Lucene search
K

137 matches found

Snyk
Snyk
added 2025/12/17 8:38 p.m.4 views

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unsafe executable resolution when exporting notebooks containing SVG output to PDF. During export, the svg2pdf.py preprocessor resolves the inkscape executable using shutil.which, which on Windows...

8.5CVSS6AI score0.00233EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/12/17 8:38 p.m.6 views

a-mailx (=0.1.0), almax-common (>=0.9.5 <=1.0.2.dev20240601170722) +65 more potentially affected by CVE-2025-53000 via nbconvert (>=7.0.0 <=7.16.6)

nbconvert PYPI version =7.0.0, =0.9.5, =1.0.1, =1.0.1, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.10, =0.0.15, =0.1.3, =3.0.0, =0.0.1, =0.0.2 - fashiontrendforecasting =0.1.0 and more Source cves: CVE-2025-53000 Source advisory: SNYK:PYTHON-NBCONVERT-14463457...

8.5CVSS5.7AI score0.00233EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2025/12/17 8:27 p.m.3 views

CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS6AI score0.00233EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/12/17 8:27 p.m.3 views

CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS5.9AI score0.00233EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2025/12/17 8:27 p.m.5 views

CVE-2025-53000

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS5.8AI score0.00233EPSS
Exploits1
Cvelist
Cvelist
added 2025/12/17 8:27 p.m.33 views

CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS0.00233EPSS
Exploits1References6
CVE
CVE
added 2025/12/17 8:27 p.m.83 views

CVE-2025-53000

The CVE-2025-53000 issue affects nbconvert (jupyter nbconvert) on Windows prior to 7.17.0, where exporting a notebook with SVG output to PDF could execute arbitrary code. The root cause is an unsafe search for the Inkscape executable: nbconvert’s svg2pdf.py uses shutil.which("inkscape"), which ma...

8.5CVSS5.9AI score0.00233EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2025/12/17 8:27 p.m.4 views

CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...

8.5CVSS5.9AI score0.00233EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.5 views

nbconvert 代码问题漏洞

nbconvert is a format conversion library organized by Jupyter. Converts Jupyter .ipynb notebook document files to another static format, including HTML, LaTeX, PDF, Markdown, and more. A code issue vulnerability exists in nbconvert 7.16.6 and earlier versions that stems from improper handling whe...

8.5CVSS7AI score0.00233EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-0104

Malware in sbrugna...

6.1CVSS6.2AI score0.01511EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-0161

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.01102EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-32862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version o...

7.5CVSS6.7AI score0.01102EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.9 views

Fedora 38 : python-nbclient / python-nbconvert (2022-b910e3473f)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-b910e3473f advisory. New versions of nbclient and nbconvert. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

7.5CVSS6.7AI score0.01102EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/09/03 12:0 a.m.10 views

Debian: Security Advisory (DLA-3863-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.01102EPSS
Exploits1References2
Debian
Debian
added 2024/09/02 6:55 p.m.12 views

[SECURITY] [DLA 3863-1] nbconvert security update

Debian LTS Advisory DLA-3863-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 02, 2024 https://wiki.debian.org/LTS Package : nbconvert Version : 5.6.1-3+deb11u1 CVE ID : CVE-2021-32862 Alvaro Muñoz from the GitHub Security Lab discovered sixteen ways to...

7.5CVSS6.9AI score0.01102EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/02 12:0 a.m.16 views

Debian dla-3863 : jupyter-nbconvert - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3863 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3863-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS6.9AI score0.01102EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/06/05 12:0 a.m.10 views

Debian: Security Advisory (DLA-3442-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.6AI score0.01102EPSS
Exploits1References4
Debian
Debian
added 2023/06/03 1:46 p.m.22 views

[SECURITY] [DLA 3442-1] nbconvert security update

Debian LTS Advisory DLA-3442-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 03, 2023 https://wiki.debian.org/LTS Package : nbconvert Version : 5.4-2+deb10u1 CVE ID : CVE-2021-32862 Alvaro Muñoz from the GitHub Security Lab discovered sixteen ways to exploit...

7.5CVSS6.9AI score0.01102EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/06/03 12:0 a.m.27 views

Debian dla-3442 : jupyter-nbconvert - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3442 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3442-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS6.9AI score0.01102EPSS
Exploits1References4
OSV
OSV
added 2023/06/03 12:0 a.m.16 views

DLA-3442-1 nbconvert - security update

Bulletin has no description...

7.5CVSS6.2AI score0.01102EPSS
Exploits1
Rows per page
Query Builder