Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2022-29238

Publication date 14 June 2022

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

4.3 · Medium

Score breakdown

Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual hidden files or files in hidden directories (i.e. hidden files were 'hidden' but not 'inaccessible'). This could lead to notebook configurations allowing authenticated access to files that may reasonably be expected to be disallowed. Because fully authenticated requests are required, this is of relatively low impact. But if a server's root directory contains sensitive files whose only protection from the server is being hidden (e.g. `~/.ssh` while serving $HOME), then any authenticated requests could access files if their names are guessable. Such contexts also necessarily have full access to the server and therefore execution permissions, which also generally grants access to all the same files. So this does not generally result in any privilege escalation or increase in information access, only an additional, unintended means by which the files could be accessed. Version 6.4.12 contains a patch for this issue. There are currently no known workarounds.

Read the notes from the security team

Status

Package Ubuntu Release Status
jupyter-notebook 23.10 mantic
Not affected
23.04 lunar Ignored end of life, was needed
22.10 kinetic Ignored end of life, was needed
22.04 LTS jammy
Fixed 6.4.8-1ubuntu0.1
21.10 impish Ignored end of life
20.04 LTS focal
Fixed 6.0.3-2ubuntu0.1
18.04 LTS bionic
Not affected

Notes

sbeattie

the allow-hidden feature was added in jupyter-notebook upstream commit 605eaa72b ("Added a flag to allow access of hidden files (#2819)") (version 5.3.0rc1), and as such, bionic's 5.2.x based version is not affected. Thanks to Luís Infante da Câmara for researching this.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
jupyter-notebook

Severity score breakdown

Parameter Value
Base score 4.3 · Medium
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality Low
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References

Related Ubuntu Security Notices (USN)

    • USN-5585-1
    • Jupyter Notebook vulnerabilities
    • 30 August 2022

Other references