Back to search
CVE-2018-8768
Published: Mar 18, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://openwall.com/lists/oss-security/2018/03/15/2
x_refsource_CONFIRM
[debian-lts-announce] 20201119 [SECURITY] [DLA 2432-1] jupyter-notebook security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now