ipython
PyPI8 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting ipythonpage 1 of 1
- CVE-2014-3429NONECVSS 0.0✓ Fixed in 1.2.02014-08-07
vulnerable: 0.12 ... 1.1.0 (7 versions)
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.
- CVE-2015-4706MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.2.02017-09-21
vulnerable: 3.0.0, 3.1.0
Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/contents path.
- CVE-2015-4707MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.2.02017-09-20
vulnerable: 0.10 ... 3.1.0 (47 versions)
Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path.
- CVE-2015-5607HIGHCVSS 8.8EG 8.8✓ Fixed in 3.2.12017-09-20
vulnerable: 0.10 ... 3.2.0 (48 versions)
Cross-site request forgery in the REST API in IPython 2 and 3.
- CVE-2015-6938NONECVSS 0.0EG 0.0✓ Fixed in 3.2.22015-09-21
vulnerable: 0.10 ... 3.2.1 (49 versions)
Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder na…
- CVE-2015-7337NONECVSS 0.0EG 0.0✓ Fixed in 3.2.22015-09-29
vulnerable: 0.10 ... 3.2.1 (49 versions)
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types.
- CVE-2022-21699HIGHCVSS 8.2EG 8.2✓ Fixed in 8.0.12022-01-19
vulnerable: 0.10 ... 8.0.0 (138 versions)
IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerabili…
- CVE-2023-24816MEDIUMCVSS 4.5EG 4.5✓ Fixed in 8.10.02023-02-10
vulnerable: 0.10 ... 8.9.0 (158 versions)
IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Versions prior to 8.1.0 are subject to a command injection vulnerability…
Check whether ipython is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for ipython CVEs against the assets you own.
Start Free Scan →