Suggestions search

All statuses

Filter by:

With package: python312Packages.nbconvert

Found 3 matching suggestions

View:

Compact

Detailed

Published

Permalink CVE-2026-39377

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): High (H)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): None (N)

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The `ExtractAttachmentsPreprocessor` passes attachment filenames directly to the filesystem without sanitization, enabling path traversal attacks. This vulnerability provides complete control over both the destination path and file extension. Version 7.17.1 contains a patch.

References

https://github.com/jupyter/nbconvert/security/advisories/GHSA-4c99-qj7h-p3vg x_refsource_CONFIRM

Ignored references (1)

https://github.com/jupyter/nbconvert/releases/tag/v7.17.1 x_refsource_MISC

Affected products

nbconvert

==>= 6.5, < 7.17.1

Matching in nixpkgs

pkgs.python312Packages.nbconvert

None

pkgs.python313Packages.nbconvert

Converting Jupyter Notebooks

nixos-unstable 7.16.6
- nixpkgs-unstable 7.16.6
- nixos-unstable-small 7.16.6

pkgs.python314Packages.nbconvert

Converting Jupyter Notebooks

nixos-unstable 7.16.6
- nixpkgs-unstable 7.16.6
- nixos-unstable-small 7.16.6

Package maintainers

@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@thomasjm Tom McLaughlin <tom@codedown.io>
@natsukium Tomoya Otabi <nixpkgs@natsukium.com>

Published

Permalink CVE-2026-39378

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): None (N)
Availability (A): None (N)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): None (N)

updated 2 months ago by @LeSuisse Activity log

Created suggestion 2 months ago
@LeSuisse accepted 2 months ago
@LeSuisse published on GitHub 2 months ago

nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references. A malicious notebook can exfiltrate sensitive files from the conversion host by embedding them as base64 data URIs in the output HTML. nbconvert 7.17.1 contains a fix. As a workaround, do not enable `HTMLExporter.embed_images`; it is not enabled by default.

References

https://github.com/jupyter/nbconvert/security/advisories/GHSA-7jqv-fw35-gmx9 x_refsource_CONFIRM

Ignored references (1)

https://github.com/jupyter/nbconvert/releases/tag/v7.17.1 x_refsource_MISC

Affected products

nbconvert

==>= 6.5, < 7.17.1

Matching in nixpkgs

pkgs.python312Packages.nbconvert

None

pkgs.python313Packages.nbconvert

Converting Jupyter Notebooks

nixos-unstable 7.16.6
- nixpkgs-unstable 7.16.6
- nixos-unstable-small 7.16.6

pkgs.python314Packages.nbconvert

Converting Jupyter Notebooks

nixos-unstable 7.16.6
- nixpkgs-unstable 7.16.6
- nixos-unstable-small 7.16.6

Package maintainers

@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@thomasjm Tom McLaughlin <tom@codedown.io>
@natsukium Tomoya Otabi <nixpkgs@natsukium.com>

Dismissed

Permalink CVE-2025-53000

updated 4 months, 2 weeks ago by @LeSuisse Activity log

Created suggestion 4 months, 2 weeks ago
@LeSuisse dismissed 4 months, 2 weeks ago

nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. As of time of publication, no known patches exist.