Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS12amM0LTN2Z3gtcHE5aM4AA7wx
Nebari prints temporary Keycloak root password
Nebari through 2024.4.1 prints the temporary Keycloak root password.
Permalink: https://github.com/advisories/GHSA-vjc4-3vgx-pq9hJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS12amM0LTN2Z3gtcHE5aM4AA7wx
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 7 months ago
Updated: 5 months ago
Identifiers: GHSA-vjc4-3vgx-pq9h, CVE-2024-34529
References:
- https://nvd.nist.gov/vuln/detail/CVE-2024-34529
- https://github.com/nebari-dev/nebari/issues/2282
- https://github.com/nebari-dev/nebari/blob/5463e8df9e8d53a266a7b9d3d4e27353ec43c40b/src/_nebari/deploy.py#L71
- https://github.com/advisories/GHSA-vjc4-3vgx-pq9h
Blast Radius: 0.0
Affected Packages
pypi:nebari
Dependent packages: 7Dependent repositories: 1
Downloads: 2,549 last month
Affected Version Ranges: <= 2024.4.1
No known fixed version
All affected versions: 0.0.1, 2022.10.1, 2022.11.1, 2023.1.1, 2023.4.1, 2023.5.1, 2023.7.1, 2023.7.2, 2023.10.1, 2023.11.1, 2023.12.1, 2024.1.1, 2024.3.1, 2024.3.2, 2024.3.3, 2024.4.1