Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2025-191697
  • PyPI/caas-jupyter-tools
 Malicious code in caas-jupyter-tools (PyPI) 19 Aug 2025
  • No fix available
MAL-2025-6248
  • PyPI/foundry-jupyter-extension
 Malicious code in foundry-jupyter-extension (PyPI) 26 Jul 2025
  • No fix available
GHSA-33p9-3p43-82vq
  • PyPI/jupyter-core
 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability 04 Jun 2025
  • Fix available
  • Severity - 7.3 (High)
GHSA-vrq4-9hc3-cgp7
  • PyPI/jupyter-remote-desktop-proxy
 TigerVNC accessible via the network and not just via a UNIX socket as intended 12 Apr 2025
  • Fix available
  • Severity - 9.0 (Critical)
GHSA-9q39-rmj3-p4r2
  • PyPI/jupyterlab
  • PyPI/notebook
 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering 29 Aug 2024
  • Fix available
  • Severity - 8.8 (High)
MAL-2024-5287
  • PyPI/jupyter-pytest-fi-console
 Malicious code in jupyter-pytest-fi-console (PyPI) 25 Jun 2024
  • No fix available
PYSEC-2024-236
  • PyPI/jupyter-server-proxy
  • github.com/jupyterhub/jupyter-server-proxy
 See record for full details 11 Jun 2024
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-fvcq-4x64-hqxr
  • PyPI/jupyter-server-proxy
 Jupyter Server Proxy has a reflected XSS issue in host parameter 11 Jun 2024
  • Fix available
  • Severity - 9.6 (Critical)
GHSA-hrw6-wg82-cm62
  • PyPI/jupyter-server
 Jupyter server on Windows discloses Windows user password hash 06 Jun 2024
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2024-165
  • PyPI/jupyter-server
  • github.com/jupyter-server/jupyter_server
 See record for full details 06 Jun 2024
  • Fix available
  • Severity - 7.5 (High)
GHSA-v9g2-g7j4-4jxc
  • PyPI/jupyter-scheduler
 jupyter-scheduler's endpoint is missing authentication 23 May 2024
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2024-234
  • PyPI/jupyter-server-proxy
  • github.com/jupyterhub/jupyter-server-proxy
 See record for full details 20 Mar 2024
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-w3vc-fx9p-wp4v
  • PyPI/jupyter-server-proxy
 Jupyter Server Proxy's Websocket Proxying does not require authentication 20 Mar 2024
  • Fix available
  • Severity - 9.0 (Critical)
GHSA-44cc-43rp-5947
  • PyPI/jupyterlab
  • PyPI/notebook
 JupyterLab vulnerable to potential authentication and CSRF tokens leak 19 Jan 2024
  • Fix available
  • Severity - 7.6 (High)
GHSA-4m77-cmpx-vjc4
  • PyPI/jupyterlab
  • PyPI/notebook
 JupyterLab vulnerable to SXSS in Markdown Preview 19 Jan 2024
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-4qhp-652w-c22x
  • PyPI/jupyter-lsp
 Unsecured endpoints in the jupyter-lsp server extension 18 Jan 2024
  • Fix available
  • Severity - 7.3 (High)
Load more...(2 pages left)