Latest jupyter notebook Vulnerabilities

CVE-2024-22421
Potential authentication and CSRF tokens leak in JupyterLab
pip/notebook>=7.0.0<=7.0.6
pip/jupyterlab<=3.6.6
pip/jupyterlab>=4.0.0<=4.0.10
Jupyter Jupyterlab<3.6.7
Jupyter Jupyterlab>=4.0.0<4.0.11
Jupyter Notebook>=7.0.0<7.0.7
and 1 more
CVE-2024-22420
Stored cross site scripting in Markdown Preview in JupyterLab
Jupyter Jupyterlab>=4.0.0<4.0.11
Jupyter Notebook>=7.0.0<7.0.7
pip/notebook>=7.0.0<=7.0.6
pip/jupyterlab>=4.0.0<=4.0.10
Fedoraproject Fedora=39
CVE-2022-24758
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error i...
Jupyter Notebook<6.4.10
IBM Cognos Analytics 11.2.x<=IBM Cognos Analytics 11.2.x
IBM Cognos Analytics 11.1.x<=IBM Cognos Analytics 11.1.x
CVE-2021-32798
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Goog...
Jupyter Notebook>=5.7.0<5.7.11
Jupyter Notebook=6.4.0
CVE-2020-26215
Jupyter Notebook could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially-crafted URL to redi...
Jupyter Notebook<6.1.5
Debian Debian Linux=9.0
CVE-2018-21030
Jupyter Notebook<5.5.0
CVE-2019-10856
In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.
Jupyter Notebook<5.7.8
CVE-2019-10255
An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.6 allows crafted links to the login page, which will redir...
Jupyter Jupyterhub<0.9.5
Jupyter Notebook<5.7.7
CVE-2019-9644
An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. Access...
Jupyter Notebook<5.7.6
CVE-2018-19351
Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can ex...
pip/notebook<5.7.1
Jupyter Notebook<5.7.1
CVE-2018-19352
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.
Jupyter Notebook<5.7.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203