10 matches found
CVE-2026-42557 vulnerabilities
Vulnerabilities for packages: datahub-ingestion-fips...
CVE-2026-42557
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...
Jupyter Notebook Python Library 7.0.0 < 7.5.6 (CVE-2026-42557)
Jupyter Notebook is an extensible environment for interactive and reproducible computing. The version of Jupyter Notebook installed on the remote host is 7.0.0 prior to 7.5.6. It is, therefore, affected by a vulnerability: - JupyterLab's command linker attributes in HTML enable one-click command...
@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @fails-components/jupyter-applet-view (>=0.0.1-alpha.3 <=0.0.4) +21 more potentially affected by CVE-2026-42557 via @jupyterlab/apputils (>=4.0.0-alpha.11 <=4.5.10)
@jupyterlab/apputils NPM version =4.0.0-alpha.11, =0.0.6, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =0.2.0, =0.6.0, =0.6.0, =0.6.0-alpha.3, =0.6.0-alpha.9 and more Source cves: CVE-2026-42557 Source advisory:...
@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @jupyter-notebook/lab-extension (>=7.1.0 <=7.4.7) +9 more potentially affected by CVE-2026-42557 via @jupyterlab/notebook (>=4.0.0-alpha.11 <=4.5.1)
@jupyterlab/notebook NPM version =4.0.0-alpha.11, =0.0.6, =7.1.0, =7.1.0, =0.0.23, =5.3.6, =1.0.0, =1.4.0 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABNOTEBOOK-16438957...
@fails-components/jupyter-applet-view (>=0.0.1-alpha.3 <=0.0.1-alpha.18), @fails-components/jupyter-filesystem-extension (>=0.0.1-alpha.3 <=0.0.1-alpha.18) +3 more potentially affected by CVE-2026-42557 via @jupyterlab/help-extension (>=4.0.13 <=4.4.10)
@jupyterlab/help-extension NPM version =4.0.13, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.0.1-alpha.3, =0.2.0, =0.6.0-alpha.9 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABHELPEXTENSION-16438961...
a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +632 more potentially affected by CVE-2026-42557 via jupyterlab (>=0.31.1 <=4.5.6)
jupyterlab PYPI version =0.31.1, =0.1.0, =0.1.0b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =2.0.0, =0.1.1, =0.1.0, =3.0.0, =4.33.0, =5.0.0 and more Source cves: CVE-2026-42557 Source advisory: OSV:GHSA-MQCG-5X36-VFCG...
a-mailx (=0.1.0), aaa-ml-datasets-course (=1.0.0) +105 more potentially affected by CVE-2026-42557 via notebook (>=7.0.0 <=7.5.5)
notebook PYPI version =7.0.0, =0.0.7, =1.0.1, =0.1.0, =1.6.4, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =0.1.8, =0.0.2, =0.0.6 - compare-my-stocks =1.0.5 and more Source cves: CVE-2026-42557 Source advisory: OSV:GHSA-MQCG-5X36-VFCG...
@datalayer/jupyter-react (=0.9.5) potentially affected by CVE-2026-42557 via @jupyterlab/markdownviewer-extension (=4.1.0-beta.0)
@jupyterlab/markdownviewer-extension NPM version =4.1.0-beta.0 is affected by a known vulnerability. The following packages have a transitive dependency on @jupyterlab/markdownviewer-extension and may be impacted: - @datalayer/jupyter-react =0.9.5 Source cves: CVE-2026-42557 Source advisory:...
@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @mrawdon/jupyter-react (>=0.0.23 <=0.0.32) potentially affected by CVE-2026-42557 via @jupyterlab/rendermime-extension (>=4.0.0-alpha.11 <=4.1.0-beta.0)
@jupyterlab/rendermime-extension NPM version =4.0.0-alpha.11, =0.0.6, =0.0.23, =0.0.32 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABRENDERMIMEEXTENSION-16438958...