130 matches found
PYSEC-2026-169
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
UBUNTU-CVE-2026-23528
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard
Impact When Jupyter Lab, jupyter-server-proxy and Dask distributed are all run together it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask dashboard. It is possible for attackers to craft a phishing URL that assumes...
GHSA-C336-7962-WFJ2 Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard
Impact When Jupyter Lab, jupyter-server-proxy and Dask distributed are all run together it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask dashboard. It is possible for attackers to craft a phishing URL that assumes...
EUVD-2026-2922
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2026-23528
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2026-23528 Dask distributed Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2026-23528
CVE-2026-23528 affects Dask distributed versions prior to 2026.1.0 when used with Jupyter Lab and jupyter-server-proxy. A cross-site scripting (XSS) vulnerability in the Dask dashboard can be triggered by a crafted URL, causing code execution in the default Jupyter Python kernel via the Jupyter L...
CVE-2026-23528
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2026-23528 Dask distributed Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2026-23528
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2026-23528 Dask distributed Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
Distributed security vulnerabilities
Distributed is a distributed task scheduler developed by Dask. Versions prior to Distributed 2026.1.0 contained a security vulnerability. This vulnerability stemmed from a cross-site scripting error in the Dask dashboard, which could allow code execution through a phishing URL...
CVE-2026-23528
Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...
CVE-2025-69228 vulnerabilities
Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...
CVE-2025-69224 vulnerabilities
Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...
CVE-2025-69226 vulnerabilities
Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...
GHSA-54JQ-C3M8-4M76 vulnerabilities
Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...
CVE-2025-69225 vulnerabilities
Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...
GHSA-MQQC-3GQH-H2X8 vulnerabilities
Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...