GitHub Advisory DatabaseGHSA-4M77-CMPX-VJC4JupyterLab vulnerable to SXSS in Markdown Preview
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%
Impact
The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature.
A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user.
Patches
JupyterLab v4.0.11 was patched.
Workarounds
Users can either disable the table of contents extension by running:
jupyter labextension disable @jupyterlab/toc-extension:registry
References
Vulnerability reported via the bug bounty program sponsored by the European Commission and hosted on the Intigriti platform.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| notebook | le | 7.0.6 | |
| jupyterlab | le | 4.0.10 |
References
github.com/advisories/GHSA-4m77-cmpx-vjc4
github.com/jupyterlab/jupyterlab/commit/dda0033cd49449572d077bbecd33b18d8d05f48a
github.com/jupyterlab/jupyterlab/commit/e1b3aabab603878e46add445a3114e838411d2df
github.com/jupyterlab/jupyterlab/security/advisories/GHSA-4m77-cmpx-vjc4
lists.fedoraproject.org/archives/list/[email protected]/message/UQJKNRDRFMKGVRIYNNN6CKMNJDNYWO2H/
nvd.nist.gov/vuln/detail/CVE-2024-22420
Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%