jupyterlab-git
PyPI3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting jupyterlab-gitpage 1 of 1
- CVE-2025-30370HIGHCVSS 7.4EG 7.4✓ Fixed in 0.51.12025-04-03
vulnerable: 0.1.1 ... 0.9.1 (76 versions)
jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(<command>). These directory…
- CVE-2026-54527CRITICALCVSS 9.3EG 9.3✓ Fixed in 0.54.02026-06-19
vulnerable: 0.30.0 ... 0.54.0a1 (48 versions)
JupyterLab Git is a Git extension for JupyterLab. From 0.30.0b3 before 0.54.0, the PlainTextDiff.ts createHeader() method passes Git filenames directly to innerHTML when rendering renamed files in commit history, allowing a crafted filenam…
- CVE-2026-54528HIGHCVSS 7.1EG 7.1✓ Fixed in 0.54.02026-06-19
vulnerable: 0.1.1 ... 0.9.1 (86 versions)
JupyterLab Git is a Git extension for JupyterLab. Prior to 0.54.0, jupyterlab-git uses fnmatch.fnmatchcase() in GitHandler.prepare() in jupyterlab_git/handlers.py to enforce excluded_paths, allowing an authenticated user on a case-insensit…
Check whether jupyterlab-git is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for jupyterlab-git CVEs against the assets you own.
Start Free Scan →