VYPR

apk package

wolfi/py3.11-jupyterhub

pkg:apk/wolfi/py3.11-jupyterhub

Vulnerabilities (3)

  • CVE-2026-40864MedMay 22, 2026
    affected < 5.4.6-r0fixed 5.4.6-r0

    JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection (updated in 4.1.0) inappropriately treated requests with Sec-Fetch-Mode: no-cors as same-origin requests, bypassing XSRF checks. The JSON

  • CVE-2024-41942Aug 8, 2024
    affected < 5.1.0-r0fixed 5.1.0-r0

    JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively sma

  • CVE-2024-38999CriJul 1, 2024
    affected < 5.2.0-r0fixed 5.2.0-r0

    jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

VYPR — Vulnerability Intelligence