USN-6153-1: Jupyter Core vulnerability
12 June 2023
Jupyter Core could be made to run programs as your login if it opened a specially crafted file.
- jupyter-core - Core common functionality of Jupyter projects (tools)
It was discovered that Jupyter Core executed untrusted files in the current
working directory. An attacker could possibly use this issue to execute
The problem can be corrected by updating your system to the following package versions:
- python3-jupyter-core - 4.9.1-1ubuntu0.1~esm1
- python3-jupyter-core - 4.6.3-3ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.