CVE-2021-32798: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook
First published: Mon Aug 09 2021(Updated: )
### Impact Untrusted notebook can execute code on load. This is a remote code execution, but requires user action to open a notebook. ### Patches 5.7.11, 6.4.1 ### References [OWASP Page on Injection Prevention](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html#injection-prevention-rules) ### For more information If you have any questions or comments about this advisory, or vulnerabilities to report, please email our security list security@ipython.org. Credit: Guillaume Jeanne from Google ### Example: A notebook with the following content in a cell and it would display an alert when opened for the first time in Notebook (in an untrusted state): ``` { "cell_type": "code", "execution_count": 0, "metadata": {}, "outputs": [ { "data": { "text/html": [ "<select><iframe></select><img src=x: onerror=alert('xss')>\n"], "text/plain": [] }, "metadata": {}, "output_type": "display_data" } ], "source": [ "" ] } ````
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jupyter Notebook | >=5.7.0<5.7.11 | |
| Jupyter Notebook | =6.4.0 | |
| pip/notebook | >=6.0.0<6.4.1 | 6.4.1 |
| pip/notebook | <5.7.11 | 5.7.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/jupyter/notebook/commit/79fc76e890a8ec42f73a3d009e44ef84c14ef0d5
- https://github.com/jupyter/notebook/security/advisories/GHSA-hwvq-6gjx-j797
- https://nvd.nist.gov/vuln/detail/CVE-2021-32798
- https://github.com/pypa/advisory-database/tree/main/vulns/notebook/PYSEC-2021-118.yaml
- https://github.com/advisories/GHSA-hwvq-6gjx-j797 (Advisory)
Frequently Asked Questions
What is CVE-2021-32798?
CVE-2021-32798 is a vulnerability in Jupyter Notebook that allows untrusted notebooks to execute code on load and trigger cross-site scripting (XSS) attacks.
How does CVE-2021-32798 affect Jupyter Notebook?
In affected versions of Jupyter Notebook (up to version 5.7.11 and version 6.4.0), untrusted notebooks can execute code on load and potentially cause XSS attacks.
What is the severity of CVE-2021-32798?
CVE-2021-32798 has a severity rating of 9.6 (critical).
How can I fix CVE-2021-32798 in Jupyter Notebook?
To fix CVE-2021-32798 in Jupyter Notebook, update to a version that includes the patch for this vulnerability. Check the official Jupyter Notebook GitHub repository for the latest releases and security advisories.
What is the Common Weakness Enumeration (CWE) ID for CVE-2021-32798?
The Common Weakness Enumeration (CWE) ID for CVE-2021-32798 is CWE-79, which represents Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/first-publish-date
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-hwvq-6gjx-j797
- alias/CVE-2021-32798
- agent/software-canonical-lookup
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/softwarecombine
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- agent/author
- collector/github-advisory
- agent/tags
- agent/trending
- vendor/jupyter
- canonical/jupyter notebook
- version/jupyter notebook/5.7.0
- version/jupyter notebook/6.4.0
- package-manager/pip