Vulnerabilities > Jupyter
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-26 | CVE-2022-39286 | Uncontrolled Search Path Element vulnerability in multiple products Jupyter Core is a package for the core common functionality of Jupyter projects. | 8.8 |
| 2022-08-18 | CVE-2021-32862 | Cross-site Scripting vulnerability in multiple products The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. | 5.4 |
| 2022-06-14 | CVE-2022-29241 | Unspecified vulnerability in Jupyter Server Jupyter Server provides the backend (i.e. | 9.0 |
| 2022-06-14 | CVE-2022-29238 | Forced Browsing vulnerability in Jupyter Notebook Jupyter Notebook is a web-based notebook environment for interactive computing. | 4.0 |
| 2022-06-09 | CVE-2022-31027 | Authorization Bypass Through User-Controlled Key vulnerability in Jupyter Oauthenticator OAuthenticator is an OAuth token library for the JupyerHub login handler. | 4.0 |
| 2022-03-31 | CVE-2022-24758 | Information Exposure Through Log Files vulnerability in Jupyter Notebook The Jupyter notebook is a web-based notebook environment for interactive computing. | 5.0 |
| 2022-03-23 | CVE-2022-24757 | Information Exposure Through Log Files vulnerability in Jupyter Server The Jupyter Server provides the backend (i.e. | 5.0 |
| 2022-01-25 | CVE-2022-21697 | Server-Side Request Forgery (SSRF) vulnerability in Jupyter Server Proxy Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. | 5.5 |
| 2021-11-04 | CVE-2021-41247 | Insufficient Session Expiration vulnerability in Jupyter Jupyterhub JupyterHub is an open source multi-user server for Jupyter notebooks. | 5.0 |
| 2021-11-03 | CVE-2021-41134 | Cross-site Scripting vulnerability in Jupyter Nbdime and Nbdime-Jupyterlab nbdime provides tools for diffing and merging of Jupyter Notebooks. | 3.5 |