Lucene search
GitHub Advisory DatabaseGHSA-JQWC-JM56-WCWJHistoryNov 08, 2019 - 5:07 p.m.
Cross-site scripting in Jupyter Notebook
2019-11-0817:07:42
CWE-79
GitHub Advisory Database
github.com
17
0.001 Low
EPSS
Percentile
40.1%
Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document.
Related
cve
cve
CVE-2018-21030
2019-10-31 15:15:00
prion
prion
Cross site scripting
2019-10-31 15:15:00
ubuntucve
ubuntucve
CVE-2018-21030
2019-10-31 00:00:00
osv
osv
CVE-2018-21030
2019-10-31 15:15:10
PYSEC-2019-157
2019-10-31 15:15:00
Cross-site scripting in Jupyter Notebook
2019-11-08 17:07:42
debiancve
debiancve
CVE-2018-21030
2019-10-31 15:15:00
cvelist
cvelist
CVE-2018-21030
2019-10-31 14:52:45
openvas
openvas
Debian: Security Advisory (DLA-2432-1)
2020-11-20 00:00:00
Ubuntu: Security Advisory (USN-5585-1)
2022-08-31 00:00:00
Mageia: Security Advisory (MGASA-2022-0323)
2022-09-12 00:00:00
nessus
nessus
Debian DLA-2432-1 : jupyter-notebook security update
2020-11-19 00:00:00
debian
debian
[SECURITY] [DLA 2432-1] jupyter-notebook security update
2020-11-19 04:54:03
ubuntu
ubuntu
Jupyter Notebook vulnerabilities
2022-08-30 00:00:00
mageia
mageia
Updated jupyter-notebook packages fix security vulnerability
2022-09-10 23:26:43