ipycache is vulnerable to Code Injection · CVE-2019-7539 · GitHub Advisory Database · GitHub

ipycache is vulnerable to Code Injection

Critical severity GitHub Reviewed Published Mar 25, 2019 to the GitHub Advisory Database • Updated Aug 16, 2023

Package

ipycache (pip)

Affected versions

<= 0.1.4

Patched versions

None

Description

A code injection issue was discovered in ipycache versions up to 0.1.4.

References

Published by the National Vulnerability Database

Mar 21, 2019

Published to the GitHub Advisory Database Mar 25, 2019

Reviewed Jun 16, 2020

Last updated Aug 16, 2023

Severity

Critical

9.7

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H