{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-30370", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-03-21T14:12:06.272Z", "datePublished": "2025-04-03T22:00:44.476Z", "dateUpdated": "2025-04-04T18:54:20.953Z"}, "containers": {"cna": {"title": "jupyterlab-git has a command injection vulnerability in \"Open Git Repository in Terminal\"", "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8"}, {"name": "https://github.com/jupyterlab/jupyterlab-git/pull/1196", "tags": ["x_refsource_MISC"], "url": "https://github.com/jupyterlab/jupyterlab-git/pull/1196"}, {"name": "https://github.com/jupyterlab/jupyterlab-git/commit/b46482993f76d3a546015c6a94ebed8b77fc2376", "tags": ["x_refsource_MISC"], "url": "https://github.com/jupyterlab/jupyterlab-git/commit/b46482993f76d3a546015c6a94ebed8b77fc2376"}, {"name": "https://github.com/jupyterlab/jupyterlab-git/blob/7eb3b06f0092223bd5494688ec264527bbeb2195/src/commandsAndMenu.tsx#L175-L184", "tags": ["x_refsource_MISC"], "url": "https://github.com/jupyterlab/jupyterlab-git/blob/7eb3b06f0092223bd5494688ec264527bbeb2195/src/commandsAndMenu.tsx#L175-L184"}], "affected": [{"vendor": "jupyterlab", "product": "jupyterlab-git", "versions": [{"version": "< 0.51.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-04-03T22:00:44.476Z"}, "descriptions": [{"lang": "en", "value": "jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(<command>). These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a parent directory of this inappropriately-named Git repository, opens it, and clicks \"Git > Open Git Repository in Terminal\" from the menu bar, then the injected command <command> is run in the user's shell without the user's permission. This issue is occurring because when that menu entry is clicked, jupyterlab-git opens the terminal and runs cd <git-repo-path> through the shell to set the current directory. Doing so runs any command substitution strings present in the directory name, which leads to the command injection issue described here. A previous patch provided an incomplete fix. This vulnerability is fixed in 0.51.1."}], "source": {"advisory": "GHSA-cj5w-8mjf-r5f8", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-04T18:35:51.588736Z", "id": "CVE-2025-30370", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-04T18:54:20.953Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-30370", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-04T18:35:51.588736Z"}}}], "references": [{"url": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-04T18:54:11.372Z"}}], "cna": {"title": "jupyterlab-git has a command injection vulnerability in \"Open Git Repository in Terminal\"", "source": {"advisory": "GHSA-cj5w-8mjf-r5f8", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "jupyterlab", "product": "jupyterlab-git", "versions": [{"status": "affected", "version": "< 0.51.1"}]}], "references": [{"url": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8", "name": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/jupyterlab/jupyterlab-git/pull/1196", "name": "https://github.com/jupyterlab/jupyterlab-git/pull/1196", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/jupyterlab/jupyterlab-git/commit/b46482993f76d3a546015c6a94ebed8b77fc2376", "name": "https://github.com/jupyterlab/jupyterlab-git/commit/b46482993f76d3a546015c6a94ebed8b77fc2376", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/jupyterlab/jupyterlab-git/blob/7eb3b06f0092223bd5494688ec264527bbeb2195/src/commandsAndMenu.tsx#L175-L184", "name": "https://github.com/jupyterlab/jupyterlab-git/blob/7eb3b06f0092223bd5494688ec264527bbeb2195/src/commandsAndMenu.tsx#L175-L184", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(<command>). These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a parent directory of this inappropriately-named Git repository, opens it, and clicks \"Git > Open Git Repository in Terminal\" from the menu bar, then the injected command <command> is run in the user's shell without the user's permission. This issue is occurring because when that menu entry is clicked, jupyterlab-git opens the terminal and runs cd <git-repo-path> through the shell to set the current directory. Doing so runs any command substitution strings present in the directory name, which leads to the command injection issue described here. A previous patch provided an incomplete fix. This vulnerability is fixed in 0.51.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-04-03T22:00:44.476Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30370", "state": "PUBLISHED", "dateUpdated": "2025-04-04T18:54:20.953Z", "dateReserved": "2025-03-21T14:12:06.272Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-04-03T22:00:44.476Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(<command>). These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a parent directory of this inappropriately-named Git repository, opens it, and clicks \"Git > Open Git Repository in Terminal\" from the menu bar, then the injected command <command> is run in the user's shell without the user's permission. This issue is occurring because when that menu entry is clicked, jupyterlab-git opens the terminal and runs cd <git-repo-path> through the shell to set the current directory. Doing so runs any command substitution strings present in the directory name, which leads to the command injection issue described here. A previous patch provided an incomplete fix. This vulnerability is fixed in 0.51.1."