7 matches found
Fedora 28 : python-notebook (2018-b9581d9624)
Security fix for CVE-2018-19351, CVE-2018-19352 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 29 : python-notebook (2018-b792d607fd)
Update to 5.7.2, fix CVE-2018-19351, CVE-2018-19352 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for python-notebook FEDORA-2018-b9581d9624
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ASA-201812-1] jupyter-notebook: cross-site scripting
Arch Linux Security Advisory ASA-201812-1 ========================================= Severity: Medium Date : 2018-12-06 CVE-ID : CVE-2018-19351 CVE-2018-19352 Package : jupyter-notebook Type : cross-site scripting Remote : No Link : https://security.archlinux.org/AVG-820 Summary ======= The packag...
CVE-2018-19352
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely...
CVE-2018-19352
The CVE-2018-19352 issue affects Jupyter Notebook prior to 5.7.2. The root cause is unsafe handling in the tree view, specifically crafted directory names (in notebook/static/tree/js/notebooklist.js) that allow cross‑site scripting. Impact per the sources: a remote attacker can execute JavaScript...
CVE-2018-19352
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely...