AVG-2266 log

Package jupyterlab
Status Fixed
Severity High
Type cross-site scripting
Affected 3.1.2-1
Fixed 3.1.4-1
Current 3.2.8-1 [community]
Ticket None
Created Mon Aug 9 22:37:37 2021
Issue Severity Remote Type Description
CVE-2021-32797 High Yes Cross-site scripting
In JupyterLab before version 3.1.4, untrusted notebooks can execute code on load. In particular JupyterLab doesn't sanitize the action attribute of the HTML...
Date Advisory Package Type
10 Aug 2021 ASA-202108-10 jupyterlab cross-site scripting