GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
Authorization Bypass Through User-Controlled Key when using CILogonOAuthenticator oauthenticator
Moderate
CVE-2022-31027
was published
for
oauthenticator
(pip)
Jun 6, 2022
jupyter-scheduler's endpoint is missing authentication
Moderate
CVE-2024-28188
was published
for
jupyter-scheduler
(pip)
May 23, 2024
Globus `identity_provider` restriction ignored when used with `allow_all` in JupyterHub 5.0
High
CVE-2024-37300
was published
for
oauthenticator
(pip)
Jun 12, 2024
Jupyter Server Proxy's Websocket Proxying does not require authentication
Critical
CVE-2024-28179
was published
for
jupyter-server-proxy
(pip)
Mar 20, 2024
ProTip!
Advisories are also available from the
GraphQL API