AVG-820

Package jupyter-notebook
Status Fixed
Severity Medium
Type cross-site scripting
Affected 5.5.0-1
Fixed 5.7.2-1
Current 5.7.8-1 [community]
Ticket FS#60910
Created Mon Nov 26 00:04:02 2018
Issue Severity Remote Type Description
CVE-2018-19352 Medium No Cross-site scripting
A security issue has been found in Jupyter Notebook versions prior to 5.7.2, where untrusted javascript could be executed if malicious files could be...
CVE-2018-19351 Medium No Cross-site scripting
A security issue has been found in Jupyter Notebook versions prior to 5.7.1, where untrusted javascript could be executed if malicious files could be...
Date Advisory Package Description
06 Dec 2018 ASA-201812-1 jupyter-notebook cross-site scripting
References
https://blog.jupyter.org/jupyter-notebook-security-fixes-59817e86a711
https://blog.jupyter.org/security-fix-for-jupyter-notebook-450f272b6932?gi=dbc3ae28c796