Vulnerabilities > Jupyter

DATE CVE VULNERABILITY TITLE RISK
2021-08-25 CVE-2021-39159 OS Command Injection vulnerability in Jupyter Binderhub
BinderHub is a kubernetes-based cloud service that allows users to share reproducible interactive computing environments from code repositories.
network
low complexity
jupyter CWE-78
critical
9.8
2021-08-09 CVE-2021-32797 Cross-site Scripting vulnerability in Jupyter Jupyterlab
JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook.
network
low complexity
jupyter CWE-79
critical
9.6
2021-08-09 CVE-2021-32798 Cross-site Scripting vulnerability in Jupyter Notebook
The Jupyter notebook is a web-based notebook environment for interactive computing.
network
low complexity
jupyter CWE-79
critical
9.6
2021-01-13 CVE-2020-36191 Cross-Site Request Forgery (CSRF) vulnerability in Jupyter Jupyterhub 1.1.0
JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user request (to add or remove a user account).
network
low complexity
jupyter CWE-352
4.5
2020-12-21 CVE-2020-26275 Unspecified vulnerability in Jupyter Server
The Jupyter Server provides the backend (i.e.
network
low complexity
jupyter
6.1
2020-12-01 CVE-2020-26250 Incorrect Authorization vulnerability in Jupyter Oauthenticator 0.12.0/0.12.1
OAuthenticator is an OAuth login mechanism for JupyterHub.
network
high complexity
jupyter CWE-863
6.3
2020-11-24 CVE-2020-26232 Unspecified vulnerability in Jupyter Server
Jupyter Server before version 1.0.6 has an Open redirect vulnerability.
network
low complexity
jupyter
5.4
2020-11-18 CVE-2020-26215 Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability.
network
low complexity
jupyter debian
6.1
2019-10-31 CVE-2018-21030 Incorrect Authorization vulnerability in Jupyter Notebook
Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin.
network
low complexity
jupyter CWE-863
5.3
2019-04-04 CVE-2019-10856 Open Redirect vulnerability in Jupyter Notebook
In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc.
network
low complexity
jupyter CWE-601
6.1