3 matches found
Cross-site Scripting (XSS)
Overview @jupyterlab/notebook-extension is a JupyterLab - Notebook Extension Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitrary...
@datalayer/jupyter-react (>=0.0.6 <=0.9.5), @jupyter-notebook/lab-extension (>=7.1.0 <=7.4.7) +9 more potentially affected by CVE-2026-42557 via @jupyterlab/notebook (>=4.0.0-alpha.11 <=4.5.1)
@jupyterlab/notebook NPM version =4.0.0-alpha.11, =0.0.6, =7.1.0, =7.1.0, =0.0.23, =5.3.6, =1.0.0, =1.4.0 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABNOTEBOOK-16438957...
Cross-site Scripting (XSS)
Overview @jupyterlab/notebook is a JupyterLab - Notebook Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitrary commands, including code...