| CVE-2026-40864 |
medium |
4.3 |
4.3 |
|
|
|
12d ago |
JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection (updated in 4.1.0) inappropriately treated requests with… |
| CVE-2026-33709 |
unknown |
— |
— |
|
|
|
2mo ago |
JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links wh… |
| CVE-2024-41942 |
unknown |
— |
— |
|
|
|
2y ago |
JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their ow… |
| CVE-2024-28233 |
unknown |
— |
— |
|
|
|
2y ago |
JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. … |
| CVE-2020-36191 |
unknown |
— |
— |
|
|
|
4y ago |
JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an _xsrf field, as demonstrated by a /hub/api/user request (to add or remove a user account). |
| CVE-2021-41247 |
unknown |
— |
— |
|
|
|
5y ago |
JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in the same browser session, may see incomplete logout from the… |
| CVE-2019-10255 |
unknown |
— |
— |
|
|
|
7y ago |
Open Redirect vulnerability in jupyterhub and notebook |
