pkg:PyPI/jupyterhub

All known vulnerabilities

• HIGH8.1CVE-2024-28233XSS in JupyterHub via Self-XSS leveraged by Cookie Tossing
  from 0, < 4.1.0
• HIGH7.2CVE-2024-41942JupyterHub has a privilege escalation vulnerability with the `admin:users` scope
  from 0, < 4.1.6
• HIGH7.2CVE-2024-41942JupyterHub has a privilege escalation vulnerability with the `admin:users` scope
  from 0, < 99e2720b0fc626cbeeca3c6337f917fdacfaa428, < ff2db557a85b6980f90c3158634bf924063ab8ba | from 0, < 4.1.6
• MEDIUM6.1CVE-2026-33709JupyterHub has an Open Redirect Vulnerability
  from 0, < 5.4.4
• MEDIUM6.1CVE-2019-10255Open Redirect vulnerability in jupyterhub and notebook
  from 0, < 0.9.6
• MEDIUM5.4CVE-2026-40864JupyterHub has cross-origin form POSTs bypass XSRF (CWE-352)
  >= 4.1.0, < 5.4.5
• MEDIUM4.5CVE-2020-36191Cross-Site Request Forgery in JupyterHub
  from 0, < 1.2.0b1
• MEDIUM4.5CVE-2020-36191Cross-Site Request Forgery in JupyterHub
  from 0, < 1.2.0b1
• LOW3.5CVE-2021-41247incomplete JupyterHub logout with simultaneous JupyterLab sessions
  >= 1.0.0, < 1.5.0
• LOW3.5CVE-2021-41247incomplete JupyterHub logout with simultaneous JupyterLab sessions
  from 0, < 5ac9e7f73a6e1020ffddc40321fc53336829fe27 | >= 1.0.0, < 1.5.0