Filter
Software
Jupyter NotebookFailure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook
10
First published (updated )
pip/jupyter-lspUnsecured endpoints in the jupyter-lsp server extension
9.8
EPSS
0.09%
First published (updated )
Jupyter JupyterlabJupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/jupyter-serverKnown or guessable hidden files may be accessed in Jupyter Server
First published (updated )
debian/jupyter-coreExecution with Unnecessary Privileges in JupyterApp
8.8
First published (updated )
Jupyter OauthenticatorAn issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x be…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter NotebookIn Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to exec…
7.8
First published (updated )
pip/jupyterlabPotential authentication and CSRF tokens leak in JupyterLab
7.6
EPSS
0.06%
First published (updated )
pip/jupyterlabHTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
7.6
First published (updated )
pip/jupyter_serverJupyter server on Windows discloses Windows user password hash
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter Jupyter ServerSensitive Auth & Cookie data stored in Jupyter server logs
7.5
First published (updated )
Jupyter NotebookInsertion of Sensitive Information into Log File affects Jupyter Notebook
7.5
First published (updated )
IBM Cognos Analyticsnbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths
7.5
First published (updated )
Jupyter JupyterHubJupyterHub has a privilege escalation vulnerability with the `admin:users` scope
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter Jupyter Server ProxySSRF vulnerability (requires authentication)
7.1
First published (updated )
pip/notebookStored cross site scripting in Markdown Preview in JupyterLab
6.5
EPSS
0.05%
First published (updated )
Jupyter OauthenticatorAuthorization Bypass Through User-Controlled Key when using CILogonOAuthenticator in oauthenticator
6.5
First published (updated )
Jupyter OauthenticatorBase class whitelist configuration ignored in OAuthenticator
6.3
First published (updated )
IBM Cognos AnalyticsJupyter Notebook and JupyterHub could allow a remote attacker to conduct phishing attacks, caused by…
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jupyter NotebookIn Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists …
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.