CVE-2019-10856 – notebook

Package

Manager: pip
Name: notebook
Vulnerable Version: >=0 <5.7.8

Severity

Level: Medium

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

EPSS: 0.00235 pctl0.46328

Details

Jupyter Notebook open redirect vulnerability In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.

Metadata

Created: 2019-04-09T19:47:27Z
Modified: 2024-09-26T14:16:05Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/04/GHSA-rcx2-m7jp-p9wj/GHSA-rcx2-m7jp-p9wj.json
CWE IDs: ["CWE-601"]
Alternative ID: GHSA-rcx2-m7jp-p9wj
Finding: F156
Auto approve: 1