{"id":"PYSEC-2020-215","details":"Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for known notebook server hosts. A link to your notebook server may appear safe, but ultimately redirect to a spoofed server on the public internet. The issue is patched in version 6.1.5.","aliases":["BIT-jupyter-base-notebook-2020-26215","BIT-jupyter-notebook-2020-26215","CVE-2020-26215","GHSA-c7vm-f5p4-8fqh"],"modified":"2025-09-19T02:18:33.203561Z","published":"2020-11-18T22:15:00Z","references":[{"type":"ADVISORY","url":"https://github.com/jupyter/notebook/security/advisories/GHSA-c7vm-f5p4-8fqh"},{"type":"FIX","url":"https://github.com/jupyter/notebook/commit/3cec4bbe21756de9f0c4bccf18cf61d840314d74"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/12/msg00004.html"}],"affected":[{"package":{"name":"notebook","ecosystem":"PyPI","purl":"pkg:pypi/notebook"},"ranges":[{"type":"GIT","repo":"https://github.com/jupyter/notebook","events":[{"introduced":"0"},{"fixed":"3cec4bbe21756de9f0c4bccf18cf61d840314d74"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.5"}]}],"versions":["0.0.0","4.0.0","4.0.1","4.0.2","4.0.4","4.0.5","4.0.6","4.1.0","4.2.0","4.2.0b1","4.2.1","4.2.2","4.2.3","4.3.0","4.3.1","4.3.2","4.4.0","4.4.1","5.0.0","5.0.0b1","5.0.0b2","5.0.0rc1","5.0.0rc2","5.1.0","5.1.0rc1","5.1.0rc2","5.1.0rc3","5.2.0","5.2.0rc1","5.2.1","5.2.1rc1","5.2.2","5.3.0","5.3.0rc1","5.3.1","5.4.0","5.4.1","5.5.0","5.5.0rc1","5.6.0","5.6.0rc1","5.7.0","5.7.1","5.7.10","5.7.2","5.7.3","5.7.4","5.7.5","5.7.6","5.7.8","5.7.9","6.0.0","6.0.0rc1","6.0.1","6.0.2","6.0.3","6.1.0","6.1.0rc1","6.1.1","6.1.2","6.1.3","6.1.4","5.7.11","5.7.12","5.7.13","5.7.14","5.7.14a0","5.7.15","5.7.16"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/notebook/PYSEC-2020-215.yaml"}}],"schema_version":"1.7.3"}