{"id":"CVE-2019-10856","details":"In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.","aliases":["GHSA-rcx2-m7jp-p9wj","PYSEC-2019-158"],"modified":"2026-05-08T18:41:40.308437Z","published":"2019-04-04T16:29:03.290Z","references":[{"type":"FIX","url":"https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea"},{"type":"EVIDENCE","url":"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jupyter/notebook","events":[{"introduced":"0"},{"fixed":"b8e30ea84bd614a193f5233cc875440e4580d12a"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"5.7.8"}],"cpe":"cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10856.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}