CVE-2019-10856

Опубликовано: 04 апр. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.

Ссылки

https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
Exploit
Vendor Advisory
https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea
Patch
Vendor Advisory
https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
Exploit
Vendor Advisory
https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*

Версия до 5.7.8 (исключая)

EPSS

Процентиль: 38%

0.00167

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

CVE-2019-10856

CVSS3: 6.1

ubuntu

почти 7 лет назад

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.

CVE-2019-10856

CVSS3: 6.1

debian

почти 7 лет назад

In Jupyter Notebook before 5.7.8, an open redirect can occur via an em ...

GHSA-rcx2-m7jp-p9wj

CVSS3: 6.1

github

почти 7 лет назад

Jupyter Notebook open redirect vulnerability

EPSS

Процентиль: 38%

0.00167

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601