CVE & CISA-KEV Catalog

CVE-2022-29238

MEDIUM
4.3
CVSS v3
NVD

Description

Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories (i.e. hidden files were 'hidden' but not 'inaccessible'). This could lead to notebook configurations allowing authenticated access to files that may reasonably be expected to be disallowed. Because fully authenticated requests are required, this is of relatively low impact. But if a server's root directory contains sensitive files whose only protection from the server is being hidden (e.g. `~/.ssh` while serving $HOME), then any authenticated requests could access files if their names are guessable. Such contexts also necessarily have full access to the server and therefore execution permissions, which also generally grants access to all the same files. So this does not generally result in any privilege escalation or increase in information access, only an additional, unintended means by which the files could be accessed. Version 6.4.12 contains a patch for this issue. There are currently no known workarounds.

How to fix

Remediation Available
jupyter-notebookDebian
Fixed in:6.4.12-1CVE-2022-29238
Fixed in:6.4.12-1CVE-2022-29238
Fixed in:6.4.12-1CVE-2022-29238
jupyter-notebookUbuntu
Fixed in:5.2.2-1ubuntu0.1USN-5585-1
Fixed in:6.0.3-2ubuntu0.1USN-5585-1
Fixed in:6.4.8-1ubuntu0.1USN-5585-1
python-notebookUbuntu
Fixed in:5.2.2-1ubuntu0.1USN-5585-1
python3-notebookUbuntu
Fixed in:5.2.2-1ubuntu0.1USN-5585-1
Fixed in:6.0.3-2ubuntu0.1USN-5585-1
Fixed in:6.4.8-1ubuntu0.1USN-5585-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityLow
IntegrityNone
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploit Intelligence

1.03%probability of exploitation in 30 days
60thpercentile

Moderate risk: more likely to be exploited than 60% of all known CVEs.

References

Third-Party Advisory1

Related Vulnerabilities

Other CWE-425 vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2024-45195High7.5100%KEVFix
CVE-2021-26085Medium5.3100%KEV + RansomFix
CVE-2024-0204Critical9.895%-Fix
CVE-2018-19207Critical9.887%-Fix
CVE-2017-17736Critical9.869%-Fix
CVE-2019-17503Medium5.349%--
Embed a live status badge for CVE-2022-29238
CVE-2022-29238 severity badge

Markdown

[![CVE-2022-29238](https://tridentstack.com/cve/badge/CVE-2022-29238.svg)](https://tridentstack.com/cve/CVE-2022-29238)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-29238"><img src="https://tridentstack.com/cve/badge/CVE-2022-29238.svg" alt="CVE-2022-29238"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.