Linux Distros Unpatched Vulnerability : CVE-2024-43805

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on us...

GHSA-GJ55-2XF9-67RQ HTML injection in JupyterLite leading to DOM Clobbering

Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data accessible from JupyterLite and perform arbitrary actions in JupyterLite environment. Patches JupyterLi...

GHSA-9Q39-RMJ3-P4R2 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering

Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...

PT-2024-30672

Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 3.6.8 JupyterLab versions prior to 4.2.5 Jupyter Notebook versions prior to 7.2.2 Description This issue depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using...