Описание
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a inkscape.bat file that defines a Windows batch script, capable of arbitrary code execution. When a user runs jupyter nbconvert --to pdf on a notebook containing SVG output to a PDF on a Windows platform from this directory, the inkscape.bat file is run unexpectedly. This issue has been patched in version 7.17.0.
A flaw was found in nbconvert, specifically in the jupyter nbconvert tool on Windows. A third party can exploit this vulnerability by creating a malicious inkscape.bat file in a directory. When a user then converts a Jupyter notebook containing SVG output to a PDF from this directory, the malicious inkscape.bat file is unexpectedly executed, leading to arbitrary code execution.
Отчет
This vulnerability affects the nbconvert tool only when running on Windows environment, given that information there's no supported Red Hat product affected by this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9 | Not affected | ||
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9 | Not affected |
Показывать по
Дополнительная информация
Статус:
7.3 High
CVSS3
Связанные уязвимости
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. This issue has been patched in version 7.17.0.
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. This issue has been patched in version 7.17.0.
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to v ...
nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
7.3 High
CVSS3