Опубликовано: 18 нояб. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.1
Описание
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | ignored | end of life |
| devel | not-affected | 5.7.4-1 |
| disco | not-affected | 5.7.4-1 |
| eoan | ignored | end of life |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | 5.7.4-1 |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 5.7.4-1 |
| groovy | not-affected | 5.7.4-1 |
Показывать по
10
EPSS
Процентиль: 51%
0.00283
Низкий
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.1
nvd
около 7 лет назад
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely.
CVSS3: 6.1
debian
около 7 лет назад
Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name ...
EPSS
Процентиль: 51%
0.00283
Низкий
4.3 Medium
CVSS2
6.1 Medium
CVSS3