VYPR

PyPI package

ipython

pkg:pypi/ipython

Vulnerabilities (8)

  • CVE-2023-24816Feb 10, 2023
    affected < 8.10.0fixed 8.10.0

    IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Versions prior to 8.1.0 are subject to a command injection vulnerability with very specific prerequisites. This v

  • CVE-2022-21699Jan 19, 2022
    affected < 5.11fixed 5.11

    IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cros

  • CVE-2015-4706MedSep 21, 2017
    affected >= 3.0.0, < 3.2.0fixed 3.2.0

    Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/contents path.

  • CVE-2015-4707MedSep 20, 2017
    affected < 3.2.0fixed 3.2.0

    Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path.

  • CVE-2015-5607HigSep 20, 2017
    affected >= 0.12, < 2.4.1fixed 2.4.1

    Cross-site request forgery in the REST API in IPython 2 and 3.

  • CVE-2015-7337Sep 29, 2015
    affected < 3.2.2fixed 3.2.2

    The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types.

  • CVE-2015-6938Sep 21, 2015
    affected < 3.2.2fixed 3.2.2

    Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported a

  • CVE-2014-3429Aug 7, 2014
    affected >= 0.12, < 1.2.0fixed 1.2.0

    IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.