Filter
-Infinity
0

pip/jupyterlabHTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering

7.6
First published (updated )

JupyterHub NbgitpullerJupyterHub has a privilege escalation vulnerability with the `admin:users` scope

7.2
First published (updated )

Jupyter Server ProxyJupyter Server Proxy has a reflected XSS issue in host parameter

First published (updated )

pip/jupyter_serverJupyter server on Windows discloses Windows user password hash

7.5
First published (updated )

pip/jupyter-server-proxyJupyter Server Proxy's Websocket Proxying does not require authentication

EPSS
0.04%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

pip/jupyterlabPotential authentication and CSRF tokens leak in JupyterLab

7.6
EPSS
0.06%
First published (updated )

pip/notebookStored cross site scripting in Markdown Preview in JupyterLab

EPSS
0.05%
First published (updated )

pip/jupyter-lspUnsecured endpoints in the jupyter-lsp server extension

EPSS
0.09%
First published (updated )

Jupyter DockerspawnerAny image allowed by default

First published (updated )

pip/jupyter-serverJupyter Server errors include tracebacks with path information

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

pip/jupyter-serverOpen Redirect Vulnerability in jupyter-server

First published (updated )

pip/jupyter-servercross-site inclusion (XSSI) of files in jupyter-server

First published (updated )

debian/jupyter-coreExecution with Unnecessary Privileges in JupyterApp

8.8
First published (updated )

IBM Cognos Analyticsnbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths

7.5
First published (updated )

pip/jupyter-serverKnown or guessable hidden files may be accessed in Jupyter Server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Jupyter NotebookForced Browsing in Jupyter Notebook

First published (updated )

Jupyter OAuthenticatorAuthorization Bypass Through User-Controlled Key when using CILogonOAuthenticator in oauthenticator

First published (updated )

IBM Cognos AnalyticsInsertion of Sensitive Information into Log File affects Jupyter Notebook

7.5
First published (updated )

Jupyter Server ProxySensitive Auth & Cookie data stored in Jupyter server logs

7.5
First published (updated )

pip/jupyter-server-proxySSRF vulnerability (requires authentication)

7.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

pip/jupyterhubincomplete logout in JupyterHub

7.5
First published (updated )

Jupyter NbdimeStored XSS in Jupyter nbdime

8.7
First published (updated )

pip/binderhubRemote code execution in Binderhub

First published (updated )

Jupyter NotebookFailure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook

First published (updated )

pip/jupyterlabJupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

IBM Cognos AnalyticsCSRF

First published (updated )

pip/jupyter-serverOpen redirect vulnerability

First published (updated )

pip/oauthenticatorBase class whitelist configuration ignored in OAuthenticator

First published (updated )

pip/jupyter-serverOpen redirect in Jupyter Server

First published (updated )

pip/notebookOpen redirect in Jupyter Notebook

7.4
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203