jupyter-enterprise-gateway
PyPI3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting jupyter-enterprise-gatewaypage 1 of 1
- CVE-2026-44180CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.3.02026-06-03
vulnerable: 2.0.0 ... 3.2.3 (23 versions)
Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids Bypass ### Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 (root). This can be…
- CVE-2026-44181CRITICALCVSS 0.0EG 0.0✓ Fixed in 3.3.02026-06-03
vulnerable: 2.0.0 ... 3.2.3 (22 versions)
Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution ### Summary The environment variables (`KERNEL_XXX`) used during the rendering of the Kubernetes manifest are vulnerable to Ser…
- CVE-2026-44182CRITICALCVSS 0.0EG 0.0✓ Fixed in 3.3.02026-06-03
vulnerable: 0.5.0.dev0 ... 3.2.3 (41 versions)
Jupyter Enterprise Gateway: Kubernetes Manifest Injection in Jinja2 Template Rendering ### Summary The environment variables used during the rendering of the Kubernetes manifest allow YAML injection, enabling attackers to overwrite exist…
Check whether jupyter-enterprise-gateway is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for jupyter-enterprise-gateway CVEs against the assets you own.
Start Free Scan →