Vulnerabilities > CVE-2020-26232 - Unspecified vulnerability in Jupyter Server

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

jupyter

NVD

Published: 2020-11-24

Updated: 2024-11-21

Summary

Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are technically affected, however, these maliciously crafted links can only be reasonably made for known jupyter server hosts. A link to your jupyter server may appear safe, but ultimately redirect to a spoofed server on the public internet.

Vulnerable Configurations

Part	Description	Count
Application	Jupyter Jupyter Jupyter Server - Jupyter Jupyter Server 0.0.1 Jupyter Jupyter Server 0.0.2 Jupyter Jupyter Server 0.0.3 Jupyter Jupyter Server 0.0.4 Jupyter Jupyter Server 0.0.5 Jupyter Jupyter Server 0.1.0 Jupyter Jupyter Server 0.1.1 Jupyter Jupyter Server 0.2.0 Jupyter Jupyter Server 0.2.1 Jupyter Jupyter Server 0.3.0 Jupyter Jupyter Server 1.0.0 Jupyter Jupyter Server 1.0.1 Jupyter Jupyter Server 1.0.2 Jupyter Jupyter Server 1.0.3 Jupyter Jupyter Server 1.0.4 Jupyter Jupyter Server 1.0.5	34

Summary

Vulnerable Configurations

References