VYPR

rpm package

suse/python-notebook&distro=SUSE Package Hub 15 SP6

pkg:rpm/suse/python-notebook&distro=SUSE%20Package%20Hub%2015%20SP6

Vulnerabilities (2)

  • CVE-2021-32798Aug 9, 2021
    affected < 5.7.11-bp156.4.3.1fixed 5.7.11-bp156.4.3.1

    The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an

  • CVE-2019-11358Apr 19, 2019
    affected < 5.7.11-bp156.4.3.1fixed 5.7.11-bp156.4.3.1

    jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.