CVE-2025-30167 | Jupyter Core up to 5.7.x on Windows Environment Variable SYSTEM_CONFIG_PATH/SYSTEM_JUPYTER_PATH uncontrolled search path (GHSA-33p9-3p43-82vq)

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability classified as critical was found in Jupyter Core up to 5.7.x on Windows. This vulnerability affects unknown code of the component Environment Variable Handler. The manipulation of the argument SYSTEM_CONFIG_PATH/SYSTEM_JUPYTER_PATH leads to uncontrolled search path.

This vulnerability was named CVE-2025-30167. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-30167 | Jupyter Core up to 5.7.x on Windows Environment Variable SYSTEM_CONFIG_PATH/SYSTEM_JUPYTER_PATH uncontrolled search path (GHSA-33p9-3p43-82vq)

Post correlati

CVE-2024-23814 | Siemens SCALANCE WAB762-1 prior 3.0.0 resource consumption (ssa-769027)

CVE-2024-9357 | xili-tidy-tags Plugin up to 1.12.04 on WordPress cross site scripting

CVE-2021-47005 | Linux Kernel up to 5.10.37/5.11.21/5.12.4 PCI get_features null pointer dereference

CVE-2024-23858 | Cups Easy 1.0 URL stockissuancelinecreate.php batchno cross site scripting