VDB
DEBIAN-CVE-2018-8768
DEBIAN-CVE-2018-8768
PUBLISHED
CVSS 7.800000190734863 HIGH
In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.
Risk Scores
CVSS v3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | ipython | 0, 0, 0 |
| Debian:11 | jupyter-notebook | 0, 0, 0 |
| Debian:12 | jupyter-notebook | 0, 0, 0 |
| Debian:13 | jupyter-notebook | 0, 0, 0 |
| Debian:14 | ipython | 0, 0, 0 |
| Debian:14 | jupyter-notebook | 0, 0, 0 |
| Debian:11 | ipython | 0, 0, 0 |
| Debian:13 | ipython | 0, 0, 0 |
Timeline
- Mar 18, 2018 CVE Published
- Apr 28, 2026 CVE Updated