Explore top 10 tips to secure your open-source projects now. Read More
×
Jupyter Core could be made to run programs as your login if it opened a
specially crafted file.
Software Description:
- jupyter-core: Core common functionality of Jupyter projects (tools)
Details:
It was discovered that Jupyter Core executed untrusted files in the current
working directory. An attacker could possibly use this issue to execute
arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: python3-jupyter-core 4.11.1-1ubuntu0.22.10.1 Ubuntu 22.04 LTS (Available with Ubuntu Pro): python3-jupyter-core 4.9.1-1ubuntu0.1~esm1 Ubuntu 20.04 LTS (Available with Ubuntu Pro): python3-jupyter-core 4.6.3-3ubuntu0.1~esm1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): python-jupyter-core 4.4.0-2ubuntu0.1~esm1 python3-jupyter-core 4.4.0-2ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6153-1
CVE-2022-39286
Get the latest Linux and open source security news straight to your inbox.