Lucene search
K

52 matches found

OSV
OSV
added 2026/06/30 1:16 a.m.4 views

DEBIAN-CVE-2026-12243

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue 3504. The UNSAFENOPROTOCOLRE regex in nltk/data.py checks for literal ../ sequences but fails to account for percent-encoded traversal sequences such as ..%2f. The url2pathname function decodes...

7.5CVSS7.2AI score0.0051EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.17 views

JetBrains PyCharm 跨站脚本漏洞

JetBrains PyCharm is an integrated development environment IDE for Python language developed by the Czech company JetBrains. Versions of JetBrains PyCharm prior to 2025.3.4 contained a cross-site scripting vulnerability, which originated from Markdown cells in Jupyter notebooks, where a...

6.1CVSS5.6AI score0.00181EPSS
Exploits0References1
Fedora
Fedora
added 2026/05/17 12:50 a.m.18 views

[SECURITY] Fedora 43 Update: python-jupytext-1.19.1-4.fc43

Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...

9.8CVSS6.5AI score0.01735EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2026/04/21 1:16 a.m.6 views

CVE-2026-39377

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The...

6.5CVSS5.9AI score0.00266EPSS
Exploits0References2
OSV
OSV
added 2026/04/21 1:16 a.m.10 views

UBUNTU-CVE-2026-39378

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when HTMLExporter.embedimages=True, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references. A malicious notebook...

6.5CVSS5.9AI score0.00306EPSS
Exploits0References3
Fedora
Fedora
added 2026/02/04 2:11 a.m.6 views

[SECURITY] Fedora 43 Update: python-jupytext-1.19.1-1.fc43

Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...

8.2CVSS5.9AI score0.01535EPSS
Exploits0
Fedora
Fedora
added 2026/02/04 2:5 a.m.7 views

[SECURITY] Fedora 42 Update: python-jupytext-1.19.1-1.fc42

Have you always wished Jupyter notebooks were plain text documents? Wished you could edit them in your favorite IDE? And get clear and meaningful diffs when doing version control? Then... Jupytext may well be the tool you're looking for! Jupytext is a plugin for Jupyter that can save Jupyter...

8.2CVSS5.9AI score0.01535EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.6 views

CVE-2022-0427

Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover...

8.8CVSS6.4AI score0.00815EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.5 views

nbconvert 代码问题漏洞

nbconvert is a format conversion library organized by Jupyter. Converts Jupyter .ipynb notebook document files to another static format, including HTML, LaTeX, PDF, Markdown, and more. A code issue vulnerability exists in nbconvert 7.16.6 and earlier versions that stems from improper handling whe...

8.5CVSS7AI score0.00233EPSS
Exploits1References5
Imperva Blog
Imperva Blog
added 2025/12/16 7:43 p.m.7 views

Code Execution in Jupyter Notebook Exports

After our research on Cursor , in the context of developer-ecosystem security, we turn our attention to the Jupyter ecosystem. We expose security risks we identified in the notebook’s export functionality, in the default Windows environment, to help organizations better protect their assets and...

9.8CVSS9.1AI score0.03862EPSS
Exploits3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-13990

Malware in sbrugna...

5.5CVSS5.6AI score0.00515EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-15569

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00815EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:12 p.m.7 views

CVE-2021-27225

In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users who have coding permissions to read and overwrite notebooks in projects that they are not authorized to access...

5.5CVSS6.8AI score0.00515EPSS
Exploits0References1
Fedora
Fedora
added 2024/12/19 4:8 a.m.18 views

[SECURITY] Fedora 41 Update: python-nbdime-4.0.2-2.fc41

Nbdime provides tools for diffing and merging of Jupyter notebooks. - nbdiff: compare notebooks in a terminal-friendly way - nbmerge: three-way merge of notebooks with automatic conflict resolution - nbdiff-web: shows you a rich rendered diff of notebooks - nbmerge-web: gives you a web-based...

4.3CVSS6.6AI score0.00679EPSS
Exploits0
Fedora
Fedora
added 2024/12/19 4:1 a.m.18 views

[SECURITY] Fedora 40 Update: python-nbdime-4.0.2-2.fc40

Nbdime provides tools for diffing and merging of Jupyter notebooks. - nbdiff: compare notebooks in a terminal-friendly way - nbmerge: three-way merge of notebooks with automatic conflict resolution - nbdiff-web: shows you a rich rendered diff of notebooks - nbmerge-web: gives you a web-based...

4.3CVSS6.6AI score0.00679EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/19 2:0 p.m.10 views

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions...

7.4AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/15 9:18 p.m.11 views

Security Bulletin: Cross Site Scripting Vulnerability Affects IBM Watson Studio Local

Summary Cross Site Scripting Vulnerability Affects IBM Watson Studio Local Jupyter notebooks. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2024-49340 DESCRIPTION: IBM Watson Studio Local is vulnerable to cross-site request forgery which could allow an attacker to execut...

8.8CVSS6.9AI score0.00168EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2024/08/08 2:36 p.m.46 views

CVE-2024-41942 JupyterHub has a privilege escalation vulnerability with the `admin:users` scope

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that...

7.2CVSS0.0059EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 11:16 a.m.15 views

BIT-GITLAB-2022-0427

Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover...

8.8CVSS8.4AI score0.00815EPSS
Exploits1References4
OSV
OSV
added 2024/03/06 10:53 a.m.14 views

BIT-JUPYTERHUB-2021-41247 incomplete logout in JupyterHub

JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in the same browser session, may see incomplete logout from the single-user server, as fresh credentials for the single-user server only, not the Hub reinstated...

7.5CVSS7.5AI score0.00778EPSS
Exploits0References3
Rows per page
Query Builder