pkg:PyPI/notebook

All known vulnerabilities

• CRITICAL10.0CVE-2021-32798Special Element Injection in notebook
  from 0, < 79fc76e890a8ec42f73a3d009e44ef84c14ef0d5 | >= 5.7.0, < 5.7.11
• CRITICAL10.0CVE-2021-32798Special Element Injection in notebook
  from 0, < 5.7.11
• CRITICAL9.8CVE-2015-7337Improper Input Validation in Jupyter Notebook
  >= 4.0.0, < 4.0.5
• CRITICAL9.8Improper Input Validation in Jupyter Notebook
  from 0, < 9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b5 | >= 4.0.0, < 4.0.5
• CRITICAL9.6JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted content
  >= 7.0.0, < 7.5.6
• HIGH7.8Jupyter Notebook file bypasses sanitization, executes JavaScript
  from 0, < 5.4.1
• HIGH7.8Jupyter Notebook file bypasses sanitization, executes JavaScript
  from 0, < 5.4.1
• HIGH7.6HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
  >= 7.0.0, < 7.2.2
• HIGH7.6JupyterLab vulnerable to potential authentication and CSRF tokens leak
  >= 7.0.0, < 7.0.7
• HIGH7.5Sensitive Auth & Cookie data stored in Jupyter server logs
  from 0, < 6.4.10
• HIGH7.5Sensitive Auth & Cookie data stored in Jupyter server logs
  from 0, < 6.4.10
• HIGH7.4JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>
  from 0, < 5.7.11
• MEDIUM6.5JupyterLab vulnerable to SXSS in Markdown Preview
  >= 7.0.0, < 7.0.7
• MEDIUM6.1Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  from 0, < 35f32dd2da804d108a3a3585b69ec3295b2677ed, < dd9876381f0ef09873d8c5f6f2063269172331e3 | >= 4.0.0, < 4.0.5
• MEDIUM6.1Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  >= 4.0.0, < 4.0.5
• MEDIUM6.1Jupyter Notebook open redirect vulnerability
  from 0, < 5.7.8
• MEDIUM6.1Jupyter Notebook open redirect vulnerability
  from 0, < 5.7.8
• MEDIUM6.1Open Redirect vulnerability in jupyterhub and notebook
  from 0, < 5.7.8
• MEDIUM6.1Jupyter Notebook XSS via directory name
  from 0, < 5.7.2
• MEDIUM6.1Jupyter Notebook XSS via directory name
  from 0, < 288b73e1edbf527740e273fcc69b889460871648 | from 0, < 5.7.2
• MEDIUM6.1jupyter-notebook - security update
  from 0, < 5.7.1
• MEDIUM6.1jupyter-notebook - security update
  from 0, < 107a89fce5f413fb5728c1c5d2c7788e1fb17491 | from 0, < 5.7.1
• MEDIUM5.4Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  from 0, < 5.7.6
• MEDIUM5.4Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  from 0, < 5.7.6
• MEDIUM5.3Cross-site scripting in Jupyter Notebook
  from 0, < 5.5.0
• MEDIUM5.3Cross-site scripting in Jupyter Notebook
  from 0, < 5.5.0rc1
• MEDIUM4.4jupyter-notebook - security update
  from 0, < 3cec4bbe21756de9f0c4bccf18cf61d840314d74 | from 0, < 6.1.5
• MEDIUM4.4jupyter-notebook - security update
  from 0, < 6.1.5
• MEDIUM4.3Token bruteforcing.
  from 0, < 6.4.12
• MEDIUM4.3Token bruteforcing.
  from 0, < 6.4.12
• —Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS
  >= 7.0.0, < 7.5.6