Vulnerability Details CVE-2018-19351
Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py, NbconvertFileHandler and NbconvertPostHandler do not set a Content Security Policy to prevent this.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://github.com/jupyter/notebook/blob/master/docs/source/changelog.rst
- https://github.com/jupyter/notebook/commit/107a89fce5f413fb5728c1c5d2c7788e1fb17491
- https://groups.google.com/forum/#%21topic/jupyter/hWzu2BSsplY
- https://lists.debian.org/debian-lts-announce/2020/11/msg00033.html
- https://pypi.org/project/notebook/#history
- https://github.com/jupyter/notebook/blob/master/docs/source/changelog.rst
- https://github.com/jupyter/notebook/commit/107a89fce5f413fb5728c1c5d2c7788e1fb17491
- https://groups.google.com/forum/#%21topic/jupyter/hWzu2BSsplY
- https://lists.debian.org/debian-lts-announce/2020/11/msg00033.html
- https://pypi.org/project/notebook/#history
Products affected by CVE-2018-19351
-
cpe:2.3:a:jupyter:notebook:4.0.0
-
cpe:2.3:a:jupyter:notebook:4.0.1
-
cpe:2.3:a:jupyter:notebook:4.0.2
-
cpe:2.3:a:jupyter:notebook:4.0.3
-
cpe:2.3:a:jupyter:notebook:4.0.4
-
cpe:2.3:a:jupyter:notebook:4.0.5
-
cpe:2.3:a:jupyter:notebook:4.0.6
-
cpe:2.3:a:jupyter:notebook:4.1.0
-
cpe:2.3:a:jupyter:notebook:4.2.0
-
cpe:2.3:a:jupyter:notebook:4.2.1
-
cpe:2.3:a:jupyter:notebook:4.2.2
-
cpe:2.3:a:jupyter:notebook:4.2.3
-
cpe:2.3:a:jupyter:notebook:4.3.0
-
cpe:2.3:a:jupyter:notebook:4.3.1
-
cpe:2.3:a:jupyter:notebook:4.3.2
-
cpe:2.3:a:jupyter:notebook:4.4.0
-
cpe:2.3:a:jupyter:notebook:4.4.1
-
cpe:2.3:a:jupyter:notebook:5.0.0
-
cpe:2.3:a:jupyter:notebook:5.1.0
-
cpe:2.3:a:jupyter:notebook:5.2.0
-
cpe:2.3:a:jupyter:notebook:5.2.1
-
cpe:2.3:a:jupyter:notebook:5.2.2
-
cpe:2.3:a:jupyter:notebook:5.3.0
-
cpe:2.3:a:jupyter:notebook:5.3.1
-
cpe:2.3:a:jupyter:notebook:5.4.0
-
cpe:2.3:a:jupyter:notebook:5.4.1
-
cpe:2.3:a:jupyter:notebook:5.5.0
-
cpe:2.3:a:jupyter:notebook:5.6.0
-
cpe:2.3:a:jupyter:notebook:5.7.0