jupyter-scheduler@0.4.0 vulnerabilities
A JupyterLab extension for running notebook jobs
-
latest version
2.10.0
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
13 days ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the jupyter-scheduler package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
jupyter-scheduler is an A JupyterLab extension for running notebook jobs Affected versions of this package are vulnerable to Exposure of Sensitive Information to an Unauthorized Actor due to improper authentication check on the endpoint Note This issue does not allow an unauthenticated third party to read, modify, or enter the Conda environments present on the server where jupyter_scheduler is running. This issue only reveals the list of Conda environment names. How to fix Exposure of Sensitive Information to an Unauthorized Actor? Upgrade |
[,1.1.6)
[1.2.0,1.2.1)
[1.3.0,1.8.2)
[2.0.0,2.5.2)
|