MGASA-2020-0457

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0457.html

Import Source

https://advisories.mageia.org/MGASA-2020-0457.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2020-0457

Related

CVE-2020-26215

Published

2020-12-17T13:10:41Z

Modified

2020-12-17T12:25:46Z

Summary

Updated jupyter-notebook packages fix a security vulnerability

Details

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for known notebook server hosts. A link to your notebook server may appear safe, but ultimately redirect to a spoofed server on the public internet. (CVE-2020-26215)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / jupyter-notebook

Package

Name: jupyter-notebook
Purl: pkg:rpm/mageia/jupyter-notebook?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.7.8-1.1.mga7

Ecosystem specific

{
    "section": "core"
}