CVE-2014-3429: remote execution via cross origin websocket
Bug #1344854 reported by
Julian Taylor
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ipython (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
ipython 0.12 in precise is affected by CVE-2014-3429 which allows remote execution of code if one has knowledge of the kernel id (uuid)
the version in lucid and trusty are not affected
See this page for details of the issue:
http://
CVE References
To post a comment you must log in.
Looks good to me. Leaving for security team to handle sponsorship, as I don't know the proper procedure for uploading these.