Description
A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_path() function within jupyter_server/services/contents/fileio.py. The check uses startswith(root) without appending a trailing path separator, allowing sibling directories with names starting with the same prefix as root_dir to bypass the check. Additionally, the to_os_path() function in utils.py does not strip ".." from path parts, enabling traversal sequences to bypass the vulnerable check. This vulnerability can lead to unauthorized read/write access to files in sibling directories, potentially exposing sensitive data in shared hosting environments.
Published: 2026-06-02
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A path traversal flaw in jupyter-server 2.17.0 allows an attacker to read or write files in directories that are siblings of the configured root directory. The vulnerability originates from an incorrect boundary check in the _get_os_path() function, which uses startswith(root) without a trailing separator, and from to_os_path() that does not strip '..' segments. This flaw can lead to unauthorized access to files outside the intended workspace, potentially exposing sensitive information in shared hosting environments.

Affected Systems

The flaw is present in the Jupyter Server component of the Jupyter project, specifically version 2.17.0. Clients and servers running this edition—including shared hosting environments—are vulnerable. The affected product is listed by CNA as jupyter:jupyter/jupyter.

Risk and Exploitability

The CVSS score of 6.8 indicates moderate severity, and no EPSS value is available. The vulnerability is not listed in the CISA KEV catalog. A likely attack vector involves standard Jupyter Server HTTP requests that reference file paths; an attacker with network or local access could craft a request that forces the server to resolve a sibling directory path, thereby reading or modifying files outside the intended workspace.

Generated by OpenCVE AI on June 2, 2026 at 11:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade jupyter-server to a fixed version (2.17.1 or later).
  • Adjust the server’s root directory configuration to include a trailing path separator or apply the vendor‑provided fix that enforces proper boundary checks.
  • Restrict the file system permissions of the Jupyter process so it cannot read or write files outside its intended workspace.

Generated by OpenCVE AI on June 2, 2026 at 11:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:jupyter:jupyter_server:2.17.0:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Tue, 02 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Jupyter
Jupyter jupyter Server
Vendors & Products Jupyter
Jupyter jupyter Server

Tue, 02 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 02 Jun 2026 10:00:00 +0000

Type Values Removed Values Added
Description A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the _get_os_path() function within jupyter_server/services/contents/fileio.py. The check uses startswith(root) without appending a trailing path separator, allowing sibling directories with names starting with the same prefix as root_dir to bypass the check. Additionally, the to_os_path() function in utils.py does not strip ".." from path parts, enabling traversal sequences to bypass the vulnerable check. This vulnerability can lead to unauthorized read/write access to files in sibling directories, potentially exposing sensitive data in shared hosting environments.
Title Path Traversal in jupyter/jupyter
Weaknesses CWE-23
References
Metrics cvssV3_0

{'score': 6.8, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

Jupyter Jupyter Server
cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published:

Updated: 2026-06-02T12:14:02.747Z

Reserved: 2026-04-02T12:44:03.302Z

Link: CVE-2026-5422

cve-icon Vulnrichment

Updated: 2026-06-02T12:12:01.952Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-02T10:16:25.800

Modified: 2026-06-03T17:09:31.823

Link: CVE-2026-5422

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T14:45:10Z

Weaknesses