CVE-2025-43805

creationtimestamp| type| source ---|---|--- 2025-09-16 21:43:24+00:00| seen| Telegram/cWYiFCajb73CByMpBNNiblIehDdrByCzrRLHXNq5HOr0fkM...

Fedora: Security Advisory (FEDORA-2024-4b5f3d51ca)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-43805

Nexkey is a fork of Misskey, an open source, decentralized social media platform. Prior to version 12.121.9, incomplete URL validation can allow users to bypass authentication for access to the job queue dashboard. Version 12.121.9 contains a fix for this issue. As a workaround, it may be possibl...

Fedora 41 : jupyterlab / python-notebook (2024-4b5f3d51ca)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-4b5f3d51ca advisory. Update jupyterlab and python-notebook to fix CVE-2024-43805. Tenable has extracted the preceding description block directly from the Fedora security advisory...

openSUSE Security Advisory (openSUSE-SU-2024:0352-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : python-jupyterlab (openSUSE-SU-2024:0352-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0352-1 advisory. - Build the full pacakge with the javascript dependencies as a new source in vendor.tar.gz. - CVE-2024-43805: Fixed data access via malicious Markdown du...

Security update for python-jupyterlab (moderate)

openSUSE Security Update: Security update for python-jupyterlab Announcement ID: openSUSE-SU-2024:0352-1 Rating: moderate References: 1229914 Cross-References: CVE-2024-43805 CVSS scores: CVE-2024-43805 SUSE: 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L Affected Products: openSUSE Backports...

Fedora: Security Advisory (FEDORA-2024-a3a82a256d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : jupyterlab / python-jupyterlab-server / python-notebook (2024-a3a82a256d)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-a3a82a256d advisory. Update jupyterlab and python-notebook to fix CVE-2024-43805. Tenable has extracted the preceding description block directly from the Fedora security advisory...

Jupyter Notebook Python Library 7.0.0 < 7.2.2 (CVE-2024-43805)

Jupyter Notebook is an extensible environment for interactive and reproducible computing. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked...

Jupyterlab Python Library < 3.6.8 / 4.0 < 4.2.5 (CVE-2024-43805)

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...

a2 (>=0.1.0 <=0.3.17), aerocm (>=0.1.1b0 <=0.2.0b0) +188 more potentially affected by CVE-2024-43805 via jupyterlab (>=4.0.0 <=4.2.4)

jupyterlab PYPI version =4.0.0, =0.1.0, =0.1.1b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =0.1.1, =0.6.4, =0.8.0, =1.0.1, =1.6.4, =0.0.1, =0.0.4a0, =0.2.2, =0.0.1, =0.0.8.post4 and more Source cves: CVE-2024-43805 Source advisory: OSV:GHSA-9Q39-RMJ3-P4R2...

alactions (>=0.0.7 <=0.0.11), ale-uy (=1.5.0) +72 more potentially affected by CVE-2024-43805 via notebook (>=7.0.0 <=7.2.1)

notebook PYPI version =7.0.0, =0.0.7, =1.0.1, =1.6.4, =0.0.1, =0.0.1, =0.1.8, =0.0.2, =0.20.0, =1.0.0, =0.3.2, =0.4.0 and more Source cves: CVE-2024-43805 Source advisory: OSV:GHSA-9Q39-RMJ3-P4R2...

CVE-2024-43805 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...

CVE-2023-43805

creationtimestamp| type| source ---|---|--- 2023-10-05 00:13:36+00:00| seen| https://t.me/cibsecurity/71641...

CVE-2023-43805 Nexkey allows users to bypass authentication of Bull dashboard

Nexkey is a fork of Misskey, an open source, decentralized social media platform. Prior to version 12.121.9, incomplete URL validation can allow users to bypass authentication for access to the job queue dashboard. Version 12.121.9 contains a fix for this issue. As a workaround, it may be possibl...

CVE-2023-43805

Nexkey (Misskey fork) pre-12.121.9 is vulnerable due to incomplete URL validation, allowing bypass of authentication for access to the job queue dashboard. The issue is fixed in version 12.121.9. As a workaround, operators have used access-blocking measures (e.g., WAF rules like Cloudflare) to mi...

CVE-2022-43805

To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...

CVE-2022-43805

Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...

CVE-2021-43805

creationtimestamp| type| source ---|---|--- 2021-12-07 20:22:15+00:00| published-proof-of-concept| https://t.me/cibsecurity/33493...