Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jupyter Subscribe
Filtered by product Nbconvert
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-32862 1 Jupyter 1 Nbconvert 2022-08-19 N/A 5.4 MEDIUM
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).