Filters
Software
pip/jupyterlabHTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
7.6
First published (updated )
Jupyter JupyterhubJupyterHub has a privilege escalation vulnerability with the `admin:users` scope
7.2
First published (updated )
pip/jupyter_serverJupyter server on Windows discloses Windows user password hash
7.5
First published (updated )
pip/jupyterlabPotential authentication and CSRF tokens leak in JupyterLab
7.6
EPSS
0.06%
First published (updated )
Jupyter JupyterlabStored cross site scripting in Markdown Preview in JupyterLab
6.5
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/jupyter-lspUnsecured endpoints in the jupyter-lsp server extension
9.8
EPSS
0.09%
First published (updated )
pip/jupyter-serverJupyter Server errors include tracebacks with path information
4.3
First published (updated )
Jupyter Jupyter ServerOpen Redirect Vulnerability in jupyter-server
6.1
First published (updated )
Jupyter Jupyter Servercross-site inclusion (XSSI) of files in jupyter-server
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Debian Debian LinuxExecution with Unnecessary Privileges in JupyterApp
8.8
First published (updated )
Jupyter Nbconvertnbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths
7.5
First published (updated )
pip/jupyter-serverKnown or guessable hidden files may be accessed in Jupyter Server
First published (updated )
Jupyter NotebookForced Browsing in Jupyter Notebook
4.3
First published (updated )
Jupyter OauthenticatorAuthorization Bypass Through User-Controlled Key when using CILogonOAuthenticator in oauthenticator
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter NotebookInsertion of Sensitive Information into Log File affects Jupyter Notebook
7.5
First published (updated )
Jupyter Jupyter ServerSensitive Auth & Cookie data stored in Jupyter server logs
7.5
First published (updated )
Jupyter Jupyter Server ProxySSRF vulnerability (requires authentication)
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter NotebookFailure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook
10
First published (updated )
Jupyter JupyterlabJupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter OauthenticatorBase class whitelist configuration ignored in OAuthenticator
6.3
First published (updated )
Jupyter Jupyter ServerOpen redirect in Jupyter Server
5.5
First published (updated )
Jupyter NotebookIn Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists …
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter JupyterhubAn Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (…
6.1
First published (updated )
Jupyter NotebookIn Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to exec…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter OauthenticatorAn issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x be…
8.8
First published (updated )