Product Research Enterprise Plans Docs

PyPi: Notebook

CVE-2015-7337

Safety vulnerability ID: 40398

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Sep 29, 2015 Updated at Dec 21, 2024

Scan your Python projects for vulnerabilities →

Advisory

Notebook 4.0.5 includes security fixes for maliciously crafted files (CVE-2015-7337).

Affected package

notebook

Latest version: 7.3.2

Jupyter Notebook - A web-based notebook environment for interactive computing

Affected versions

Fixed versions

Vulnerability changelog

Security fixes for maliciously crafted files.

- [CVE-2015-6938](http://www.openwall.com/lists/oss-security/2015/09/02/3):
malicious filenames
- [CVE-2015-7337](http://www.openwall.com/lists/oss-security/2015/09/16/3):
malicious binary files in text editor.

Thanks to Jonathan Kamens at Quantopian and Juan Broullón for the
reports.

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 6.8

CVSS v2 Details

MEDIUM 6.8

Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (Au): NONE
Confidentiality Impact (C): PARTIAL
Integrity Impact (I): PARTIAL
Availability Impact (A): PARTIAL