https://x7peeps.com/tags/JupyterHub/index.htmlHugozh-CNSun, 22 Jun 2025 00:00:00 +0800https://x7peeps.com/%E5%AE%89%E5%85%A8/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/04-%E6%B8%97%E9%80%8F%E6%94%BB%E5%87%BB/Jupyter_Notebook_JupyterHub_%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE_CVE_RCE_%E5%88%A9%E7%94%A8%E6%8A%80%E6%9C%AF/index.htmlSun, 22 Jun 2025 00:00:00 +0800https://x7peeps.com/%E5%AE%89%E5%85%A8/%E6%B8%97%E9%80%8F%E6%B5%8B%E8%AF%95/04-%E6%B8%97%E9%80%8F%E6%94%BB%E5%87%BB/Jupyter_Notebook_JupyterHub_%E6%9C%AA%E6%8E%88%E6%9D%83%E8%AE%BF%E9%97%AE_CVE_RCE_%E5%88%A9%E7%94%A8%E6%8A%80%E6%9C%AF/index.html深入分析 Jupyter Notebook/JupyterHub 的未授权访问、Token 暴露与暴力破解、恶意 Notebook 文件 RCE、JupyterHub 认证绕过、Jupyter Server Proxy XSS、OAuthenticator 账户接管、Kernel API 滥用、CORS 绕过等完整攻击面，覆盖 2018-2025 年高危 CVE 漏洞链及蓝队检测与应急响应