Missing Websocket Authentication

Jupyter Server Proxy is vulnerable to Missing Websocket Authentication. The vulnerability is caused due to improper user authentication checks when proxying websockets within handlers.py. This allows an attacker to gain unauthenticated remote access to any websocket endpoint made accessible via the Jupyter Server Proxy, which can result in Remote Code…Read More

Back to Main

Subscribe for the latest news: