exploitDog

CVE-2023-51277

Опубликовано: 05 янв. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-task-allow entitlement for release builds.

Ссылки

https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087731
Not Applicable
https://github.com/tuxu/nbviewer-app/commit/dc1e4ddf64c78e13175a39b076fa0646fc62e581
Patch
https://github.com/tuxu/nbviewer-app/compare/0.1.5...0.1.6
Product
https://www.youtube.com/watch?v=c0nawqA_bdI
Exploit
Third Party Advisory
https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087731
Not Applicable
https://github.com/tuxu/nbviewer-app/commit/dc1e4ddf64c78e13175a39b076fa0646fc62e581
Patch
https://github.com/tuxu/nbviewer-app/compare/0.1.5...0.1.6
Product
https://www.youtube.com/watch?v=c0nawqA_bdI
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tinowagner:jupyter_notebook_viewer:*:*:*:*:*:macos:*:*

Версия до 0.1.6 (исключая)

EPSS

Процентиль: 59%

0.0038

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-h93h-6948-g84m

CVSS3: 9.8

github

около 2 лет назад

nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-task-allow entitlement for release builds.

EPSS

Процентиль: 59%

0.0038

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo