001\u5171\u4eab\u4ee3\u7801\u548c\u8bf4\u660e\u6027\u6587\u672c\u6587\u6863\u7684\u5f00\u6e90Web\u5e94\u7528\u7a0b\u5e8f\u3002JupyterHub\u662f\u4e00\u6b3e\u7528\u4e8eJupyter\u7684\u591a\u7528\u6237\u670d\u52a1\u5668\u3002\r\n\r\nJupyter Notebook 5.7.7\u4e4b\u524d\u7248\u672c\u548cJupyterHub 0.9.5\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u94fe\u63a5\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u6076\u610f\u7684\u7f51\u7ad9\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Jupyter Notebook\u548cJupyterHub\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Jupyter JupyterHub \u003c0.9.5",
"Jupyter Notebook \u003c5.7.7"
]
},
"serverity": "\u4e2d",
"submitTime": "2019-04-01",
"title": "Jupyter Notebook\u548cJupyterHub\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}
GSD-2019-10255
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-10255",
"description": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.",
"id": "GSD-2019-10255",
"references": [
"https://www.suse.com/security/cve/CVE-2019-10255.html",
"https://ubuntu.com/security/CVE-2019-10255",
"https://advisories.mageia.org/CVE-2019-10255.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-10255"
],
"details": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.",
"id": "GSD-2019-10255",
"modified": "2023-12-13T01:23:57.806595Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"name": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"name": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"name": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c",
"refsource": "MISC",
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"name": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4",
"refsource": "MISC",
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"name": "FEDORA-2019-a6e1287e76",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"
},
{
"name": "FEDORA-2019-9e67979b2a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c0.9.5",
"affected_versions": "All versions before 0.9.5",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-601",
"CWE-937"
],
"date": "2019-04-12",
"description": "An Open Redirect vulnerability for all browsers in Jupyter Notebook and some browsers (Chrome, Firefox) allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a `base_url` prefix are not affected.",
"fixed_versions": [
"1.0.0"
],
"identifier": "CVE-2019-10255",
"identifiers": [
"CVE-2019-10255"
],
"not_impacted": "All versions starting from 0.9.5",
"package_slug": "pypi/jupyter",
"pubdate": "2019-03-28",
"solution": "Upgrade to version 1.0.0 or above.",
"title": "URL Redirection to Untrusted Site (Open Redirect)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-10255",
"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
],
"uuid": "9891ca0e-b7da-4ea1-962f-fe35fe376db4"
},
{
"affected_range": "\u003c0.9.6",
"affected_versions": "All versions before 0.9.6",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-601",
"CWE-937"
],
"date": "2021-09-17",
"description": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.",
"fixed_versions": [
"0.9.6"
],
"identifier": "CVE-2019-10255",
"identifiers": [
"GHSA-rv62-4pmj-xw6h",
"CVE-2019-10255"
],
"not_impacted": "All versions starting from 0.9.6",
"package_slug": "pypi/jupyterhub",
"pubdate": "2019-04-02",
"solution": "Upgrade to version 0.9.6 or above.",
"title": "URL Redirection to Untrusted Site ",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-10255",
"https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb",
"https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b",
"https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed",
"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4",
"https://github.com/advisories/GHSA-rv62-4pmj-xw6h",
"https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
],
"uuid": "bdbde814-9e4a-48e3-a022-7e1298ed9f84"
},
{
"affected_range": "\u003c5.7.7",
"affected_versions": "All versions before 5.7.7",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-601",
"CWE-937"
],
"date": "2019-04-12",
"description": "An Open Redirect vulnerability for all browsers in Jupyter allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.",
"fixed_versions": [
"5.7.8"
],
"identifier": "CVE-2019-10255",
"identifiers": [
"CVE-2019-10255"
],
"not_impacted": "All versions starting from 5.7.7",
"package_slug": "pypi/notebook",
"pubdate": "2019-03-28",
"solution": "Upgrade to version 5.7.8 or above.",
"title": "URL Redirection to Untrusted Site (Open Redirect)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-10255",
"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
],
"uuid": "e4e19f5e-72e6-4fe9-99dd-d66ae319cea1"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:jupyter:jupyterhub:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.7.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10255"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"Patch"
],
"url": "https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"
},
{
"name": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"
},
{
"name": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"
},
{
"name": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"
},
{
"name": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"
},
{
"name": "FEDORA-2019-a6e1287e76",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"
},
{
"name": "FEDORA-2019-9e67979b2a",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
},
"lastModifiedDate": "2019-04-12T03:29Z",
"publishedDate": "2019-03-28T16:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…