249 matches found
CVE-2015-7337
CVE-2015-7337 — IPython Notebook/Jupyter Notebook MIME-type handling flaw . The vulnerability affects IPython Notebook versions before 3.2.2 and Jupyter Notebook versions before 4.0.5, where a crafted file can trigger a redirect to files/ and cause remote JavaScript execution. Root cause: imprope...
CVE-2015-7337
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types...
CVE-2015-7337
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types...
Fedora 23 : ipython-3.2.1-3.fc23 (2015-16128)
Add upstream patch to fix file execution vulnerability bug 1264067 ---- Add upstream patch to fix XSS vulnerability bug 1259405 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...
[SECURITY] Fedora 23 Update: ipython-3.2.1-3.fc23
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
IPython Notebook and Jupyter Notebook Cross-Site Scripting Vulnerabilities
IPython is an enhanced version of Python's native interactive shell developed by the IPython team.Notebook is one of the development environments.Jupyter Notebook is one of the suite of web applications for creating and sharing code and illustrative text documents. A cross-site scripting...
DEBIAN-CVE-2015-6938
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
CVE-2015-6938
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
PYSEC-2015-24
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
PYSEC-2015-26
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
CVE-2015-6938
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
PYSEC-2015-26
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
Cross site request forgery (csrf)
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
PYSEC-2015-24
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
UBUNTU-CVE-2015-6938
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
CVE-2015-6938
CVE-2015-6938 describes an XSS in the file browser of IPython Notebook/Jupyter Notebook. Affected products are IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5, where a folder name in the file browser notebook/notebookapp.py can be crafted to inject arbitrary web script or HT...
CVE-2015-6938
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
CVE-2015-6938
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
[SECURITY] Fedora 21 Update: ipython-2.4.1-8.fc21
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
[SECURITY] Fedora 22 Update: ipython-2.4.1-8.fc22
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...