An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.
Advisories
Source ID Title
EUVD EUVD EUVD-2019-0436 An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.
Github GHSA Github GHSA GHSA-rv62-4pmj-xw6h Open Redirect vulnerability in jupyterhub and notebook
Ubuntu USN Ubuntu USN USN-5585-1 Jupyter Notebook vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T22:17:19.683Z

Reserved: 2019-03-28T00:00:00

Link: CVE-2019-10255

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-03-28T16:29:00.567

Modified: 2024-11-21T04:18:45.393

Link: CVE-2019-10255

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.