VDB
CVE-2020-36191
CVE-2020-36191
PUBLISHED
JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user request (to add or remove a user account).
EPSS 0.12% · 31.1th percentile
Risk Scores
EPSS Score
0.12%
31.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | jupyterhub | 1.1.0 |
| Bitnami | jupyterhub | 1.1.0 |
Exploit Intelligence
Timeline
- Jan 13, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score