Vulnerabilities > Jupyter > Notebook > 5.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-14 | CVE-2022-29238 | Forced Browsing vulnerability in Jupyter Notebook Jupyter Notebook is a web-based notebook environment for interactive computing. | 4.0 |
| 2022-03-31 | CVE-2022-24758 | Information Exposure Through Log Files vulnerability in Jupyter Notebook The Jupyter notebook is a web-based notebook environment for interactive computing. | 5.0 |
| 2020-11-18 | CVE-2020-26215 | Open Redirect vulnerability in multiple products Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. | 5.8 |
| 2019-10-31 | CVE-2018-21030 | Incorrect Authorization vulnerability in Jupyter Notebook Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. | 5.0 |
| 2019-04-04 | CVE-2019-10856 | Open Redirect vulnerability in Jupyter Notebook In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. | 5.8 |
| 2019-03-28 | CVE-2019-10255 | Open Redirect vulnerability in Jupyter Jupyterhub and Notebook An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. | 6.1 |
| 2019-03-12 | CVE-2019-9644 | Cross-site Scripting vulnerability in Jupyter Notebook An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. | 5.4 |
| 2018-11-18 | CVE-2018-19352 | Cross-site Scripting vulnerability in Jupyter Notebook Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely. | 4.3 |
| 2018-11-18 | CVE-2018-19351 | Cross-site Scripting vulnerability in Jupyter Notebook Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. | 6.1 |
| 2018-03-18 | CVE-2018-8768 | Unspecified vulnerability in Jupyter Notebook In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. network jupyter | 6.8 |