notebook@5.7.6 vulnerabilities
Jupyter Notebook - A web-based notebook environment for interactive computing
-
latest version
7.2.2
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
3 months ago
-
licenses detected
- [0.0.0,7.0.0a5)
Direct Vulnerabilities
Known vulnerabilities in the notebook package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Affected versions of this package are vulnerable to Access Restriction Bypass. When a fully authenticated request is sent to the notebook server which is configured with How to fix Access Restriction Bypass? Upgrade |
[,6.4.12)
|
notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Affected versions of this package are vulnerable to Information Exposure by storing sensitive authentication cookies and other header values whenever an HTTP 5XX error is triggered in the server logs by default. How to fix Information Exposure? Upgrade |
[,6.4.10)
|
notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Affected versions of this package are vulnerable to Arbitrary Code Execution. An untrusted notebook can execute code on load due to failure of sanitizing special elements into a different plane. How to fix Arbitrary Code Execution? Upgrade |
[,5.7.11)
[6.0.0,6.4.1)
|
notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Affected versions of this package are vulnerable to Open Redirect. It is possible to maliciously craft links can only be reasonably made for known notebook server hosts. This could be used to redirect to a spoofed server on the public internet. How to fix Open Redirect? Upgrade |
[,6.1.5)
|
notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Affected versions of this package are vulnerable to Open Redirect via an empty How to fix Open Redirect? Upgrade |
[,5.7.8)
|
notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a How to fix Cross-site Scripting (XSS)? Upgrade |
[,5.7.7)
|