pkg:Bitnami/jupyterlab

所有已知漏洞

• CRITICAL9.8CVE-2024-39700Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action
  from 0, < 4.3.0
• HIGH8.8CVE-2026-42266JupyterLab has an Extension Manager API/GUI Policy Discrepancy, allowing 3rd party (malicious) extensions install via POST request
  >= 4.0.0, < 4.5.7
• HIGH7.6CVE-2024-43805HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
  from 0, < 4.2.5
• HIGH7.6CVE-2024-22421Potential authentication and CSRF tokens leak in JupyterLab
  from 0, < 3.6.7, >= 4.0.0, < 4.0.11
• HIGH7.4CVE-2021-32797JupyterLab: XSS due to lack of sanitization of the action attribute of an html <form>
  from 0, < 1.2.21, >= 2.0.0, < 2.2.10, >= 2.3.0, < 2.3.2, >= 3.0.0, < 3.0.17, >= 3.1.0, < 3.1.4
• MEDIUM6.5CVE-2024-22420Stored cross site scripting in Markdown Preview in JupyterLab
  >= 4.0.0, < 4.2.4
• MEDIUM4.3CVE-2025-59842JupyterLab LaTeX typesetter links did not enforce `noopener` attribute
  from 0, < 4.4.8
• —CVE-2026-42557jupyterlab: Command linker attributes in HTML enable one-click command execution from untrusted content
  from 0, < 4.5.7
• —CVE-2026-40171Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS
  from 0, < 4.5.7