Vulnerabilities > Jupyter

DATE CVE VULNERABILITY TITLE RISK
2021-11-04 CVE-2021-41247 Insufficient Session Expiration vulnerability in Jupyter Jupyterhub
JupyterHub is an open source multi-user server for Jupyter notebooks.
network
low complexity
jupyter CWE-613
5.0
2021-11-03 CVE-2021-41134 Cross-site Scripting vulnerability in Jupyter Nbdime and Nbdime-Jupyterlab
nbdime provides tools for diffing and merging of Jupyter Notebooks.
network
jupyter CWE-79
3.5
2021-08-25 CVE-2021-39159 Code Injection vulnerability in Jupyter Binderhub
BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories.
network
low complexity
jupyter CWE-94
7.5
2021-08-09 CVE-2021-32798 Cross-site Scripting vulnerability in Jupyter Notebook
The Jupyter notebook is a web-based notebook environment for interactive computing.
network
jupyter CWE-79
6.8
2021-08-09 CVE-2021-32797 Cross-site Scripting vulnerability in Jupyter Jupyterlab
JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook.
network
jupyter CWE-79
6.8
2021-01-13 CVE-2020-36191 Cross-Site Request Forgery (CSRF) vulnerability in Jupyter Jupyterhub 1.1.0
JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user request (to add or remove a user account).
network
jupyter CWE-352
3.5
2020-12-21 CVE-2020-26275 Open Redirect vulnerability in Jupyter Server
The Jupyter Server provides the backend (i.e.
network
jupyter CWE-601
5.8
2020-12-01 CVE-2020-26250 Incorrect Authorization vulnerability in Jupyter Oauthenticator 0.12.0/0.12.1
OAuthenticator is an OAuth login mechanism for JupyterHub.
network
jupyter CWE-863
3.5
2020-11-24 CVE-2020-26232 Open Redirect vulnerability in Jupyter Server
Jupyter Server before version 1.0.6 has an Open redirect vulnerability.
network
low complexity
jupyter CWE-601
5.5
2020-11-18 CVE-2020-26215 Open Redirect vulnerability in multiple products
Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability.
5.8