PT-2017-6869 · Project Jupyter+3 · Python+3
Vasyl Kaigorodov
·
Published
2015-08-03
·
Updated
2023-03-15
·
CVE-2015-5607
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IPython versions 2.0 through 2.4.0
IPython versions 3.0 through 3.2.2
Description
Cross-site request forgery in the REST API is possible. IPython is a command shell, and this issue affects its REST API.
Recommendations
For IPython versions 2.0 through 2.4.0, update to version 2.4.1 to resolve the issue.
For IPython versions 3.0 through 3.2.2, update to version 3.2.3 to resolve the issue.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Python
Linuxmint
Ubuntu