ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0067
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0067)
Resumen:	The remote host is missing an update for the 'jupyter-notebook' package(s) announced via the MGASA-2024-0067 advisory.
Descripción:	Summary: The remote host is missing an update for the 'jupyter-notebook' package(s) announced via the MGASA-2024-0067 advisory. Vulnerability Insight: Path traversal in moment.locale. (CVE-2022-24785) Inefficient parsing algorithm resulting in DoS. (CVE-2022-31129) Affected Software/OS: 'jupyter-notebook' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-24785 https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/ https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5 https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html Common Vulnerability Exposure (CVE) ID: CVE-2022-31129 https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/ https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3 https://github.com/moment/moment/pull/6015#issuecomment-1152961973 https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.