jupyter-notebook
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | The language-agnostic HTML notebook application for Project Jupyter |
| Version | 7.4.7-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2267 | 6.3.0-1 | 6.4.3-1 | High | Fixed | |
| AVG-820 | 5.5.0-1 | 5.7.2-1 | Medium | Fixed | FS#60910 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-32798 | AVG-2267 | High | Yes | Cross-site scripting | In Jupyiter notebook before version 6.4.1, an untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to... |
| CVE-2018-19352 | AVG-820 | Medium | No | Cross-site scripting | A security issue has been found in Jupyter Notebook versions prior to 5.7.2, where untrusted javascript could be executed if malicious files could be... |
| CVE-2018-19351 | AVG-820 | Medium | No | Cross-site scripting | A security issue has been found in Jupyter Notebook versions prior to 5.7.1, where untrusted javascript could be executed if malicious files could be... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 06 Dec 2018 | ASA-201812-1 | AVG-820 | Medium | cross-site scripting |