EUVD-2026-24025
GHSA-7jqv-fw35-gmx9
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
2Blast Radius
ecosystem impact- 17 pypi packages depend on nbconvert (17 direct, 0 indirect)
Ecosystem-wide dependent count for version 6.5.0.
DescriptionNVD
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when HTMLExporter.embed_images=True, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references. A malicious notebook can exfiltrate sensitive files from the conversion host by embedding them as base64 data URIs in the output HTML. nbconvert 7.17.1 contains a fix. As a workaround, do not enable HTMLExporter.embed_images; it is not enabled by default.
AnalysisAI
Jupyter nbconvert 6.5 through 7.17.0 allows unauthenticated remote attackers to read arbitrary files from the conversion host when HTMLExporter.embed_images is enabled, by embedding malicious image references with path traversal sequences in a crafted notebook. A malicious actor can exfiltrate sensitive files as base64-encoded data URIs in the output HTML, achieving confidentiality breach with no integrity or availability impact. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Share
External POC / Exploit Code
Leaving vuln.today