CVE-2023-39968
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2023-39968 is a new vulnerability affecting jupyter-server, the backend for Jupyter web applications. This issue involves an Open Redirect vulnerability, allowing maliciously crafted login links to redirect users to arbitrary sites. Successful logins or already logged-in sessions can be compromised, putting sensitive information at risk. The vulnerability has been addressed in commit `29036259`, which is included in release 2.7.2. Users are strongly encouraged to upgrade as soon as possible. Unfortunately, there are no known workarounds for this vulnerability, making an immediate upgrade the best course of action.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Jupyter Server
Affected Vendors
- Jupyter