AVG-2266 log
| Package | jupyterlab |
| Status | Fixed |
| Severity | High |
| Type | cross-site scripting |
| Affected | 3.1.2-1 |
| Fixed | 3.1.4-1 |
| Current | 4.5.0-1 [extra] |
| Ticket | None |
| Created | Mon Aug 9 22:37:37 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-32797 | High | Yes | Cross-site scripting | In JupyterLab before version 3.1.4, untrusted notebooks can execute code on load. In particular JupyterLab doesn't sanitize the action attribute of the HTML... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 10 Aug 2021 | ASA-202108-10 | jupyterlab | cross-site scripting |