{"id":"PYSEC-2019-158","details":"In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.","aliases":["CVE-2019-10856","GHSA-rcx2-m7jp-p9wj"],"modified":"2023-11-01T04:50:12.044947Z","published":"2019-04-04T16:29:00Z","references":[{"type":"WEB","url":"https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea"},{"type":"ARTICLE","url":"https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-rcx2-m7jp-p9wj"}],"affected":[{"package":{"name":"notebook","ecosystem":"PyPI","purl":"pkg:pypi/notebook"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.7.8"}]}],"versions":["0.0.0","4.0.0","4.0.1","4.0.2","4.0.4","4.0.5","4.0.6","4.1.0","4.2.0","4.2.0b1","4.2.1","4.2.2","4.2.3","4.3.0","4.3.1","4.3.2","4.4.0","4.4.1","5.0.0","5.0.0b1","5.0.0b2","5.0.0rc1","5.0.0rc2","5.1.0","5.1.0rc1","5.1.0rc2","5.1.0rc3","5.2.0","5.2.0rc1","5.2.1","5.2.1rc1","5.2.2","5.3.0","5.3.0rc1","5.3.1","5.4.0","5.4.1","5.5.0","5.5.0rc1","5.6.0","5.6.0rc1","5.7.0","5.7.1","5.7.2","5.7.3","5.7.4","5.7.5","5.7.6"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/notebook/PYSEC-2019-158.yaml"}}],"schema_version":"1.7.3"}