Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jupyter notebook vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-7337
The editor in IPython Notebook prior to 3.2.2 and Jupyter Notebook 4.0.x prior to 4.0.5 allows remote malicious users to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types.
Ipython Notebook
Jupyter Notebook 4.0.2
Jupyter Notebook 4.0.0
Jupyter Notebook 4.0.4
Jupyter Notebook 4.0.1
Jupyter Notebook 4.0.3
NA
CVE-2015-6938
Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook prior to 3.2.2 and Jupyter Notebook 4.0.x prior to 4.0.5 allows remote malicious users to inject arbitrary web script or HTML via a folder name. NOTE: this was originally r...
Jupyter Notebook 4.0.2
Jupyter Notebook 4.0.0
Jupyter Notebook 4.0.4
Jupyter Notebook 4.0.1
Jupyter Notebook 4.0.3
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Ipython Notebook
9.6
CVSSv3
CVE-2021-32798
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an ...
Jupyter Notebook 6.4.0
Jupyter Notebook
6.1
CVSSv3
CVE-2019-10255
An Open Redirect vulnerability for all browsers in Jupyter Notebook prior to 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub prior to 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_ur...
Jupyter Jupyterhub
Jupyter Notebook
6.5
CVSSv3
CVE-2024-22421
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an olde...
Jupyter Notebook
Jupyter Jupyterlab
Fedoraproject Fedora 39
6.1
CVSSv3
CVE-2024-22420
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicious Markdown file using JupyterLab preview feature. A malicious user can access an...
Jupyter Notebook
Jupyter Jupyterlab
Fedoraproject Fedora 39
4.3
CVSSv3
CVE-2022-29238
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only prevented listing the contents of hidden directories, not accessing individual h...
Jupyter Notebook
7.8
CVSSv3
CVE-2018-8768
In Jupyter Notebook prior to 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.
Jupyter Notebook
7.5
CVSSv3
CVE-2022-24758
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter ser...
Jupyter Notebook
6.1
CVSSv3
CVE-2019-10856
In Jupyter Notebook prior to 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.
Jupyter Notebook
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »