Vulnerabilities > Jupyterhub

DATE CVE VULNERABILITY TITLE RISK
2021-10-28 CVE-2021-41194 Unspecified vulnerability in Jupyterhub First USE Authenticator
FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub.
network
jupyterhub
6.8
2021-08-25 CVE-2021-39160 OS Command Injection vulnerability in Jupyterhub Nbgitpuller 0.10.0/0.10.1/0.9.0
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path.
network
low complexity
jupyterhub CWE-78
8.8
2020-12-09 CVE-2020-26261 Exposure of Resource to Wrong Sphere vulnerability in Jupyterhub Systemdspawner
jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd.
3.3
2020-07-17 CVE-2020-15110 Incorrect Authorization vulnerability in Jupyterhub Kubespawner
In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames.
network
low complexity
jupyterhub CWE-863
5.5