https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 13:02:21 +0000 https://vulnerability.circl.lu/sighting/dd4f7473-f04b-4bbd-900e-32d6dd09c700/export {"uuid": "dd4f7473-f04b-4bbd-900e-32d6dd09c700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-30370", "type": "published-proof-of-concept", "source": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8", "content": "", "creation_timestamp": "2025-04-03T21:51:40.000000Z"} {"uuid": "dd4f7473-f04b-4bbd-900e-32d6dd09c700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-30370", "type": "published-proof-of-concept", "source": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8", "content": "", "creation_timestamp": "2025-04-03T21:51:40.000000Z"} https://vulnerability.circl.lu/sighting/dd4f7473-f04b-4bbd-900e-32d6dd09c700/export Thu, 03 Apr 2025 21:51:40 +0000 https://vulnerability.circl.lu/sighting/06225726-d2bb-4d28-89c5-5a9951529857/export {"uuid": "06225726-d2bb-4d28-89c5-5a9951529857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114276478970363828", "content": "", "creation_timestamp": "2025-04-03T22:51:28.479563Z"} {"uuid": "06225726-d2bb-4d28-89c5-5a9951529857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114276478970363828", "content": "", "creation_timestamp": "2025-04-03T22:51:28.479563Z"} https://vulnerability.circl.lu/sighting/06225726-d2bb-4d28-89c5-5a9951529857/export Thu, 03 Apr 2025 22:51:28 +0000 https://vulnerability.circl.lu/sighting/a4409961-b1fb-483e-a5ff-efe6b4fb4668/export {"uuid": "a4409961-b1fb-483e-a5ff-efe6b4fb4668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114276478970363828", "content": "", "creation_timestamp": "2025-04-03T22:51:28.488143Z"} {"uuid": "a4409961-b1fb-483e-a5ff-efe6b4fb4668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114276478970363828", "content": "", "creation_timestamp": "2025-04-03T22:51:28.488143Z"} https://vulnerability.circl.lu/sighting/a4409961-b1fb-483e-a5ff-efe6b4fb4668/export Thu, 03 Apr 2025 22:51:28 +0000 https://vulnerability.circl.lu/sighting/87e39540-2e78-4236-ae39-e72148629e36/export {"uuid": "87e39540-2e78-4236-ae39-e72148629e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llxactvxv22i", "content": "", "creation_timestamp": "2025-04-04T01:11:46.479403Z"} {"uuid": "87e39540-2e78-4236-ae39-e72148629e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llxactvxv22i", "content": "", "creation_timestamp": "2025-04-04T01:11:46.479403Z"} https://vulnerability.circl.lu/sighting/87e39540-2e78-4236-ae39-e72148629e36/export Fri, 04 Apr 2025 01:11:46 +0000 https://vulnerability.circl.lu/sighting/e4c983e0-f069-47f2-acd6-88fa09092fd9/export {"uuid": "e4c983e0-f069-47f2-acd6-88fa09092fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://t.me/cvedetector/22035", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30370 - Jupyterlab-Git Command Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-30370 \nPublished : April 3, 2025, 10:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(). These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a parent directory of this inappropriately-named Git repository, opens it, and clicks \"Git > Open Git Repository in Terminal\" from the menu bar, then the injected command is run in the user's shell without the user's permission. This issue is occurring because when that menu entry is clicked, jupyterlab-git opens the terminal and runs cd through the shell to set the current directory. Doing so runs any command substitution strings present in the directory name, which leads to the command injection issue described here. A previous patch provided an incomplete fix. This vulnerability is fixed in 0.51.1. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T02:06:55.000000Z"} {"uuid": "e4c983e0-f069-47f2-acd6-88fa09092fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30370", "type": "seen", "source": "https://t.me/cvedetector/22035", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30370 - Jupyterlab-Git Command Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-30370 \nPublished : April 3, 2025, 10:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(). These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a parent directory of this inappropriately-named Git repository, opens it, and clicks \"Git > Open Git Repository in Terminal\" from the menu bar, then the injected command is run in the user's shell without the user's permission. This issue is occurring because when that menu entry is clicked, jupyterlab-git opens the terminal and runs cd through the shell to set the current directory. Doing so runs any command substitution strings present in the directory name, which leads to the command injection issue described here. A previous patch provided an incomplete fix. This vulnerability is fixed in 0.51.1. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T02:06:55.000000Z"} https://vulnerability.circl.lu/sighting/e4c983e0-f069-47f2-acd6-88fa09092fd9/export Fri, 04 Apr 2025 02:06:55 +0000