CVE-2015-7337
Published: 29 September 2015
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types.
Notes
Author | Note |
---|---|
msalvatore | affects ipython 3.0 - 3.2.1 |
Priority
Status
Package | Release | Status |
---|---|---|
ipython Launchpad, Ubuntu, Debian |
artful |
Ignored
(end of life)
|
bionic |
Not vulnerable
(5.5.0-1)
|
|
precise |
Ignored
(end of life)
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Pending
(4.0.5, 4.1 or 3.2.2)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Not vulnerable
(code not present)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
|
Patches: upstream: https://github.com/ipython/ipython/commit/0a8096adf165e2465550bd5893d7e352544e5967 |