MEDIUM 6.1 PyPI
GHSA-3vff-hjqv-m7h8 · BIT-jupyterhub-2026-33709, CVE-2026-33709 JupyterHub has an Open Redirect Vulnerability
Modified: 5/5/2026
package
PyPI / jupyterhub
pkg:pypi/jupyterhub
HIGH 8.1 PyPI
GHSA-7r3h-4ph8-w38g · BIT-jupyterhub-2024-28233, CVE-2024-28233 Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing
Modified: 4/3/2024
MEDIUM 4.5 PyPI
GHSA-7xx3-qp5w-fw96 · BIT-jupyterhub-2020-36191, CVE-2020-36191 Cross-Site Request Forgery in JupyterHub
Modified: 9/24/2024
HIGH 7.2 PyPI
GHSA-9x4q-3gxw-849f · BIT-jupyterhub-2024-41942, CVE-2024-41942 JupyterHub has a privilege escalation vulnerability with the `admin:users` scope
Modified: 2/4/2026
LOW 3.5 PyPI
GHSA-cw7p-q79f-m2v7 · BIT-jupyterhub-2021-41247, CVE-2021-41247 incomplete JupyterHub logout with simultaneous JupyterLab sessions
Modified: 3/13/2026
MEDIUM 5.4 PyPI
GHSA-m68r-v472-jgq9 · CVE-2026-40864 JupyterHub has cross-origin form POSTs bypass XSRF (CWE-352)
Modified: 5/5/2026
MEDIUM 6.1 PyPI
GHSA-rv62-4pmj-xw6h · CVE-2019-10255 Open Redirect vulnerability in jupyterhub and notebook
Modified: 2/18/2024
— PyPI
PYSEC-2021-386 · BIT-jupyterhub-2021-41247, CVE-2021-41247 Modified: 12/6/2023
— PyPI
PYSEC-2021-67 · BIT-jupyterhub-2020-36191, CVE-2020-36191 Modified: 12/6/2023
HIGH 7.2 PyPI
PYSEC-2024-200 · BIT-jupyterhub-2024-41942, CVE-2024-41942 Modified: 1/19/2025