11 matches found
PYSEC-2026-169
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2026-23528
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
GHSA-29GW-9793-FVW7 IPython vulnerable to command injection via set_term_title
IPython provides an interactive Python shell and Jupyter kernel to use Python interactively. Versions prior to 8.10.0 are vulnerable to command injection in the settermtitle function under specific conditions. This has been patched in version 8.10.0. Impact Users are only vulnerable when calling...
fairing (>=0.0.2 <=0.0.3), hugo-jupyter (>=0.2.1 <=0.3.0) +7 more potentially affected by CVE-2021-32798 via notebook (>=4.2.3 <=5.7.10)
notebook PYPI version =4.2.3, =0.0.2, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2021-32798 Source advisory: OSV:GHSA-HWVQ-6GJX-J797...
fairing (>=0.0.2 <=0.0.3), hugo-jupyter (>=0.2.1 <=0.3.0) +7 more potentially affected by CVE-2021-32797 via notebook (>=4.2.3 <=5.7.10)
notebook PYPI version =4.2.3, =0.0.2, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2021-32797 Source advisory: OSV:GHSA-4952-P58Q-6CRX...
hugo-jupyter (>=0.2.1 <=0.3.0), ipynb-path (>=0.1.2 <=0.1.3) +3 more potentially affected by CVE-2018-21030 via notebook (>=4.2.3 <=5.4.1)
notebook PYPI version =4.2.3, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2018-21030 Source advisory: OSV:GHSA-JQWC-JM56-WCWJ...
hugo-jupyter (>=0.2.1 <=0.3.0), ipynb-path (>=0.1.2 <=0.1.3) +3 more potentially affected by CVE-2018-21030 via notebook (>=4.2.3 <=5.4.1)
notebook PYPI version =4.2.3, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2018-21030 Source advisory: OSV:PYSEC-2019-157...
fairing (>=0.0.2 <=0.0.3), hugo-jupyter (>=0.2.1 <=0.3.0) +6 more potentially affected by CVE-2018-19351 via notebook (>=4.2.3 <=5.7.0)
notebook PYPI version =4.2.3, =0.0.2, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2018-19351 Source advisory: OSV:GHSA-49QR-XH3W-H436...
fairing (>=0.0.2 <=0.0.3), hugo-jupyter (>=0.2.1 <=0.3.0) +6 more potentially affected by CVE-2018-19351 via notebook (>=4.2.3 <=5.7.0)
notebook PYPI version =4.2.3, =0.0.2, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2018-19351 Source advisory: OSV:PYSEC-2018-17...
hugo-jupyter (>=0.2.1 <=0.3.0), ipynb-path (>=0.1.2 <=0.1.3) +2 more potentially affected by CVE-2018-8768 via notebook (>=4.2.3 <=5.0.0)
notebook PYPI version =4.2.3, =0.2.1, =0.1.2, =0.5.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2018-8768 Source advisory: OSV:GHSA-6CWV-X26C-W2Q4...
hugo-jupyter (>=0.2.1 <=0.3.0), ipynb-path (>=0.1.2 <=0.1.3) +2 more potentially affected by CVE-2018-8768 via notebook (>=4.2.3 <=5.0.0)
notebook PYPI version =4.2.3, =0.2.1, =0.1.2, =0.5.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2018-8768 Source advisory: OSV:PYSEC-2018-57...