{"url":"http://public2.vulnerablecode.io/api/packages/48987?format=json","purl":"pkg:deb/debian/jupyter-notebook@5.7.8-1?distro=trixie","type":"deb","namespace":"debian","name":"jupyter-notebook","version":"5.7.8-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.1.5-1","latest_non_vulnerable_version":"7.0.0-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207539?format=json","vulnerability_id":"VCID-325f-a8p5-hqcn","summary":"An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. Access to the content of resources has been demonstrated with Internet Explorer through capturing of error messages, though not reproduced with other browsers. This occurs because Internet Explorer's error messages can include the content of any invalid JavaScript that was encountered.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9644","reference_id":"","reference_type":"","scores":[{"value":"0.00519","scoring_system":"epss","scoring_elements":"0.67225","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9644"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9644","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9644"},{"reference_url":"https://github.com/advisories/GHSA-hhx8-cr55-qcxx","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hhx8-cr55-qcxx"},{"reference_url":"https://github.com/jupyter/notebook","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jupyter/notebook"},{"reference_url":"https://github.com/jupyter/notebook/compare/f3f00df...05aa4b2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jupyter/notebook/compare/f3f00df...05aa4b2"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/notebook/PYSEC-2019-159.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/notebook/PYSEC-2019-159.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9644","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9644"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924515","reference_id":"924515","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924515"},{"reference_url":"https://usn.ubuntu.com/5585-1/","reference_id":"USN-5585-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5585-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48987?format=json","purl":"pkg:deb/debian/jupyter-notebook@5.7.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@5.7.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48981?format=json","purl":"pkg:deb/debian/jupyter-notebook@6.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dsjn-5js1-tqff"},{"vulnerability":"VCID-jsat-rcph-53fz"},{"vulnerability":"VCID-yb37-13hx-ubd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@6.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48979?format=json","purl":"pkg:deb/debian/jupyter-notebook@6.4.12-2.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@6.4.12-2.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48984?format=json","purl":"pkg:deb/debian/jupyter-notebook@6.4.13-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@6.4.13-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48982?format=json","purl":"pkg:deb/debian/jupyter-notebook@7.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@7.0.0-2%3Fdistro=trixie"}],"aliases":["CVE-2019-9644","GHSA-hhx8-cr55-qcxx","PYSEC-2019-159"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-325f-a8p5-hqcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203406?format=json","vulnerability_id":"VCID-n6a3-8x5p-2qby","summary":"Open Redirect vulnerability in jupyterhub and notebook","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10255","reference_id":"","reference_type":"","scores":[{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64612","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10255"},{"reference_url":"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10255"},{"reference_url":"https://github.com/jupyter/notebook","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jupyter/notebook"},{"reference_url":"https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb"},{"reference_url":"https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b"},{"reference_url":"https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed"},{"reference_url":"https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925939","reference_id":"925939","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925939"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10255","reference_id":"CVE-2019-10255","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10255"},{"reference_url":"https://github.com/advisories/GHSA-rv62-4pmj-xw6h","reference_id":"GHSA-rv62-4pmj-xw6h","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rv62-4pmj-xw6h"},{"reference_url":"https://usn.ubuntu.com/5585-1/","reference_id":"USN-5585-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5585-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48987?format=json","purl":"pkg:deb/debian/jupyter-notebook@5.7.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@5.7.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48981?format=json","purl":"pkg:deb/debian/jupyter-notebook@6.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dsjn-5js1-tqff"},{"vulnerability":"VCID-jsat-rcph-53fz"},{"vulnerability":"VCID-yb37-13hx-ubd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@6.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48979?format=json","purl":"pkg:deb/debian/jupyter-notebook@6.4.12-2.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@6.4.12-2.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48984?format=json","purl":"pkg:deb/debian/jupyter-notebook@6.4.13-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@6.4.13-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48982?format=json","purl":"pkg:deb/debian/jupyter-notebook@7.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@7.0.0-2%3Fdistro=trixie"}],"aliases":["CVE-2019-10255","GHSA-rv62-4pmj-xw6h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6a3-8x5p-2qby"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jupyter-notebook@5.7.8-1%3Fdistro=trixie"}