CVE-2014-3429: Code Injection
First published: Tue Jul 15 2014(Updated: )
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/ipython | <2.0.0 | 2.0.0 |
| pip/ipython | >=0.12<1.2.0 | 1.2.0 |
| openSUSE | =13.1 | |
| openSUSE | =13.2 | |
| IPython Notebook | =0.12 | |
| IPython Notebook | =0.12.1 | |
| IPython Notebook | =0.13 | |
| IPython Notebook | =0.13.1 | |
| IPython Notebook | =0.13.2 | |
| IPython Notebook | =1.0.0 | |
| IPython Notebook | =1.1.0 | |
| Mageia | =3.0 | |
| Mageia | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://openwall.com/lists/oss-security/2014/07/15/2
- http://permalink.gmane.org/gmane.comp.python.ipython.devel/13198
- https://github.com/ipython/ipython/pull/4845
- http://ipython.org/ipython-doc/stable/whatsnew/github-stats-2.0.html
- http://lambdaops.com/cross-origin-websocket-hijacking-of-ipython
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1119891
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1119892
- https://admin.fedoraproject.org/updates/ipython-0.13.2-4.fc20
- https://bugzilla.redhat.com/show_bug.cgi?id=1119890
- https://nvd.nist.gov/vuln/detail/CVE-2014-3429
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94497
- http://advisories.mageia.org/MGASA-2014-0320.html
- http://lists.opensuse.org/opensuse-updates/2014-08/msg00039.html
- http://seclists.org/oss-sec/2014/q3/152
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:160
- https://github.com/ipython/ipython/commit/e5b669ce4750d628dba383fd637dbde918ea15f5
- https://github.com/mattvonrocketstein/ipython/commit/dd4135db9f42d196a46553310a8e63ff5658671d
- https://github.com/advisories/GHSA-75cw-5cgv-g853 (Advisory)
- https://github.com/pypa/advisory-database/tree/main/vulns/ipython/PYSEC-2014-21.yaml
Frequently Asked Questions
What is the severity of CVE-2014-3429?
CVE-2014-3429 is considered a critical vulnerability because it allows remote attackers to execute arbitrary code.
How do I fix CVE-2014-3429?
To fix CVE-2014-3429, upgrade IPython Notebook to version 1.2.0 or later.
What versions of IPython Notebook are affected by CVE-2014-3429?
IPython Notebook versions 0.12 through 1.x before 1.2.0 are affected by CVE-2014-3429.
Is there a workaround for CVE-2014-3429?
There is no documented workaround for CVE-2014-3429; upgrading to a secure version is recommended.
What type of attack does CVE-2014-3429 facilitate?
CVE-2014-3429 facilitates cross-site request forgery attacks that can result in arbitrary code execution.
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/remedy
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-3429
- agent/software-canonical-lookup
- agent/description
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/event
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-75cw-5cgv-g853
- agent/severity
- agent/last-modified-date
- agent/references
- collector/github-advisory
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/redhat
- package-manager/pip
- vendor/opensuse
- canonical/opensuse
- version/opensuse/13.1
- version/opensuse/13.2
- vendor/ipython
- canonical/ipython notebook
- version/ipython notebook/0.12
- version/ipython notebook/0.12.1
- version/ipython notebook/0.13
- version/ipython notebook/0.13.1
- version/ipython notebook/0.13.2
- version/ipython notebook/1.0.0
- version/ipython notebook/1.1.0
- vendor/mageia
- canonical/mageia
- version/mageia/3.0
- version/mageia/4.0