Identifier

CVE-2020-15110

Package Slug

pypi/jupyterhub-kubespawner

Vulnerability

Incorrect Authorization

Description

In jupyterhub-kubespawner, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames.

Affected Versions

All versions before 0.12

Solution

Upgrade to version 0.12.0 or above.

Last Modified

2020-07-24

source