Vulnerabilities > Jupyter
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-18 | CVE-2018-19351 | Cross-site Scripting vulnerability in Jupyter Notebook Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. | 6.1 |
2018-03-18 | CVE-2018-8768 | Unspecified vulnerability in Jupyter Notebook In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. network jupyter | 6.8 |
2018-02-18 | CVE-2018-7206 | Unspecified vulnerability in Jupyter Oauthenticator An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x before 0.7.3. | 6.5 |
2015-09-29 | CVE-2015-7337 | Improper Input Validation vulnerability in multiple products The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types. | 6.8 |
2015-09-21 | CVE-2015-6938 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. | 4.3 |