Jupyter-server Jupyter_server
11 CVEs affecting Jupyter-server Jupyter_server. Latest disclosed: 2026-05-05. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-35397 | High | 8.8 | 2026-05-05 | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authentica… |
CVE-2024-35178 | High | 7.5 | 2024-06-06 | The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak th… |
CVE-2022-24757 | High | 7.5 | 2022-03-23 | The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications. Prior to version 1.15.4, unauthorized… |
CVE-2026-40110 | High | 7.3 | 2026-05-05 | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check inco… |
CVE-2022-29241 | High | 7.1 | 2022-06-14 | Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.1… |
CVE-2026-40934 | Medium | 6.8 | 2026-05-05 | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a st… |
CVE-2025-61669 | Medium | 6.1 | 2026-05-05 | Jupyter Server is the backend for Jupyter web applications. In jupyter_server versions through 2.17.0, the next query parameter in the login flow is insufficie… |
CVE-2020-26275 | Medium | 6.1 | 2020-12-21 | The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and… |
CVE-2023-40170 | Medium | 4.6 | 2023-08-28 | jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on `/files/` URLs could allow exposure of certain file conten… |
CVE-2023-39968 | Medium | 4.3 | 2023-08-28 | jupyter-server is the backend for Jupyter web applications. Open Redirect Vulnerability. Maliciously crafted login links to known Jupyter Servers can cause suc… |
CVE-2023-49080 | Low | 3.5 | 2023-12-04 | The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and… |