Lucene search
+L

137 matches found

OSV
OSV
added 2026/04/21 12:14 a.m.4 views

CVE-2026-39377 nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The...

6.5CVSS6.1AI score0.00266EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.12 views

nbconvert 路径遍历漏洞

nbconvert is a format conversion library from the Jupyter organization. It converts Jupyter .ipynb notebook files into other static formats, including HTML, LaTeX, PDF, Markdown, etc. Version 6.5 to 7.17.0 of nbconvert has a path traversal vulnerability. This vulnerability arises when...

6.5CVSS5.9AI score0.00306EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.11 views

nbconvert 路径遍历漏洞

nbconvert is a format conversion library from the Jupyter organization. It converts Jupyter .ipynb notebook files into other static formats, including HTML, LaTeX, PDF, Markdown, etc. Version 6.5 to 7.17.0 of nbconvert has a path traversal vulnerability. This vulnerability stems from the improper...

6.5CVSS5.9AI score0.00266EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.5 views

PT-2026-33878

Name of the Vulnerable Software and Affected Versions nbconvert versions 6.5 through 7.17.0 Description The nbconvert tool converts Jupyter notebooks to various formats using Jinja templates. A path traversal issue exists where the ExtractAttachmentsPreprocessor function passes attachment filenam...

6.5CVSS5.9AI score0.00306EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.6 views

PT-2026-33879

Name of the Vulnerable Software and Affected Versions nbconvert versions 6.5 through 7.17.0 Description The nbconvert tool converts Jupyter notebooks to various formats using Jinja templates. When the HTMLExporter.embed images variable is set to True, the markdown renderer allows arbitrary file...

6.5CVSS5.8AI score0.00306EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-39377

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file...

6.5CVSS6.2AI score0.00266EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-39378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when...

6.5CVSS6.2AI score0.00306EPSS
Exploits0References3
Wolfi
Wolfi
added 2026/01/30 1:48 a.m.15 views

CVE-2025-53000 vulnerabilities

Vulnerabilities for packages: py3-nbconvert...

8.5CVSS5.9AI score0.00238EPSS
Exploits1
Wolfi
Wolfi
added 2026/01/30 1:48 a.m.6 views

GHSA-XM59-RQC7-HHVF vulnerabilities

Vulnerabilities for packages: py3-nbconvert...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/30 1:17 a.m.6 views

GHSA-XM59-RQC7-HHVF vulnerabilities

Vulnerabilities for packages: py3-nbconvert...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/30 1:17 a.m.25 views

CVE-2025-53000 vulnerabilities

Vulnerabilities for packages: py3-nbconvert...

8.5CVSS5.9AI score0.00238EPSS
Exploits1
OSV
OSV
added 2025/12/18 10:3 p.m.9 views

GHSA-XM59-RQC7-HHVF nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

Summary On Windows, converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a inkscape.bat file that defines a Windows batch script, capable of arbitrary code execution. When a user runs jupyter nbconvert --to pdf on a...

8.5CVSS7.5AI score0.00238EPSS
Exploits1References8
vulnersOsv
vulnersOsv
added 2025/12/18 10:3 p.m.6 views

a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +354 more potentially affected by CVE-2025-53000 via nbconvert (>=4.2.0 <=7.16.6)

nbconvert PYPI version =4.2.0, =0.0.0, =0.3.0, =1.0.0, =1.3.4, =0.9.5, =0.1.0, =0.18.3, =1.0.0, =0.1.1, =1.0.1, =1.0.1, =1.0.1, =1.0.14 and more Source cves: CVE-2025-53000 Source advisory: OSV:GHSA-XM59-RQC7-HHVF...

8.5CVSS5.7AI score0.00238EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2025/12/18 10:3 p.m.15 views

nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

Summary On Windows, converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a inkscape.bat file that defines a Windows batch script, capable of arbitrary code execution. When a user runs jupyter nbconvert --to pdf on a...

8.5CVSS7.6AI score0.00238EPSS
Exploits1References8Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/18 3:23 p.m.9 views

CVE-2025-53000

A flaw was found in nbconvert, specifically in the jupyter nbconvert tool on Windows. A third party can exploit this vulnerability by creating a malicious inkscape.bat file in a directory. When a user then converts a Jupyter notebook containing SVG output to a PDF from this directory, the malicio...

8.5CVSS7AI score0.00238EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-53000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6...

8.5CVSS5.9AI score0.00238EPSS
Exploits1References2
NVD
NVD
added 2025/12/17 9:16 p.m.10 views

CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS0.00238EPSS
Exploits1References6
OSV
OSV
added 2025/12/17 9:16 p.m.3 views

DEBIAN-CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS7.3AI score0.00238EPSS
Exploits1References1
OSV
OSV
added 2025/12/17 9:16 p.m.7 views

UBUNTU-CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS6AI score0.00238EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/12/17 9:16 p.m.5 views

CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS5.9AI score0.00238EPSS
Exploits1References2
Rows per page
Query Builder