Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Possible pod name collisions in jupyterhub-kubespawner
Vulnerability Description
In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. This has been fixed in 0.12.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
jupyterhub-kubespawner 安全漏洞
Vulnerability Description
jupyterhub-kubespawner是一款用于在Kubernetes群集上生成单用户笔记本服务器的软件包。 jupyterhub-kubespawner 0.12之前版本中存在安全漏洞。攻击者可利用该漏洞访问具有相同用户名的其他用户的默认服务器。
CVSS Information
N/A
Vulnerability Type
N/A