CVE-2019-10856
MEDIUMJupyter Notebook < 5.7.8 - Open Redirect via Empty Netloc
Title source: llmDescription
In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.
References (2)
Core 2
Core References
Exploit, Vendor Advisory x_refsource_misc
https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
Patch, Vendor Advisory x_refsource_misc
https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea
Scores
CVSS v3
6.1
EPSS
0.0126
EPSS Percentile
65.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-601
Status
published
Products (2)
jupyter/notebook
< 5.7.8
pypi/notebook
0 - 5.7.8PyPI
Published
Apr 04, 2019
Tracked Since
Feb 18, 2026