OSV - Open Source Vulnerabilities

GHSA-m68r-v472-jgq9

PyPI/jupyterhub

JupyterHub has cross-origin form POSTs bypass XSRF (CWE-352)

05 May

Fix available
Severity - 5.4 (Medium)

GHSA-8mxq-7xr7-2fxj

PyPI/jupyterhub-ltiauthenticator

LTI JupyterHub Authenticator: Unbounded Memory Growth via Nonce Storage (Denial of Service)

03 Apr

Fix available
Severity - 5.9 (Medium)

GHSA-3vff-hjqv-m7h8

PyPI/jupyterhub

JupyterHub has an Open Redirect Vulnerability

03 Apr

Fix available
Severity - 5.1 (Medium)

GHSA-mcgx-2gcr-p3hp

PyPI/jupyterhub-ltiauthenticator

LTI JupyterHub Authenticator does not properly validate JWT Signature

25 Feb 2025

Fix available
Severity - 10.0 (Critical)

PYSEC-2025-120

PyPI/jupyterhub-ltiauthenticator

See record for full details

25 Feb 2025

No fix available
Severity - 9.8 (Critical)

PYSEC-2024-200

PyPI/jupyterhub
github.com/jupyterhub/jupyterhub

See record for full details

08 Aug 2024

Fix available
Severity - 7.2 (High)

GHSA-9x4q-3gxw-849f

PyPI/jupyterhub

JupyterHub has a privilege escalation vulnerability with the `admin:users` scope

08 Aug 2024

Fix available
Severity - 8.6 (High)

PYSEC-2024-236

PyPI/jupyter-server-proxy
github.com/jupyterhub/jupyter-server-proxy

See record for full details

11 Jun 2024

Fix available
Severity - 6.1 (Medium)

GHSA-7r3h-4ph8-w38g

PyPI/jupyterhub

Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing

28 Mar 2024

Fix available
Severity - 8.1 (High)

PYSEC-2024-234

PyPI/jupyter-server-proxy
github.com/jupyterhub/jupyter-server-proxy

See record for full details

20 Mar 2024

Fix available
Severity - 9.8 (Critical)

GHSA-7xx3-qp5w-fw96

PyPI/jupyterhub

Cross-Site Request Forgery in JupyterHub

24 May 2022

Fix available
Severity - 6.7 (Medium)

PYSEC-2022-16

PyPI/jupyter-server-proxy
github.com/jupyterhub/jupyter-server-proxy

See record for full details

25 Jan 2022

Fix available

GHSA-cw7p-q79f-m2v7

PyPI/jupyterhub

incomplete JupyterHub logout with simultaneous JupyterLab sessions

08 Nov 2021

Fix available
Severity - 5.1 (Medium)

PYSEC-2021-386

PyPI/jupyterhub
github.com/jupyterhub/jupyterhub

See record for full details

04 Nov 2021

Fix available

GHSA-5xvc-vgmp-jgc3

PyPI/jupyterhub-firstuseauthenticator

Improper Access Control in jupyterhub-firstuseauthenticator

28 Oct 2021

Fix available
Severity - 9.3 (Critical)

PYSEC-2021-384

PyPI/jupyterhub-firstuseauthenticator

See record for full details

28 Oct 2021

Fix available

Load more...(1 page left)