Published: 18/11/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Jupyter Notebook prior to 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHandler and NbconvertPostHandler do not set a Content Security Policy to prevent this.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jupyter notebook

Debian Bug report logs - #917409 jupyter-notebook: CVE-2018-19351 Package: src:jupyter-notebook; Maintainer for src:jupyter-notebook is Debian Python Modules Team <python-modules-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Dec 2018 13:33:04 UTC Severity: importan ...

Several security issues were fixed in Jupyter Notebook ...

A security issue has been found in Jupyter Notebook versions prior to 571, where untrusted javascript could be executed if malicious files could be delivered to the users system and the user takes specific actions with those malicious files It allowed nbconvert endpoints (such as Print Preview) to render untrusted HTML and javascript with access ...

CWE-79 https://pypi.org/project/notebook/#history https://github.com/jupyter/notebook/commit/107a89fce5f413fb5728c1c5d2c7788e1fb17491 https://github.com/jupyter/notebook/blob/master/docs/source/changelog.rst https://lists.debian.org/debian-lts-announce/2020/11/msg00033.html https://groups.google.com/forum/#%21topic/jupyter/hWzu2BSsplY https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917409 https://ubuntu.com/security/notices/USN-5585-1 https://nvd.nist.gov

CVE-2018-19351

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect