CVE-2018-19352 log

Severity Medium
Remote No
Type Cross-site scripting
A security issue has been found in Jupyter Notebook versions prior to 5.7.2, where untrusted javascript could be executed if malicious files could be delivered to the users system and the user takes specific actions with those malicious files. It allowed maliciously crafted directory names to execute javascript when opened in the tree view.
Group Package Affected Fixed Severity Status Ticket
AVG-820 jupyter-notebook 5.5.0-1 5.7.2-1 Medium Fixed FS#60910
Date Advisory Group Package Severity Type
06 Dec 2018 ASA-201812-1 AVG-820 jupyter-notebook Medium cross-site scripting