Linux Distros Unpatched Vulnerability : CVE-2026-42266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the...

JupyterLab 参数注入漏洞

JupyterLab is an open-source extension for interactive and reproducible computing environments, based on Jupyter Notebooks and their architecture. Versions 4.0.0 to 4.5.6 of JupyterLab contain a parameter injection vulnerability. This vulnerability arises from improper execution of the allowlist...

PT-2026-37256

Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 4.5.7 Description The PyPI Extension Manager does not correctly enforce the allowed extensions uris allow-list, allowing the installation of packages not listed on the default PyPI index. This issue affects...

EUVD-2024-0248

Malicious code in bioql PyPI...

EUVD-2024-2550

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-43805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on us...

JupyterLab Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of JupyterLab. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the vulnerability is triggered only when a...

CVE-2024-22421

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

SUSE CVE-2024-43805

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...

UBUNTU-CVE-2024-43805

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user c...

CVE-2024-22420 Stored cross site scripting in Markdown Preview in JupyterLab

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicious Markdown file using JupyterLab preview feature. A malicious user can access any data that the...

CVE-2024-22421 Potential authentication and CSRF tokens leak in JupyterLab

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

corradin-opioid-project (=0.1.0), eflow (=0.1.3) +7 more potentially affected by CVE-2021-32797 via jupyterlab (>=0.31.1 <=1.1.4)

jupyterlab PYPI version =0.31.1, =0.9.0, =0.1.1, =0.2.41, =0.2.90 Source cves: CVE-2021-32797 Source advisory: OSV:GHSA-4952-P58Q-6CRX...

cadlabs-ethereum-economic-model (=0.0.2a0), humlab-inidun (>=0.3.8 <=0.3.10) +3 more potentially affected by CVE-2021-32797 via jupyterlab (>=3.0.14 <=3.0.16)

jupyterlab PYPI version =3.0.14, =0.3.8, =0.5.10, =0.1.4, =0.1.5 Source cves: CVE-2021-32797 Source advisory: OSV:GHSA-4952-P58Q-6CRX...

cadlabs-ethereum-economic-model (=0.0.2a0), dimbridge (=0.2.0) +4 more potentially affected by CVE-2021-32797 via jupyterlab (>=3.0.0 <=3.0.16)

jupyterlab PYPI version =3.0.0, =0.3.8, =0.5.10, =0.1.4, =0.1.5 Source cves: CVE-2021-32797 Source advisory: OSV:PYSEC-2021-130...