VDB
CVE-2024-22415
CVE-2024-22415
PUBLISHED
CVSS 7.300000190734863 HIGH
Unsecured endpoints in the jupyter-lsp server extension
EPSS 0.17% · 37.5th percentile
Risk Scores
CVSS v3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.17%
37.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| jupyter | language_server_protocol_integration | 0 |
| jupyter-lsp | jupyterlab-lsp | * |
| PyPI | jupyter-lsp | 0 |
Timeline
- Jan 21, 1970 Security Advisory
- Jan 18, 2024 CVE Published
- Jan 24, 2024 EPSS Score
- Feb 21, 2024 EPSS Score
- Mar 20, 2024 EPSS Score
- Apr 16, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 11, 2024 EPSS Score
- Jul 9, 2024 EPSS Score
- Aug 5, 2024 EPSS Score
- Sep 2, 2024 EPSS Score
- Sep 30, 2024 EPSS Score
References
- https://github.com/jupyter-lsp/jupyterlab-lsp/security/advisories/GHSA-4qhp-652w-c22x url
- https://github.com/jupyter-lsp/jupyterlab-lsp/commit/4ad12f204ad0b85580fc32137c647baaff044e95 url
- https://nvd.nist.gov/vuln/detail/CVE-2024-22415 advisory
- https://github.com/jupyter-lsp/jupyterlab-lsp package
- https://github.com/jupyter-lsp/jupyterlab-lsp/releases/tag/v5.0.2 url