CVE-2018-19352

Опубликовано: 18 нояб. 2018

Источник: debian

Описание

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.

Пакет	Статус	Версия исправления	Релиз	Тип
jupyter-notebook	fixed	5.7.4-1		package
jupyter-notebook	not-affected		stretch	package

https://github.com/jupyter/notebook/commit/288b73e1edbf527740e273fcc69b889460871648

CVE-2018-19352

CVSS3: 6.1

ubuntu

около 7 лет назад

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.

CVE-2018-19352

CVSS3: 6.1

nvd

около 7 лет назад

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.

GHSA-3p4q-x8f3-p7vq

CVSS3: 6.1

github

около 7 лет назад

Jupyter Notebook XSS via directory name