jupyter-server-proxy

PyPI3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting jupyter-server-proxypage 1 of 1

CVE-2022-21697MEDIUMCVSS 6.3EG 6.3✓ Fixed in 3.2.1
2022-01-25
vulnerable: 1.0 ... 3.2.0 (26 versions)
Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server or Notebook with jup…
CVE-2024-28179CRITICALCVSS 9.0EG 9.0✓ Fixed in 4.1.1
2024-03-20
vulnerable: 1.0 ... 4.1.0 (30 versions)
Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jupyter notebook servers and provides authenticated web access. Prior to versions 3.2.3 and 4.1.1, Jupyter Server Proxy did not check user authentication…
CVE-2024-35225CRITICALCVSS 9.6EG 9.6✓ Fixed in 4.2.0
2024-06-11
vulnerable: 3.0.0 ... 4.1.2 (9 versions)
Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting…

Check whether jupyter-server-proxy is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for jupyter-server-proxy CVEs against the assets you own.

Start Free Scan →