Vulnerabilities > Jupyterhub > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2021-39160 | OS Command Injection vulnerability in Jupyterhub Nbgitpuller 0.10.0/0.10.1/0.9.0 nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. | 8.8 |
| 2020-12-09 | CVE-2020-26261 | Exposure of Resource to Wrong Sphere vulnerability in Jupyterhub Systemdspawner jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. | 7.9 |
| 2020-07-17 | CVE-2020-15110 | Incorrect Authorization vulnerability in Jupyterhub Kubespawner In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. | 8.1 |