Skip to content

SSRF vulnerability in jupyter-server-proxy

Moderate severity GitHub Reviewed Published Jan 24, 2022 in jupyterhub/jupyter-server-proxy • Updated Feb 3, 2023

Package

pip jupyter-server-proxy (pip)

Affected versions

<= 3.2.0

Patched versions

3.2.1

Description

Impact

What kind of vulnerability is it? Server-Side Request Forgery ( SSRF )

Who is impacted? Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled.

A lack of input validation allowed authenticated clients to proxy requests to other hosts, bypassing the allowed_hosts check. Because authentication is required, which already grants permissions to make the same requests via kernel or terminal execution, this is considered low to moderate severity.

Patches

Has the problem been patched? What versions should users upgrade to?

Upgrade to 3.2.1, or apply the patch https://github.com/jupyterhub/jupyter-server-proxy/compare/v3.2.0...v3.2.1.patch

For more information

If you have any questions or comments about this advisory:

References

@manics manics published to jupyterhub/jupyter-server-proxy Jan 24, 2022
Published by the National Vulnerability Database Jan 25, 2022
Reviewed Jan 25, 2022
Published to the GitHub Advisory Database Jan 27, 2022
Last updated Feb 3, 2023

Severity

Moderate
6.3
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
Low
User interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
None
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

Weaknesses

CVE ID

CVE-2022-21697

GHSA ID

GHSA-gcv9-6737-pjqw

Source code

Credits

Checking history
See something to contribute? Suggest improvements for this vulnerability.