Количество 4
Количество 4
CVE-2021-32797
JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesn’t sanitize the action attribute of html `<form>`. Using this it is possible to trigger the form validation outside of the form itself. This is a remote code execution, but requires user action to open a notebook.
CVE-2021-32797
JupyterLab is a user interface for Project Jupyter which will eventual ...
openSUSE-SU-2022:10075-1
Security update for python-jupyterlab
GHSA-4952-p58q-6crx
JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-32797 JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesn’t sanitize the action attribute of html `<form>`. Using this it is possible to trigger the form validation outside of the form itself. This is a remote code execution, but requires user action to open a notebook. | CVSS3: 7.4 | 1% Низкий | больше 4 лет назад |
| CVE-2021-32797 JupyterLab is a user interface for Project Jupyter which will eventual ... | CVSS3: 7.4 | 1% Низкий | больше 4 лет назад |
 | openSUSE-SU-2022:10075-1 Security update for python-jupyterlab | 1% Низкий | больше 3 лет назад | |
| GHSA-4952-p58q-6crx JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form> | CVSS3: 7.4 | 1% Низкий | больше 4 лет назад |
Уязвимостей на страницу