pkg:PyPI/jupyter-server

24 total CVEsHIGH9MEDIUM15

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2024-35178Jupyter server on Windows discloses Windows user password hash
    from 0, < 2.14.1
  • HIGH7.5CVE-2024-35178Jupyter server on Windows discloses Windows user password hash
    from 0, < 79fbf801c5908f4d1d9bc90004b74cfaaeeed2df, < 79fbf801c5908f4d1d9bc90004b74cfaaeeed2df | from 0, < 2.14.1
  • HIGH7.5CVE-2022-24757Insertion of Sensitive Information into Log File in Jupyter notebook
    from 0, < 1.15.4
  • HIGH7.5CVE-2022-24757Insertion of Sensitive Information into Log File in Jupyter notebook
    from 0, < a5683aca0b0e412672ac6218d09f74d44ca0de5a | from 0, < 1.15.4
  • HIGH7.3CVE-2026-40110Jupyter Server has a CORS Origin Validation Bypass via `re.match()` in `allow_origin_pat` (from huntr)
    from 0, < 2.18.0
  • HIGH7.1CVE-2026-35397Jupyter Server: Path Traversal via incorrect startswith() root directory check allows access to sibling directories
    from 0, < 2.18.0
  • HIGH7.1CVE-2026-35397Jupyter Server: Path Traversal via incorrect startswith() root directory check allows access to sibling directories
    from 0, < 2.18.0
  • HIGH7.1CVE-2022-29241Jupyter server Token bruteforcing
    from 0, < 1.17.1
  • HIGH7.1CVE-2022-29241Jupyter server Token bruteforcing
    from 0, < 1.17.0
  • MEDIUM6.8CVE-2026-40934Jupyter Server's Authentication Cookies Remain Valid After Password Reset and Server Restart
    from 0, < 2.18.0
  • MEDIUM6.8CVE-2026-40934Jupyter Server's Authentication Cookies Remain Valid After Password Reset and Server Restart
    from 0, < 2.18.0
  • MEDIUM6.1CVE-2025-61669Jupyter Server has an open redirection vulnerability in `next` query parameter
    from 0, < 2.18.0
  • MEDIUM6.1CVE-2025-61669Jupyter Server has an open redirection vulnerability in `next` query parameter
    from 0, < 2.18.0
  • MEDIUM6.1CVE-2023-39968Open Redirect Vulnerability in jupyter-server
    from 0, < 2.7.2
  • MEDIUM6.1CVE-2023-39968Open Redirect Vulnerability in jupyter-server
    from 0, < 290362593b2ffb23c59f8114d76f77875de4b925 | from 0, < 2.7.2
  • MEDIUM6.1CVE-2020-26275Jupyter Server open redirect vulnerability
    from 0, < 1.1.1
  • MEDIUM6.1CVE-2020-26275Jupyter Server open redirect vulnerability
  • MEDIUM6.1CVE-2020-26275Jupyter Server open redirect vulnerability
    from 0, < 85e4abccf6ea9321d29153f73b0bd72ccb3a6bca | from 0, < 1.1.1
  • MEDIUM4.6CVE-2023-40170cross-site inclusion (XSSI) of files in jupyter-server
    from 0, < 87a4927272819f0b1cae1afa4c8c86ee2da002fd | from 0, < 2.7.2
  • MEDIUM4.6CVE-2023-40170cross-site inclusion (XSSI) of files in jupyter-server
    from 0, < 2.7.2
  • MEDIUM4.3CVE-2023-49080jupyter-server errors include tracebacks with path information
    from 0, < 0056c3aa52cbb28b263a7a609ae5f17618b36652 | from 0, < 2.11.2
  • MEDIUM4.3CVE-2023-49080jupyter-server errors include tracebacks with path information
    from 0, < 2.11.2
  • MEDIUM4.1CVE-2020-26232Open redirect in Jupyter Server
    from 0, < 3d83e49090289c431da253e2bdb8dc479cbcb157 | from 0, < 1.0.6
  • MEDIUM4.1CVE-2020-26232Open redirect in Jupyter Server
    from 0, < 1.0.6