Approved changes feed: RSS · Atom
cpe:2.3:a:jupyter:nbconvert:*:*:*:*:*:python:*:*
part: a version: * update: *
| Vendor | Jupyter (3170fc95-7dab-5fb9-942d-251eb444755d) |
|---|---|
| Product | Nbconvert (bb4811ca-0ebb-5c43-985f-e535164d667d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | python |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-39378 |
vulnerable | 2026-06-03 15:22:12.516058 |
nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding
MEDIUM (6.5)
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references. A malicious notebook can exfiltrate sensitive files from the conversion host by embedding them as base64 data URIs in the output HTML. nbconvert 7.17.1 contains a fix. As a workaround, do not enable `HTMLExporter.embed_images`; it is not enabled by default.
Published: 2026-04-21T00:17:00.684Z
Updated: 2026-04-21T13:43:29.081Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-39377 |
vulnerable | 2026-06-03 15:22:12.515596 |
nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames
MEDIUM (6.5)
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The `ExtractAttachmentsPreprocessor` passes attachment filenames directly to the filesystem without sanitization, enabling path traversal attacks. This vulnerability provides complete control over both the destination path and file extension. Version 7.17.1 contains a patch.
Published: 2026-04-21T00:14:59.937Z
Updated: 2026-04-21T19:49:24.475Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-53000 |
vulnerable | 2026-06-03 15:03:53.209206 |
nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. This issue has been patched in version 7.17.0.
Published: 2025-12-17T20:27:59.578Z
Updated: 2026-02-18T18:36:34.309Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-32862 |
vulnerable | 2026-06-03 14:44:40.457088 |
nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths
HIGH (7.5)
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).
Published: 2022-08-18T00:00:00.000Z
Updated: 2024-09-02T21:02:59.728Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.