}, {"lang": "es", "value": "jupyterlab-git es una extensi\u00f3n de JupyterLab para el control de versiones mediante Git. En muchas plataformas, un tercero puede crear un repositorio Git con un nombre que incluya una cadena de sustituci\u00f3n de comandos de shell en la sintaxis $(). Estos nombres de directorio est\u00e1n permitidos en macOS y la mayor\u00eda de las distribuciones de Linux. Si un usuario inicia jupyter-lab en un directorio principal de este repositorio Git con un nombre inapropiado, lo abre y hace clic en \"Git &gt; Abrir repositorio Git en la terminal\" en la barra de men\u00fa, el comando inyectado se ejecuta en la shell del usuario sin su permiso. Este problema se produce porque, al hacer clic en esa entrada del men\u00fa, jupyterlab-git abre la terminal y ejecuta cd en la shell para establecer el directorio actual. Al hacerlo, se ejecuta cualquier cadena de sustituci\u00f3n de comandos presente en el nombre del directorio, lo que provoca el problema de inyecci\u00f3n de comandos descrito aqu\u00ed. Un parche anterior proporcion\u00f3 una soluci\u00f3n incompleta. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 0.51.1. "}], "id": "CVE-2025-30370", "lastModified": "2025-04-07T14:18:34.453", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-04-03T22:15:21.190", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/jupyterlab/jupyterlab-git/blob/7eb3b06f0092223bd5494688ec264527bbeb2195/src/commandsAndMenu.tsx#L175-L184"}, {"source": "security-advisories@github.com", "url": "https://github.com/jupyterlab/jupyterlab-git/commit/b46482993f76d3a546015c6a94ebed8b77fc2376"}, {"source": "security-advisories@github.com", "url": "https://github.com/jupyterlab/jupyterlab-git/pull/1196"}, {"source": "security-advisories@github.com", "url": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "jupyterlab-git: jupyterlab-git has a command injection vulnerability in \"Open Git Repository in Terminal\"", "id": "2357342", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357342"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:H", "status": "draft"}, "cwe": "CWE-78", "details": ["jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(<command>). These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a parent directory of this inappropriately-named Git repository, opens it, and clicks \"Git > Open Git Repository in Terminal\" from the menu bar, then the injected command <command> is run in the user's shell without the user's permission. This issue is occurring because when that menu entry is clicked, jupyterlab-git opens the terminal and runs cd <git-repo-path> through the shell to set the current directory. Doing so runs any command substitution strings present in the directory name, which leads to the command injection issue described here. A previous patch provided an incomplete fix. This vulnerability is fixed in 0.51.1.", "A flaw was found in jupyterlab-git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(<command>). These directory names are allowed in macOS and a majority of Linux distributions. If a user starts jupyter-lab in a parent directory of this inappropriately-named Git repository, opens it, and clicks \"Git > Open Git Repository in Terminal\" from the menu bar, then the injected command <command> is run in the user's shell without the user's permission.\nThis issue allows for arbitrary code execution via command injection. A wide range of actions are permitted by this issue, including but not limited to: modifying files, exfiltrating data, halting services, or compromising the server's security rules."], "mitigation": {"lang": "en:us", "value": "It is recommended that users upgrade to the patched versions. However, if a user is unable to upgrade, there are 3 different ways to mitigate this vulnerability without upgrading to a patch.\n- Disable terminals on jupyter-server level:\nc.ServerApp.terminals_enabled = False\n- Disable the terminals server extension:\njupyter server extension disable jupyter_server_terminals\n- Disable the lab extension:\njupyter labextension disable @jupyterlab/terminal-extension"}, "name": "CVE-2025-30370", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-kf-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2025-04-03T22:00:44Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-30370\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-30370\nhttps://github.com/jupyterlab/jupyterlab-git/blob/7eb3b06f0092223bd5494688ec264527bbeb2195/src/commandsAndMenu.tsx#L175-L184\nhttps://github.com/jupyterlab/jupyterlab-git/commit/b46482993f76d3a546015c6a94ebed8b77fc2376\nhttps://github.com/jupyterlab/jupyterlab-git/pull/1196\nhttps://github.com/jupyterlab/jupyterlab-git/security/advisories/GHSA-cj5w-8mjf-r5f8"], "threat_severity": "Important"}