137 matches found
Uncontrolled Search Path Element
Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unsafe executable resolution when exporting notebooks containing SVG output to PDF. During export, the svg2pdf.py preprocessor resolves the inkscape executable using shutil.which, which on Windows...
a-mailx (=0.1.0), almax-common (>=0.9.5 <=1.0.2.dev20240601170722) +65 more potentially affected by CVE-2025-53000 via nbconvert (>=7.0.0 <=7.16.6)
nbconvert PYPI version =7.0.0, =0.9.5, =1.0.1, =1.0.1, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.10, =0.0.15, =0.1.3, =3.0.0, =0.0.1, =0.0.2 - fashiontrendforecasting =0.1.0 and more Source cves: CVE-2025-53000 Source advisory: SNYK:PYTHON-NBCONVERT-14463457...
CVE-2025-53000
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...
CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...
CVE-2025-53000
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...
CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...
CVE-2025-53000
The CVE-2025-53000 issue affects nbconvert (jupyter nbconvert) on Windows prior to 7.17.0, where exporting a notebook with SVG output to PDF could execute arbitrary code. The root cause is an unsafe search for the Inkscape executable: nbconvert’s svg2pdf.py uses shutil.which("inkscape"), which ma...
CVE-2025-53000 nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution...
nbconvert 代码问题漏洞
nbconvert is a format conversion library organized by Jupyter. Converts Jupyter .ipynb notebook document files to another static format, including HTML, LaTeX, PDF, Markdown, and more. A code issue vulnerability exists in nbconvert 7.16.6 and earlier versions that stems from improper handling whe...
EUVD-2018-0104
Malware in sbrugna...
EUVD-2022-0161
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-32862
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version o...
Fedora 38 : python-nbclient / python-nbconvert (2022-b910e3473f)
The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-b910e3473f advisory. New versions of nbclient and nbconvert. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...
Debian: Security Advisory (DLA-3863-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3863-1] nbconvert security update
Debian LTS Advisory DLA-3863-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 02, 2024 https://wiki.debian.org/LTS Package : nbconvert Version : 5.6.1-3+deb11u1 CVE ID : CVE-2021-32862 Alvaro Muñoz from the GitHub Security Lab discovered sixteen ways to...
Debian dla-3863 : jupyter-nbconvert - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3863 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3863-1 [email protected] https://www.debian.org/lts/security/...
Debian: Security Advisory (DLA-3442-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3442-1] nbconvert security update
Debian LTS Advisory DLA-3442-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 03, 2023 https://wiki.debian.org/LTS Package : nbconvert Version : 5.4-2+deb10u1 CVE ID : CVE-2021-32862 Alvaro Muñoz from the GitHub Security Lab discovered sixteen ways to exploit...
Debian dla-3442 : jupyter-nbconvert - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3442 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3442-1 [email protected] https://www.debian.org/lts/security/...
DLA-3442-1 nbconvert - security update
Bulletin has no description...