[Git][security-tracker-team/security-tracker][master] Add CVE-2024-41942/jupyterhub

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df78ed04 by Salvatore Bonaccorso at 2024-08-08T22:29:07+02:00
Add CVE-2024-41942/jupyterhub

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -73,7 +73,10 @@ CVE-2024-42030 (Access permission verification vulnerability in the content shar
 CVE-2024-42001 (An improper authentication vulnerability affecting Vonets          ind ...)
 	NOT-FOR-US: Vonets industrial wifi bridge relays and wifi bridge repeaters
 CVE-2024-41942 (JupyterHub is software that allows one to create a multi-user server f ...)
-	TODO: check
+	- jupyterhub <unfixed>
+	NOTE: https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-9x4q-3gxw-849f
+	NOTE: https://github.com/jupyterhub/jupyterhub/commit/99e2720b0fc626cbeeca3c6337f917fdacfaa428 (4.1.6)
+	NOTE: https://github.com/jupyterhub/jupyterhub/commit/ff2db557a85b6980f90c3158634bf924063ab8ba (5.1.0)
 CVE-2024-41936 (A directory traversal vulnerability affecting Vonets industrial wifi b ...)
 	NOT-FOR-US: Vonets industrial wifi bridge relays and wifi bridge repeaters
 CVE-2024-41238 (A SQL injection vulnerability in /smsa/student_login.php in Kashipara  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df78ed0402bc3978244524b59c9f2e45a6164a55

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df78ed0402bc3978244524b59c9f2e45a6164a55
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240808/616d448e/attachment.htm>