CVE-2024-22891

Description

Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link.

Affected packages (1)

• npm/nteractfrom 0, <= 0.28.0

References (3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-22891
• PATCHhttps://github.com/nteract/nteract
• WEBhttps://github.com/EQSTLab/PoC/tree/main/2024/RCE/CVE-2024-22891