new jupyter-issue

author: Moritz Muehlenhoff <jmm@debian.org> 2023-09-04 12:20:34 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2023-09-04 12:20:34 +0200
commit: 86356e005b4953b8a9f88ba21527d07ed157ffab (patch)
tree: 599780f992f5be19f4419abb309118f28ad1c965 /data
parent: 53bbf9473f03e67a29f4b4a25e1c1a9d655db281 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 4ac6379139..0a912073ff 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1062,7 +1062,11 @@ CVE-2023-40825 (An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker
 CVE-2023-40781 (Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remo ...)
 	- ming <removed>
 CVE-2023-39968 (jupyter-server is the backend for Jupyter web applications. Open Redir ...)
-	TODO: check
+	- jupyter-server <unfixed>
+	[bookworm] - jupyter-server <no-dsa> (Minor issue)
+	[bullseye] - jupyter-server <no-dsa> (Minor issue)
+	NOTE: https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-r726-vmfq-j9j3
+	NOTE: https://github.com/jupyter-server/jupyter_server/commit/290362593b2ffb23c59f8114d76f77875de4b925 (v2.7.2)
 CVE-2023-39650 (Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a  ...)
 	NOT-FOR-US: Theme Volty CMS Blog
 CVE-2023-39059 (An issue in ansible semaphore v.2.8.90 allows a remote attacker to exe ...)
author	Moritz Muehlenhoff <jmm@debian.org>	2023-09-04 12:20:34 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2023-09-04 12:20:34 +0200
commit	86356e005b4953b8a9f88ba21527d07ed157ffab (patch)
tree	599780f992f5be19f4419abb309118f28ad1c965 /data
parent	53bbf9473f03e67a29f4b4a25e1c1a9d655db281 (diff)