CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1255 matches found

NCSC•added 2021/08/10 12:0 a.m.•3 views

Vulnerability fixed in Jupyter notebook

Jupyter has fixed a vulnerability in notebook. The vulnerability is known as a so-called Cross-Site-Scripting XSS. The vulnerability allows a malicious person to execute arbitrary code under the privileges of the victim. To do this, the malicious party must induce the victim to to follow a rogue...

10CVSS7.2AI score0.00172EPSS

Exploits1

NVD•added 2021/08/09 9:15 p.m.•8 views

CVE-2021-32797

JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesn’t sanitize the action attribute of html . Using this it is possible to trigger the form...

9.6CVSS0.0087EPSS

Exploits1References2

OSV•added 2021/08/09 9:15 p.m.•20 views

CVE-2021-32798

The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim...

9.6CVSS9.2AI score

Exploits0References2

NVD•added 2021/08/09 9:15 p.m.•16 views

CVE-2021-32798

10CVSS0.00172EPSS

Exploits1References2

OSV•added 2021/08/09 9:15 p.m.•1 views

DEBIAN-CVE-2021-32798

9.6CVSS8.9AI score0.00172EPSS

Exploits1References1

Prion•added 2021/08/09 9:15 p.m.•14 views

Design/Logic Flaw

6.8CVSS9AI score0.00172EPSS

Exploits1References2Affected Software1

PyPA•added 2021/08/09 9:15 p.m.•14 views

PYSEC-2021-118

10CVSS7.2AI score0.00172EPSS

Exploits1References2Affected Software1

OSV•added 2021/08/09 9:15 p.m.•1 views

PYSEC-2021-118

10CVSS7.5AI score0.00172EPSS

Exploits1References2

vulnersOsv•added 2021/08/09 9:15 p.m.•1 views

nbfancy (=0.1.0a3), sphinx-markdown-builder (=0.0.5) potentially affected by CVE-2021-32798 via notebook (>=5.7.0 <=5.7.10)

notebook PYPI version =5.7.0, =5.7.10 is affected by a known vulnerability. The following packages have a transitive dependency on notebook and may be impacted: - nbfancy =0.1.0a3 - sphinx-markdown-builder =0.0.5 Source cves: CVE-2021-32798 Source advisory: OSV:PYSEC-2021-118...

10CVSS7.2AI score0.00172EPSS

Exploits1

UbuntuCve•added 2021/08/09 9:15 p.m.•35 views

CVE-2021-32798

10CVSS7.5AI score0.00172EPSS

Exploits1References3

PyPA•added 2021/08/09 9:15 p.m.•3 views

PYSEC-2021-130

9.6CVSS7.8AI score0.0087EPSS

Exploits1References2Affected Software1

OSV•added 2021/08/09 9:15 p.m.•1 views

UBUNTU-CVE-2021-32798

10CVSS7.7AI score0.00172EPSS

Exploits1References4

Debian CVE•added 2021/08/09 8:50 p.m.•20 views

CVE-2021-32798

10CVSS9.5AI score0.00172EPSS

Exploits1

Cvelist•added 2021/08/09 8:50 p.m.•15 views

CVE-2021-32798 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook

10CVSS9.6AI score0.00172EPSS

Exploits1References2

CVE•added 2021/08/09 8:50 p.m.•131 views

CVE-2021-32798

CVE-2021-32798 affects Jupyter Notebook. An untrusted notebook can execute code on load due to a Google Caja sanitization bypass, enabling a cross-site scripting (XSS) condition that could let an attacker run code via the victim’s Jupyter APIs after opening a crafted ipynb. Public disclosures ind...

10CVSS9.2AI score0.00172EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2021/08/09 12:0 a.m.•1 views

PT-2021-19938 · Unknown · Jupyterlab

Name of the Vulnerable Software and Affected Versions: JupyterLab versions prior to 1.2.21 JupyterLab versions prior to 2.2.10 JupyterLab versions prior to 2.3.2 JupyterLab versions prior to 3.0.17 JupyterLab versions prior to 3.1.4 Description: In affected versions, an untrusted notebook can...

9.6CVSS9.7AI score0.0087EPSS

Exploits1References17

CNNVD•added 2021/08/09 12:0 a.m.•5 views

Jupyter Notebook 跨站脚本漏洞

Jupyter Notebook is a suite of open source web applications for creating and sharing code and illustrative text documents. A security vulnerability exists in Jupyter notebook that stems from Jupyter Notebook using an unrecommended version of Google Caja to clean up user input. XSS can be triggere...

10CVSS8.7AI score0.00172EPSS

Exploits1References3

CNNVD•added 2021/08/09 12:0 a.m.•1 views

Jupyter Notebook 跨站脚本漏洞

Jupyter Notebook is a suite of open source web applications for creating and sharing code and illustrative text documents. Jupyter Notebook suffers from a cross-site scripting vulnerability that stems from the fact that in the affected version, untrusted notes can execute code on load and Jupyter...

9.6CVSS8.5AI score0.0087EPSS

Exploits1References4

Positive Technologies•added 2021/08/05 12:0 a.m.•2 views

PT-2021-6459 · Unknown +1 · Jupyter Notebook +1

Name of the Vulnerable Software and Affected Versions: Jupyter Notebook versions prior to 5.7.11 Jupyter Notebook versions prior to 6.4.1 Description: The issue is related to the incorrect filtering of special symbols in the Caja component of the Jupyter Notebook environment, allowing a remote...

10CVSS6.9AI score0.01532EPSS

Exploits5References24

IBM Security Bulletins•added 2021/07/29 7:55 a.m.•57 views

Security Bulletin: i2 Analyze has an information disclosure vulnerability (CVE-2019-17638)

Summary i2 Analyze uses a version of Jetty wth known vulnerabilities. Vulnerability Details CVEID: CVE-2019-17638 DESCRIPTION: Eclipse Jetty, as bundled in Jenkins, could allow a remote attacker to obtain sensitive information, caused by an issue with corrupt HTTP response buffer being sent to...

9.4CVSS1.1AI score0.30928EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by