Vulnerabilities > Jupyter > Notebook
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-12 | CVE-2019-9644 | Cross-site Scripting vulnerability in Jupyter Notebook An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. | 5.4 |
| 2018-11-18 | CVE-2018-19352 | Cross-site Scripting vulnerability in Jupyter Notebook Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely. | 6.1 |
| 2018-11-18 | CVE-2018-19351 | Cross-site Scripting vulnerability in Jupyter Notebook Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. | 6.1 |
| 2018-03-18 | CVE-2018-8768 | Unspecified vulnerability in Jupyter Notebook In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. | 7.8 |