In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.
References
Link | Resource |
---|---|
https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4 | Exploit Vendor Advisory |
https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-04-04T15:48:33
Updated: 2019-04-04T15:48:33
Reserved: 2019-04-04T00:00:00
Link: CVE-2019-10856
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-04-04T16:29:03.290
Modified: 2019-04-05T19:45:59.383
Link: CVE-2019-10856
JSON object: View
Redhat Information
No data.
CWE