apk package
wolfi/py3-jupyterhub
pkg:apk/wolfi/py3-jupyterhub
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41942 | — | < 5.1.0-r0 | 5.1.0-r0 | Aug 8, 2024 | JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively sma | ||
| CVE-2024-38999 | Cri | 10.0 | < 5.2.0-r0 | 5.2.0-r0 | Jul 1, 2024 | jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. |
- CVE-2024-41942Aug 8, 2024affected < 5.1.0-r0fixed 5.1.0-r0
JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively sma
- affected < 5.2.0-r0fixed 5.2.0-r0
jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.