CVE-2020-26215 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-26215 Interim 1 10 2023-09-06T23:55:45Z current 2021-05-30T14:44:25Z 2023-09-06T23:55:45Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-26215 Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for known notebook server hosts. A link to your notebook server may appear safe, but ultimately redirect to a spoofed server on the public internet. The issue is patched in version 6.1.5. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T2R7EJ2EM5E7MLFSQTMZGFVV45CYMONR/ E-Mail link for openSUSE-SU-2021:0024-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PBYYAJDZEGK7HWUZML3NOYSMWWR5CVC3/ E-Mail link for openSUSE-SU-2021:0078-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OH7ZP2LBWERB26YSK5VYEQ2JEDDJXUOG/ E-Mail link for openSUSE-SU-2021:0117-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 15 SP1 openSUSE Leap 15.1 openSUSE Leap 15.2 jupyter-notebook-5.7.8-lp152.2.3.1 jupyter-notebook-doc-5.7.8-lp152.2.3.1 jupyter-notebook-lang-5.7.8-lp152.2.3.1 jupyter-notebook-latex-5.7.8-lp152.2.3.1 python-jupyter_notebook-doc-5.7.7-bp151.3.3.1 python-jupyter_notebook-doc-5.7.7-lp151.2.3.1 python2-jupyter_notebook-5.7.7-bp151.3.3.1 python2-jupyter_notebook-5.7.7-lp151.2.3.1 python2-jupyter_notebook-lang-5.7.7-bp151.3.3.1 python2-jupyter_notebook-lang-5.7.7-lp151.2.3.1 python2-jupyter_notebook-latex-5.7.7-bp151.3.3.1 python2-jupyter_notebook-latex-5.7.7-lp151.2.3.1 python2-notebook-5.7.8-lp152.2.3.1 python2-notebook-lang-5.7.8-lp152.2.3.1 python3-jupyter_notebook-5.7.7-bp151.3.3.1 python3-jupyter_notebook-5.7.7-lp151.2.3.1 python3-jupyter_notebook-lang-5.7.7-bp151.3.3.1 python3-jupyter_notebook-lang-5.7.7-lp151.2.3.1 python3-jupyter_notebook-latex-5.7.7-bp151.3.3.1 python3-jupyter_notebook-latex-5.7.7-lp151.2.3.1 python3-notebook-5.7.8-lp152.2.3.1 python3-notebook-lang-5.7.8-lp152.2.3.1 python-jupyter_notebook-doc-5.7.7-bp151.3.3.1 as a component of SUSE Package Hub 15 SP1 python2-jupyter_notebook-5.7.7-bp151.3.3.1 as a component of SUSE Package Hub 15 SP1 python2-jupyter_notebook-lang-5.7.7-bp151.3.3.1 as a component of SUSE Package Hub 15 SP1 python2-jupyter_notebook-latex-5.7.7-bp151.3.3.1 as a component of SUSE Package Hub 15 SP1 python3-jupyter_notebook-5.7.7-bp151.3.3.1 as a component of SUSE Package Hub 15 SP1 python3-jupyter_notebook-lang-5.7.7-bp151.3.3.1 as a component of SUSE Package Hub 15 SP1 python3-jupyter_notebook-latex-5.7.7-bp151.3.3.1 as a component of SUSE Package Hub 15 SP1 python-jupyter_notebook-doc-5.7.7-lp151.2.3.1 as a component of openSUSE Leap 15.1 python2-jupyter_notebook-5.7.7-lp151.2.3.1 as a component of openSUSE Leap 15.1 python2-jupyter_notebook-lang-5.7.7-lp151.2.3.1 as a component of openSUSE Leap 15.1 python2-jupyter_notebook-latex-5.7.7-lp151.2.3.1 as a component of openSUSE Leap 15.1 python3-jupyter_notebook-5.7.7-lp151.2.3.1 as a component of openSUSE Leap 15.1 python3-jupyter_notebook-lang-5.7.7-lp151.2.3.1 as a component of openSUSE Leap 15.1 python3-jupyter_notebook-latex-5.7.7-lp151.2.3.1 as a component of openSUSE Leap 15.1 jupyter-notebook-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 jupyter-notebook-doc-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 jupyter-notebook-lang-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 jupyter-notebook-latex-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 python2-notebook-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 python2-notebook-lang-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 python3-notebook-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 python3-notebook-lang-5.7.8-lp152.2.3.1 as a component of openSUSE Leap 15.2 Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for known notebook server hosts. A link to your notebook server may appear safe, but ultimately redirect to a spoofed server on the public internet. The issue is patched in version 6.1.5. CVE-2020-26215 SUSE Package Hub 15 SP1:python-jupyter_notebook-doc-5.7.7-bp151.3.3.1 SUSE Package Hub 15 SP1:python2-jupyter_notebook-5.7.7-bp151.3.3.1 SUSE Package Hub 15 SP1:python2-jupyter_notebook-lang-5.7.7-bp151.3.3.1 SUSE Package Hub 15 SP1:python2-jupyter_notebook-latex-5.7.7-bp151.3.3.1 SUSE Package Hub 15 SP1:python3-jupyter_notebook-5.7.7-bp151.3.3.1 SUSE Package Hub 15 SP1:python3-jupyter_notebook-lang-5.7.7-bp151.3.3.1 SUSE Package Hub 15 SP1:python3-jupyter_notebook-latex-5.7.7-bp151.3.3.1 openSUSE Leap 15.1:python-jupyter_notebook-doc-5.7.7-lp151.2.3.1 openSUSE Leap 15.1:python2-jupyter_notebook-5.7.7-lp151.2.3.1 openSUSE Leap 15.1:python2-jupyter_notebook-lang-5.7.7-lp151.2.3.1 openSUSE Leap 15.1:python2-jupyter_notebook-latex-5.7.7-lp151.2.3.1 openSUSE Leap 15.1:python3-jupyter_notebook-5.7.7-lp151.2.3.1 openSUSE Leap 15.1:python3-jupyter_notebook-lang-5.7.7-lp151.2.3.1 openSUSE Leap 15.1:python3-jupyter_notebook-latex-5.7.7-lp151.2.3.1 openSUSE Leap 15.2:jupyter-notebook-5.7.8-lp152.2.3.1 openSUSE Leap 15.2:jupyter-notebook-doc-5.7.8-lp152.2.3.1 openSUSE Leap 15.2:jupyter-notebook-lang-5.7.8-lp152.2.3.1 openSUSE Leap 15.2:jupyter-notebook-latex-5.7.8-lp152.2.3.1 openSUSE Leap 15.2:python2-notebook-5.7.8-lp152.2.3.1 openSUSE Leap 15.2:python2-notebook-lang-5.7.8-lp152.2.3.1 openSUSE Leap 15.2:python3-notebook-5.7.8-lp152.2.3.1 openSUSE Leap 15.2:python3-notebook-lang-5.7.8-lp152.2.3.1 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N