[IPython-dev] Vulnerability in IPython Notebook ≤ 1.1
rgbkrk at gmail.com
Mon Jul 14 11:20:13 EDT 2014
Correction, CVE ID was truncated. It should read:
The CVE ID is CVE-2014-3429 (
On Sun, Jul 13, 2014 at 3:56 PM, Kyle Kelley <rgbkrk at gmail.com> wrote:
> On IPython ≤ 1.1, a remote site could have exploited a vulnerability in
> cross origin websocket handling to execute code on an IPython kernel, with
> knowledge of the kernel id (which requires user intervention).
> This vulnerability was patched in
> https://github.com/ipython/ipython/pull/4845 and reported to the CVE
> (Common Vulnerabilities and Exposure) database.
> Summary given to the CVE database: The origin of websocket requests was
> not verified within the IPython notebook server. If an attacker has
> knowledge of an IPython kernel id they can run arbitrary code on a user's
> machine when the client visits a crafted malicious page.
> The CVE ID is CVE-2014-342 (
> If you were at SciPy and watched the final round of lightning talks, you
> already know about this vulnerability (as much as you can within a 5 minute
> talk that is).
> I wrote a more detailed explanation at
> Feel free to ask us (the IPython team) any questions!
> Kyle Kelley
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the IPython-dev