jupyterhub · threatengine.sh

CVE-2026-33709

< 5.4.4

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redire

6.1MEDIUM

CVE-2024-41942

< 4.1.6

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if

7.2HIGH

CVE-2024-28233

< 4.1.0

JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the

8.1HIGH

CVE-2021-41247

>= 1.0.0 and < 1.5.0

JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs

3.5LOW

CVE-2021-41194

< 1.0.0

FirstUseAuthenticator is a JupyterHub authenticator that helps new users set their password on their first login to JupyterHub. Wh

9.1CRITICAL

CVE-2021-39160

>= 0.9.0 and < 0.10.2

nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting mal

9.6CRITICAL

CVE-2020-36191

all versions

JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user reques

4.5MEDIUM

CVE-2020-26261

< 0.15

jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner bef

7.9HIGH

CVE-2020-15110

< 0.12

In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them acces

6.8MEDIUM

CVE-2019-10255

< 0.9.5

An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub

6.1MEDIUM

jupyter jupyterhub