VYPR

apk package

chainguard/py3.12-jupyterhub-bin

pkg:apk/chainguard/py3.12-jupyterhub-bin

Vulnerabilities (2)

  • CVE-2024-41942Aug 8, 2024
    affected < 5.1.0-r0fixed 5.1.0-r0

    JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively sma

  • CVE-2024-38999CriJul 1, 2024
    affected < 5.2.0-r0fixed 5.2.0-r0

    jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.