Lucene search
K

130 matches found

OSV
OSV
added 2026/01/16 5:15 p.m.8 views

PYSEC-2026-169

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

6.1CVSS5.8AI score0.00205EPSS
Exploits0References2
OSV
OSV
added 2026/01/16 5:15 p.m.4 views

UBUNTU-CVE-2026-23528

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

6.1CVSS5.8AI score0.00205EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/01/16 4:58 p.m.17 views

Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard

Impact When Jupyter Lab, jupyter-server-proxy and Dask distributed are all run together it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask dashboard. It is possible for attackers to craft a phishing URL that assumes...

6.1CVSS6.2AI score0.00205EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/01/16 4:58 p.m.1 views

GHSA-C336-7962-WFJ2 Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard

Impact When Jupyter Lab, jupyter-server-proxy and Dask distributed are all run together it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask dashboard. It is possible for attackers to craft a phishing URL that assumes...

5.3CVSS6.2AI score0.00205EPSS
Exploits0References5
EUVD
EUVD
added 2026/01/16 4:44 p.m.9 views

EUVD-2026-2922

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

5.3CVSS6.1AI score0.00205EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/01/16 4:44 p.m.6 views

CVE-2026-23528

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

6.1CVSS5.8AI score0.00205EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/16 4:44 p.m.3 views

CVE-2026-23528 Dask distributed Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

5.3CVSS6.3AI score0.00205EPSS
Exploits0References2
CVE
CVE
added 2026/01/16 4:44 p.m.30 views

CVE-2026-23528

CVE-2026-23528 affects Dask distributed versions prior to 2026.1.0 when used with Jupyter Lab and jupyter-server-proxy. A cross-site scripting (XSS) vulnerability in the Dask dashboard can be triggered by a crafted URL, causing code execution in the default Jupyter Python kernel via the Jupyter L...

6.1CVSS6.3AI score0.00205EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/16 4:44 p.m.2 views

CVE-2026-23528

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

5.3CVSS5.6AI score0.00205EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/16 4:44 p.m.61 views

CVE-2026-23528 Dask distributed Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

5.3CVSS0.00205EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/01/16 4:44 p.m.5 views

CVE-2026-23528

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

6.1CVSS5.3AI score0.00205EPSS
Exploits0
OSV
OSV
added 2026/01/16 4:44 p.m.5 views

CVE-2026-23528 Dask distributed Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

5.3CVSS6.6AI score0.00205EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

Distributed security vulnerabilities

Distributed is a distributed task scheduler developed by Dask. Versions prior to Distributed 2026.1.0 contained a security vulnerability. This vulnerability stemmed from a cross-site scripting error in the Dask dashboard, which could allow code execution through a phishing URL...

6.1CVSS6AI score0.00205EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/16 12:0 a.m.6 views

CVE-2026-23528

Dask distributed is a distributed task scheduler for Dask. Prior to 2026.1.0, when Jupyter Lab, jupyter-server-proxy, and Dask distributed are all run together, it is possible to craft a URL which will result in code being executed by Jupyter due to a cross-side-scripting XSS bug in the Dask...

6.1CVSS5.9AI score0.00205EPSS
Exploits0References3
Wolfi
Wolfi
added 2026/01/08 1:48 a.m.13 views

CVE-2025-69228 vulnerabilities

Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...

8.7CVSS7.1AI score0.00347EPSS
Exploits0
Wolfi
Wolfi
added 2026/01/08 1:48 a.m.5 views

CVE-2025-69224 vulnerabilities

Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...

6.5CVSS6.8AI score0.00213EPSS
Exploits0
Wolfi
Wolfi
added 2026/01/08 1:48 a.m.13 views

CVE-2025-69226 vulnerabilities

Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...

6.3CVSS6.8AI score0.00313EPSS
Exploits0
Wolfi
Wolfi
added 2026/01/08 1:48 a.m.3 views

GHSA-54JQ-C3M8-4M76 vulnerabilities

Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/01/08 1:48 a.m.6 views

CVE-2025-69225 vulnerabilities

Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...

6.9CVSS6.8AI score0.00236EPSS
Exploits0
Wolfi
Wolfi
added 2026/01/08 1:48 a.m.3 views

GHSA-MQQC-3GQH-H2X8 vulnerabilities

Vulnerabilities for packages: dask-kubernetes, open-webui, py3-cassandra-medusa, kserve, checkov, kubeflow-pipelines-visualization-server...

5.9AI score
Exploits0
Rows per page
Query Builder