CVE-2026-33709

Sažetak

JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an arbitrary attacker-controlled site outside JupyterHub instead of a JupyterHub page, bypassing JupyterHub's check to prevent this. This issue has been patched in version 5.4.4.

Reference

https://github.com/jupyterhub/jupyterhub/releases/tag/5.4.4
https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-3vff-hjqv-m7h8

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

03-04-2026 - 22:16

Objavljeno

03-04-2026 - 22:16