EPSS
Percentile
30.4%
Jupyter notebook is vulnerable to remote code execution (RCE) attacks. A malicious user can pass a HTML/SVG file to the application to inject and execute arbitrary javascript code to the notebook server.
HTML/SVG
openwall.com/lists/oss-security/2018/03/15/2
seclists.org/oss-sec/2018/q1/238
github.com/jupyter/notebook/pull/3341
lists.debian.org/debian-lts-announce/2020/11/msg00033.html