voilà-dashboard is an official application within the Jupyter ecosystem which is very popular.
This CVE is published 4 days and is emergent. according to the CVE description: Any deployment of voilà dashboard allows local file inclusion.
the exploit also is as simple as one simple GET request: curl localhost:8866/static/etc/passwd
voilà-dashboard is an official application within the Jupyter ecosystem which is very popular. This CVE is published 4 days and is emergent. according to the CVE description:
Any deployment of voilà dashboard allows local file inclusion
. the exploit also is as simple as one simple GET request:curl localhost:8866/static/etc/passwd
Ref: https://jupyter.org/ https://github.com/voila-dashboards/voila/security/advisories/GHSA-2q59-h24c-w6fg