Updated python-jupyterlab packages fix security vulnerability

🗓️ 27 Feb 2023 20:27:16Reported by Gentoo FoundationType

mageia

mageia🔗 advisories.mageia.org👁 58 Views

Updated python-jupyterlab package fix security vulnerability and bugs

Reporter	Title	Published	Views	Family All 35
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	8 Jun 202321:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities	22 Jun 202215:20	–	ibm
ArchLinux	[ASA-202108-10] jupyterlab: cross-site scripting	10 Aug 202100:00	–	archlinux
Circl	CVE-2021-32797	10 Aug 202100:36	–	circl
CNNVD	Jupyter Notebook 跨站脚本漏洞	9 Aug 202100:00	–	cnnvd
CVE	CVE-2021-32797	9 Aug 202120:45	–	cve
Cvelist	CVE-2021-32797 JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>	9 Aug 202120:45	–	cvelist
Debian CVE	CVE-2021-32797	9 Aug 202120:45	–	debiancve
EUVD	EUVD-2021-0107	7 Oct 202500:30	–	euvd
Github Security Blog	JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>	23 Aug 202119:40	–	github

OS	OS Version	Architecture	Package	Package Version	Filename
Mageia	8	any	jupyter-jupyterlab-server	1.1.5-1	jupyter-jupyterlab-server-1.1.5-1.noarch.rpm
Mageia	8	any	python-jupyterlab	2.2.10-1	python-jupyterlab-2.2.10-1.noarch.rpm

Source	Link
bugs	www.bugs.mageia.org/show_bug.cgi
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/VZGF2ZZFSQOBN7NRPXC3MMQXPLYLS2IH/

20 Feb 2023 21:25Current

2.9Low risk

Vulners AI Score2.9

CVSS 26.8

CVSS 3.17.4 - 9.6

EPSS0.02638

python jupyterlab security vulnerability remote code execution user action notebook bug fixes unix