Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
JupyterNotebook

3 matches found

CVE
CVEadded 2018/03/18 6:29 a.m.91 views

CVE-2018-8768

In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.

7.8CVSS6AI score0.00116EPSS
CVE
CVEadded 2018/11/18 5:29 p.m.85 views

CVE-2018-19351

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHan...

6.1CVSS5.5AI score0.00182EPSS
CVE
CVEadded 2018/11/18 5:29 p.m.77 views

CVE-2018-19352

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.

6.1CVSS5.6AI score0.00277EPSS