Skip to main content

Kubespawner

1 CVEs product

Monthly

CVE-2020-15110 PyPI HIGH POC PATCH This Week

In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Kubespawner
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
EPSS 1% CVSS 8.1
HIGH POC PATCH This Week

In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Kubespawner
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy