Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-vvfj-2jqx-52jm
  • PyPI/jupyterlab
 JupyterLab LaTeX typesetter links did not enforce `noopener` attribute 26 Sep 2025
  • Fix available
  • Severity - 2.1 (Low)
GHSA-cj5w-8mjf-r5f8
  • PyPI/jupyterlab-git
 jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal" 04 Apr 2025
  • Fix available
  • Severity - 7.4 (High)
GHSA-9q39-rmj3-p4r2
  • PyPI/jupyterlab
  • PyPI/notebook
 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering 29 Aug 2024
  • Fix available
  • Severity - 8.8 (High)
GHSA-44cc-43rp-5947
  • PyPI/jupyterlab
  • PyPI/notebook
 JupyterLab vulnerable to potential authentication and CSRF tokens leak 19 Jan 2024
  • Fix available
  • Severity - 7.6 (High)
GHSA-4m77-cmpx-vjc4
  • PyPI/jupyterlab
  • PyPI/notebook
 JupyterLab vulnerable to SXSS in Markdown Preview 19 Jan 2024
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-p6rw-44q7-3fw4
  • PyPI/nbdime
  • npm/nbdime
  • npm/nbdime-jupyterlab
 Stored XSS in Jupyter nbdime 08 Nov 2021
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-4952-p58q-6crx
  • PyPI/jupyterlab
  • PyPI/notebook
 JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form> 23 Aug 2021
  • Fix available
  • Severity - 6.3 (Medium)
PYSEC-2021-130
  • PyPI/jupyterlab
  • github.com/jupyterlab/jupyterlab
 See record for full details 09 Aug 2021
  • Fix available