Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jupyter notebook vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-9644
An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook prior to 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. Access to the content of resources has been demonstrated with Internet Explorer thro...
Jupyter Notebook
4
CVSSv2
CVE-2022-29238
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual h...
Jupyter Notebook
NA
CVE-2024-22420
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicious Markdown file using JupyterLab preview feature. A malicious user can access an...
Jupyter Notebook
Jupyter Jupyterlab
Fedoraproject Fedora 39
NA
CVE-2024-22421
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an olde...
Jupyter Notebook
Jupyter Jupyterlab
Fedoraproject Fedora 39
NA
CVE-2023-51277
nbviewer-app (aka Jupyter Notebook Viewer) prior to 0.1.6 has the get-task-allow entitlement for release builds.
Tinowagner Jupyter Notebook Viewer
5.8
CVSSv2
CVE-2020-26215
Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasona...
Jupyter Notebook
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2020-26275
The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect ...
Jupyter Jupyter Server
5.5
CVSSv2
CVE-2022-21697
Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy before 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is affe...
Jupyter Jupyter Server Proxy
9
CVSSv2
CVE-2022-29241
Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a value of `root_dir` that contains the starting user's home directory, then...
Jupyter Jupyter Server
NA
CVE-2023-49080
The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. Unhandled errors in API requests coming from an authenticated user include traceback information, which can includ...
Jupyter Jupyter Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »