VulnerableCode Package Details - pkg:pypi/nbconvert@6.0.6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/nbconvert@6.0.6

Essentials
History (1)

purl	pkg:pypi/nbconvert@6.0.6

Next non-vulnerable version	6.3.0a0
Latest non-vulnerable version	7.17.0
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-qe9z-kwrs-3bgv Aliases: CVE-2021-32862 GHSA-9jmq-rx5f-8jwq GHSA-h274-fcvj-h2wm PYSEC-2022-249	The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).	6.3.0a0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:17:33.488613+00:00	Pypa Importer	Affected by	VCID-qe9z-kwrs-3bgv	https://github.com/pypa/advisory-database/blob/main/vulns/nbconvert/PYSEC-2022-249.yaml	38.6.0