Lucene search
K

6 matches found

CVE
CVE
added 2026/05/06 7:36 p.m.17 views

CVE-2026-40171

CVE-2026-40171 affects Jupyter components prior to fixes: Notebook 7.0.0–7.5.5, JupyterLab up to 4.5.6, and related help extensions (@jupyter-notebook/help-extension, @jupyterlab/help-extension). The root cause is a stored XSS in the CommandLinker used by the Help Extension, which can be chained ...

8.4CVSS6AI score0.00476EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/06 7:36 p.m.15 views

CVE-2026-40171

In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 and 4.5.7, a stored cross-site scripting issue in the help command linker can be chained with...

8.4CVSS6AI score0.00476EPSS
Exploits0
Snyk
Snyk
added 2026/02/03 7:22 p.m.5 views

Improper Encoding or Escaping of Output

Overview HtmlSanitizer is a Cleans HTML from constructs that can be used for cross site scripting XSS. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in the template tag handling. An attacker can inject and execute arbitrary scripts by crafting HTML...

6.3CVSS5.6AI score0.00241EPSS
Exploits0References2
OSV
OSV
added 2024/12/02 10:15 p.m.2 views

UBUNTU-CVE-2024-53988

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

6.1CVSS7.3AI score0.00435EPSS
Exploits0References4
OSV
OSV
added 2024/12/02 10:15 p.m.3 views

UBUNTU-CVE-2024-53987

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

6.1CVSS7.3AI score0.00435EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.9 views

PT-2024-22616 · Unknown · Swift Prometheus

Name of the Vulnerable Software and Affected Versions: Swift Prometheus versions prior to 2.0.0-alpha.2 Description: The issue arises when un-sanitized string values are applied into metric names or labels, allowing an attacker to send a ?lang query parameter with newlines, or similar characters...

5.9CVSS6.8AI score0.00645EPSS
Exploits1References8
Rows per page
Query Builder