Vulnerabilities > Jupyter
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2021-39159 | OS Command Injection vulnerability in Jupyter Binderhub BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories. | 9.8 |
| 2021-08-09 | CVE-2021-32797 | Cross-site Scripting vulnerability in Jupyter Jupyterlab JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. | 6.8 |
| 2021-08-09 | CVE-2021-32798 | Cross-site Scripting vulnerability in Jupyter Notebook The Jupyter notebook is a web-based notebook environment for interactive computing. | 6.8 |
| 2021-01-13 | CVE-2020-36191 | Cross-Site Request Forgery (CSRF) vulnerability in Jupyter Jupyterhub 1.1.0 JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user request (to add or remove a user account). | 3.5 |
| 2020-12-21 | CVE-2020-26275 | Open Redirect vulnerability in Jupyter Server The Jupyter Server provides the backend (i.e. | 5.8 |
| 2020-12-01 | CVE-2020-26250 | Incorrect Authorization vulnerability in Jupyter Oauthenticator 0.12.0/0.12.1 OAuthenticator is an OAuth login mechanism for JupyterHub. | 3.5 |
| 2020-11-24 | CVE-2020-26232 | Open Redirect vulnerability in Jupyter Server Jupyter Server before version 1.0.6 has an Open redirect vulnerability. | 5.5 |
| 2020-11-18 | CVE-2020-26215 | Open Redirect vulnerability in multiple products Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. | 5.8 |
| 2019-10-31 | CVE-2018-21030 | Incorrect Authorization vulnerability in Jupyter Notebook Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. | 5.0 |
| 2019-04-04 | CVE-2019-10856 | Open Redirect vulnerability in Jupyter Notebook In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. | 5.8 |