CVE-2024-22421 - OpenCVE

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an older `jupyter-server` version. JupyterLab versions 4.1.0b2, 4.0.11, and 3.6.7 are patched. No workaround has been identified, however users should ensure to upgrade `jupyter-server` to version 2.7.2 or newer which includes a redirect vulnerability fix.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Jupyter	Jupyterlab Notebook

Configuration 1 [-]

OR	cpe:2.3:a:jupyter:jupyterlab::::::::
	cpe:2.3:a:jupyter:jupyterlab::::::::
	cpe:2.3:a:jupyter:notebook::::::::

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6
https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQJKNRDRFMKGVRIYNNN6CKMNJDNYWO2H/

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-01-19T20:45:49.027Z

Updated: 2024-08-01T22:43:34.929Z

Reserved: 2024-01-10T15:09:55.555Z

Link: CVE-2024-22421

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2024-01-19T21:15:09.870

Modified: 2024-02-10T02:51:03.987

Link: CVE-2024-22421

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-22421", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-10T15:09:55.555Z", "datePublished": "2024-01-19T20:45:49.027Z", "dateUpdated": "2024-08-01T22:43:34.929Z"}, "containers": {"cna": {"title": "Potential authentication and CSRF tokens leak in JupyterLab", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-23", "lang": "en", "description": "CWE-23: Relative Path Traversal", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947"}, {"name": "https://github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6", "tags": ["x_refsource_MISC"], "url": "https://github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQJKNRDRFMKGVRIYNNN6CKMNJDNYWO2H/"}], "affected": [{"vendor": "jupyterlab", "product": "jupyterlab", "versions": [{"version": "< 3.6.7", "status": "affected"}, {"version": ">=4.0.0,< 4.0.11", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-19T20:45:49.027Z"}, "descriptions": [{"lang": "en", "value": "JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an older `jupyter-server` version. JupyterLab versions 4.1.0b2, 4.0.11, and 3.6.7 are patched. No workaround has been identified, however users should ensure to upgrade `jupyter-server` to version 2.7.2 or newer which includes a redirect vulnerability fix."}], "source": {"advisory": "GHSA-44cc-43rp-5947", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:43:34.929Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947"}, {"name": "https://github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQJKNRDRFMKGVRIYNNN6CKMNJDNYWO2H/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jupyter:jupyterlab:*:*:*:*:*:*:*:*", "matchCriteriaId": "6AB04D05-8A11-4C88-A8BC-654A2A735313", "versionEndExcluding": "3.6.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:jupyter:jupyterlab:*:*:*:*:*:*:*:*", "matchCriteriaId": "98056E64-C6C4-498A-9C3F-67A7F4F11261", "versionEndExcluding": "4.0.11", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF4CC1C2-B78B-466A-ACDE-4604DE69D4FD", "versionEndExcluding": "7.0.7", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an older `jupyter-server` version. JupyterLab versions 4.1.0b2, 4.0.11, and 3.6.7 are patched. No workaround has been identified, however users should ensure to upgrade `jupyter-server` to version 2.7.2 or newer which includes a redirect vulnerability fix."}, {"lang": "es", "value": "JupyterLab es un entorno extensible para inform\u00e1tica interactiva y reproducible, basado en Jupyter Notebook y Architecture. Los usuarios de JupyterLab que hacen clic en un enlace malicioso pueden exponer sus tokens de \"Autorizaci\u00f3n\" y \"XSRFToken\" a un tercero cuando ejecutan una versi\u00f3n anterior de \"jupyter-server\". Las versiones 4.1.0b2, 4.0.11 y 3.6.7 de JupyterLab est\u00e1n parcheadas. No se ha identificado ning\u00fan workaround; sin embargo, los usuarios deben asegurarse de actualizar `jupyter-server` a la versi\u00f3n 2.7.2 o posterior, que incluye una soluci\u00f3n de vulnerabilidad de redireccionamiento."}], "id": "CVE-2024-22421", "lastModified": "2024-02-10T02:51:03.987", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-01-19T21:15:09.870", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQJKNRDRFMKGVRIYNNN6CKMNJDNYWO2H/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-23"}], "source": "security-advisories@github.com", "type": "Primary"}]}