---

CVE-2018-19351 - log back

CVE-2018-19351 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Local
Type	+ Cross-site scripting
Description	+ A security issue has been found in Jupyter Notebook versions prior to 5.7.1, where untrusted javascript could be executed if malicious files could be delivered to the users system and the user takes specific actions with those malicious files. It allowed nbconvert endpoints (such as Print Preview) to render untrusted HTML and javascript with access to the notebook server.
References	+ https://blog.jupyter.org/jupyter-notebook-security-fixes-59817e86a711
Notes