oss-sec mailing list archives
Re: CVE Request: Maliciously crafted text files in IPython/Jupyter editor
From: MinRK <benjaminrk () gmail com>
Date: Tue, 22 Sep 2015 09:42:07 +0200
Is there any more information needed to get a CVE assignment on this? -MinRK On Wed, Sep 16, 2015 at 3:02 PM, MinRK <benjaminrk () gmail com> wrote:
Email address of requester: security () ipython org, benjaminrk () gmail com, rgbkrk () gmail com, jkamens () quantopian com, ssanderson () quantopian com Software name: IPython notebook / Jupyter notebook Type of vulnerability: Maliciously forged file Attack outcome: Possible remote execution Vulnerability: A maliciously forged file opened for editing can execute javascript, specifically by being redirected to /files/ due to a failure to treat the file as plain text. Affected versions: - IPython 3.0 ≤ version ≤ 3.2.1 - notebook 4.0 ≤ 4.0.4 URI with issues: - GET /edit/** Patches: - IPython 3.x: 0a8096adf165e2465550bd5893d7e352544e5967 ( https://github.com/ipython/ipython/commit/0a8096adf165e2465550bd5893d7e352544e5967 ) - Jupyter 4.0.x: 9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b5 ( https://github.com/jupyter/notebook/commit/9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b5 ) Mitigations: Upgrade to IPython/Jupyter notebook 4.0.5, 4.1 or 3.2.2 once available. If using pip, pip install --upgrade "ipython[notebook]<4.0" # for 3.2.2 pip install --upgrade notebook # for 4.1 or 4.0.5 For conda: conda update conda conda update ipython "ipython-notebook<4.0" # for 3.2.2 conda update notebook # for 4.1 or 4.0.5 Vulnerability reported by Jonathan Kamens at Quantopian
Current thread:
- CVE Request: Maliciously crafted text files in IPython/Jupyter editor MinRK (Sep 16)
- Re: CVE Request: Maliciously crafted text files in IPython/Jupyter editor MinRK (Sep 22)
- Re: CVE Request: Maliciously crafted text files in IPython/Jupyter editor cve-assign (Sep 23)