CVE-2018-19351 — Cross-site Scripting in Notebook

CWE-79 — Cross-site Scripting11 documents8 sources

Severity

6.1MEDIUMNVD

EPSS

0.3%

top 46.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jupyter Notebook

Timeline

PublishedNov 18

Latest updateAug 30

Description

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHandler and NbconvertPostHandler do not set a Content Security Policy to prevent this.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶NVDjupyter/notebook< 5.7.1

▶PyPIjupyter/notebook< 5.7.1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

jupyter-notebook vulnerabilities↗2022-08-30

▶

OSV

Jupyter Notebook XSS via untrusted notebooks↗2018-11-21

▶

GHSA

Jupyter Notebook XSS via untrusted notebooks↗2018-11-21

▶

OSV

CVE-2018-19351: Jupyter Notebook before 5↗2018-11-18

▶

CVEList

CVE-2018-19351: Jupyter Notebook before 5↗2018-11-18

▶

📋Vendor Advisories

Ubuntu

Jupyter Notebook vulnerabilities↗2022-08-30

▶

Debian

CVE-2018-19351: jupyter-notebook - Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbcon...↗2018

▶

📄Research Papers

arXiv

Threat Assessment in Machine Learning based Systems↗2022-06-30

▶

💬Community

Bugzilla

CVE-2018-19351 python-notebook: XSS via an untrusted notebook↗2018-11-21

▶

Bugzilla

CVE-2018-19351 CVE-2018-19352 python-notebook: various flaws [fedora-all]↗2018-11-21

▶