CVE-2021-41247

Insufficient Session Expiration in pypi/jupyterhub

Identifiers

CVE-2021-41247, GHSA-cw7p-q79f-m2v7

Package Slug

pypi/jupyterhub

Vulnerability

Insufficient Session Expiration

Description

JupyterHub is an open source multi-user server for Jupyter notebooks. may see incomplete logout from the single-user server, as fresh credentials (for the single-user server only, not the Hub) reinstated after logout, if another active JupyterLab session is open while the logout takes place.

Affected Versions

All versions starting from 1.0.0 before 1.5.0

Solution

Upgrade to version 1.5.0 or above.

Last Modified

2021-11-11

source