CVE-2023-39968

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Aug 28, 2023
Updated: Sep 15, 2023
CWE ID 601

Summary

CVE-2023-39968 is a new vulnerability affecting jupyter-server, the backend for Jupyter web applications. This issue involves an Open Redirect vulnerability, allowing maliciously crafted login links to redirect users to arbitrary sites. Successful logins or already logged-in sessions can be compromised, putting sensitive information at risk. The vulnerability has been addressed in commit `29036259`, which is included in release 2.7.2. Users are strongly encouraged to upgrade as soon as possible. Unfortunately, there are no known workarounds for this vulnerability, making an immediate upgrade the best course of action.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share