pkg:PyPI/notebook

All known vulnerabilities

• CRITICAL10.0CVE-2021-32798Special Element Injection in notebook
  from 0, < 5.7.11
• CRITICAL10.0CVE-2021-32798Special Element Injection in notebook
  from 0, < 79fc76e890a8ec42f73a3d009e44ef84c14ef0d5 | >= 5.7.0, < 5.7.11
• CRITICAL9.8CVE-2015-7337Improper Input Validation in Jupyter Notebook
  >= 4.0.0, < 4.0.5
• CRITICAL9.8CVE-2015-7337Improper Input Validation in Jupyter Notebook
  from 0, < 9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b5 | >= 4.0.0, < 4.0.5
• HIGH7.8CVE-2018-8768Jupyter Notebook file bypasses sanitization, executes JavaScript
  from 0, < 5.4.1
• HIGH7.8CVE-2018-8768Jupyter Notebook file bypasses sanitization, executes JavaScript
  from 0, < 5.4.1
• HIGH7.6CVE-2024-43805HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
  >= 7.0.0, < 7.2.2
• HIGH7.6CVE-2024-22421Potential authentication and CSRF tokens leak in JupyterLab
  >= 7.0.0, < 7.0.7
• HIGH7.5CVE-2022-24758Insertion of Sensitive Information into Log File affects Jupyter Notebook
  from 0, < 6.4.10
• HIGH7.5CVE-2022-24758Insertion of Sensitive Information into Log File affects Jupyter Notebook
  from 0, < 6.4.10
• HIGH7.4CVE-2021-32797JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>
  from 0, < 5.7.11
• MEDIUM6.5CVE-2024-22420Stored cross site scripting in Markdown Preview in JupyterLab
  >= 7.0.0, < 7.0.7
• MEDIUM6.1CVE-2015-6938Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  from 0, < 35f32dd2da804d108a3a3585b69ec3295b2677ed, < dd9876381f0ef09873d8c5f6f2063269172331e3 | >= 4.0.0, < 4.0.5
• MEDIUM6.1CVE-2015-6938Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  >= 4.0.0, < 4.0.5
• MEDIUM6.1CVE-2019-10856Jupyter Notebook open redirect vulnerability
  from 0, < 5.7.8
• MEDIUM6.1CVE-2019-10856Jupyter Notebook open redirect vulnerability
  from 0, < 5.7.8
• MEDIUM6.1CVE-2019-10255Open Redirect vulnerability in jupyterhub and notebook
  from 0, < 5.7.8
• MEDIUM6.1CVE-2018-19352Jupyter Notebook XSS via directory name
  from 0, < 288b73e1edbf527740e273fcc69b889460871648 | from 0, < 5.7.2
• MEDIUM6.1CVE-2018-19352Jupyter Notebook XSS via directory name
  from 0, < 5.7.2
• MEDIUM6.1CVE-2018-19351jupyter-notebook - security update
  from 0, < 107a89fce5f413fb5728c1c5d2c7788e1fb17491 | from 0, < 5.7.1
• MEDIUM6.1CVE-2018-19351jupyter-notebook - security update
  from 0, < 5.7.1
• MEDIUM5.4CVE-2019-9644Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  from 0, < 5.7.6
• MEDIUM5.4CVE-2019-9644Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
  from 0, < 5.7.6
• MEDIUM5.3CVE-2018-21030Cross-site scripting in Jupyter Notebook
  from 0, < 5.5.0rc1
• MEDIUM5.3CVE-2018-21030Cross-site scripting in Jupyter Notebook
  from 0, < 5.5.0
• MEDIUM4.4CVE-2020-26215Open redirect in Jupyter Notebook
  from 0, < 6.1.5
• MEDIUM4.4CVE-2020-26215Open redirect in Jupyter Notebook
  from 0, < 3cec4bbe21756de9f0c4bccf18cf61d840314d74 | from 0, < 6.1.5
• MEDIUM4.3CVE-2022-29238Forced Browsing in Jupyter Notebook
  from 0, < 6.4.12
• MEDIUM4.3CVE-2022-29238Forced Browsing in Jupyter Notebook
  from 0, < 6.4.12
• —CVE-2026-42557jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content
  >= 7.0.0, < 7.5.6
• —CVE-2026-40171Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS
  >= 7.0.0, < 7.5.6