Skip to main content

Notebook

15 CVEs product

Monthly

CVE-2024-43805 PyPI MEDIUM PATCH This Month

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jupyterlab Notebook
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-22421 PyPI MEDIUM PATCH This Month

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jupyterlab Notebook Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2024-22420 PyPI MEDIUM PATCH This Month

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Jupyterlab Notebook Fedora
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-29238 PyPI MEDIUM PATCH This Month

Jupyter Notebook is a web-based notebook environment for interactive computing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Notebook
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
CVE-2022-24758 PyPI HIGH PATCH This Week

The Jupyter notebook is a web-based notebook environment for interactive computing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Notebook
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-32798 PyPI CRITICAL POC PATCH Act Now

The Jupyter notebook is a web-based notebook environment for interactive computing. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google RCE XSS Notebook
NVD GitHub
CVSS 3.1
9.6
EPSS
2.1%
CVE-2020-26215 PyPI MEDIUM PATCH This Month

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Notebook Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-10856 PyPI MEDIUM POC PATCH This Month

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Notebook
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2019-10255 PyPI MEDIUM PATCH This Month

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Mozilla Open Redirect Jupyterhub Notebook
NVD GitHub
CVSS 3.0
6.1
EPSS
1.7%
CVE-2019-9644 PyPI MEDIUM PATCH This Month

An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Notebook
NVD GitHub
CVSS 3.0
5.4
EPSS
1.6%
CVE-2018-19352 PyPI MEDIUM PATCH This Month

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Notebook
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-19351 PyPI MEDIUM PATCH This Month

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Notebook
NVD GitHub
CVSS 3.0
6.1
EPSS
1.5%
CVE-2018-8768 PyPI HIGH PATCH This Week

In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Notebook
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2015-7337 PyPI MEDIUM PATCH This Month

The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Notebook
NVD GitHub
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6938 PyPI MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS CSRF Notebook Fedora Opensuse
NVD GitHub
CVSS 2.0
4.3
EPSS
0.9%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jupyterlab Notebook
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Jupyterlab Notebook +1
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Jupyterlab Notebook +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Jupyter Notebook is a web-based notebook environment for interactive computing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Notebook
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The Jupyter notebook is a web-based notebook environment for interactive computing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Notebook
NVD GitHub
EPSS 2% CVSS 9.6
CRITICAL POC PATCH Act Now

The Jupyter notebook is a web-based notebook environment for interactive computing. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google RCE XSS +1
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Notebook Debian Linux
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Notebook
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Mozilla Open Redirect +2
NVD GitHub
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Notebook
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Notebook
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Notebook
NVD GitHub
EPSS 1% CVSS 7.8
HIGH PATCH This Week

In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Notebook
NVD
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Notebook
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS CSRF Notebook +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy