Vulnerability in Jupyterlab

CVE-2025-59842

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to version 4.4.8, links generated with LaTeX typesetters in Markdown files and Markdown cells in JupyterL…

EPSS: 0.000 (10.6th percentile) — read the EPSS interpretation.

Affected products

Jupyterlab — versions < 4.4.8

Weakness classification (CWE)

CWE-1022 — Use of Web Link to Untrusted Target with window.opener Access

References

https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-vvfj-2jqx-52jm (x_refsource_CONFIRM)
https://github.com/jupyterlab/jupyterlab/commit/88ef373039a8cc09f27d3814382a512d9033675c (x_refsource_MISC)