Security Overview · jupyter/notebook · GitHub

Security

Report a vulnerability

SECURITY.md

Security Policy

Reporting a Vulnerability

If you find a security vulnerability in Jupyter you can:

open a private security issue on given repository (if not enable let us know by email, and we'll enable)
send report to [email protected] (new since 2025)
send report to [email protected] (this email may be sunset in the future)

See more information in our docs.

Known or guessable hidden files may be accessed
GHSA-v7vq-3x77-87vg published Jun 14, 2022 by blink1073

Moderate
Sensitive Auth & Cookie data stored in Jupyter server logs
GHSA-m87f-39q9-6f55 published Mar 22, 2022 by Zsailer

High
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook
GHSA-hwvq-6gjx-j797 published Aug 9, 2021 by Carreau

Critical
Open redirect vulnerability
GHSA-c7vm-f5p4-8fqh published Nov 18, 2020 by kevin-bates

Moderate

Learn more about advisories related to jupyter/notebook in the GitHub Advisory Database