[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-10856":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":34,"duplicate_of":9,"upstream":37,"downstream":38,"duplicates":45,"related":46,"reserved_at":9,"published_at":48,"modified_at":49,"state":50,"summary":51,"references_raw":59,"kevs":97,"epss":98,"epss_history":101,"metrics":364,"affected":380},"CVE-2019-10856","In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-601","URL Redirection to Untrusted Site ('Open Redirect')","The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.","weakness","Draft","Base","Low",[20],{"id":21,"name":22,"techniques":23},"CAPEC-178","Cross-Site Flashing",[],[25],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_2A0504B5BE1F0672","Exploit Reference (blog.jupyter.org)","reference","https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4","unknown",0.2,false,[],[35,36],"GHSA-rcx2-m7jp-p9wj","PYSEC-2019-158",[],[39,41,43],{"_key":40},"MGASA-2022-0323",{"_key":42},"USN-5585-1",{"_key":44},"UBUNTU-CVE-2019-10856",[],[47],{"_key":40},"2019-04-04T15:48:33.000Z","2024-08-04T22:32:02.152Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":52,"epss_score":53,"severity":54,"severity_score":55,"severity_version":56,"severity_source":57,"severity_vector":58,"severity_status":50},"low",0.00167,"medium",6.1,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[60,70,75,80,84,89,93],{"url":29,"sources":61,"tags":64},[62,57,63],"cve.org","osv_pypi",[65,66,67,68,69],"X Refsource MISC","Exploit","Vendor Advisory","WEB","ARTICLE",{"url":71,"sources":72,"tags":73},"https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea",[62,57,63],[65,74,67,68],"Patch",{"url":76,"sources":77,"tags":78},"https://nvd.nist.gov/vuln/detail/CVE-2019-10856",[63],[79],"Advisory",{"url":81,"sources":82,"tags":83},"https://github.com/jupyter/notebook/commit/979e0bd15e794ceb00cc63737fcd5fd9addc4a99",[63],[68],{"url":85,"sources":86,"tags":87},"https://github.com/jupyter/notebook",[63],[88],"PACKAGE",{"url":90,"sources":91,"tags":92},"https://github.com/pypa/advisory-database/tree/main/vulns/notebook/PYSEC-2019-158.yaml",[63],[68],{"url":94,"sources":95,"tags":96},"https://github.com/advisories/GHSA-rcx2-m7jp-p9wj",[63],[79],[],{"date":99,"score":53,"percentile":100},"2026-06-04",0.37505,[102,105,108,111,114,117,120,123,126,129,132,135,138,141,144,147,150,153,156,159,162,165,167,169,172,175,178,181,184,187,190,193,196,199,202,205,208,211,214,217,220,223,225,228,231,234,237,240,243,245,248,251,254,257,261,264,266,269,272,275,278,281,284,287,290,293,296,298,300,302,305,308,310,313,316,319,322,325,328,331,334,337,340,343,346,349,352,355,358,361],{"date":103,"score":53,"percentile":104},"2025-11-04",0.38302,{"date":106,"score":53,"percentile":107},"2025-11-05",0.38294,{"date":109,"score":53,"percentile":110},"2025-11-06",0.38295,{"date":112,"score":53,"percentile":113},"2025-11-07",0.3832,{"date":115,"score":53,"percentile":116},"2025-11-08",0.38322,{"date":118,"score":53,"percentile":119},"2025-11-09",0.38303,{"date":121,"score":53,"percentile":122},"2025-11-10",0.38266,{"date":124,"score":53,"percentile":125},"2025-11-11",0.38288,{"date":127,"score":53,"percentile":128},"2025-11-12",0.38329,{"date":130,"score":53,"percentile":131},"2025-11-13",0.38344,{"date":133,"score":53,"percentile":134},"2025-11-14",0.38345,{"date":136,"score":53,"percentile":137},"2025-11-15",0.3834,{"date":139,"score":53,"percentile":140},"2025-11-16",0.38321,{"date":142,"score":53,"percentile":143},"2025-11-17",0.38297,{"date":145,"score":53,"percentile":146},"2025-11-18",0.32492,{"date":148,"score":53,"percentile":149},"2025-11-19",0.32507,{"date":151,"score":53,"percentile":152},"2025-11-20",0.32503,{"date":154,"score":53,"percentile":155},"2025-11-21",0.383,{"date":157,"score":53,"percentile":158},"2025-11-22",0.38305,{"date":160,"score":53,"percentile":161},"2025-11-23",0.38271,{"date":163,"score":53,"percentile":164},"2025-11-24",0.38261,{"date":166,"score":53,"percentile":161},"2025-11-25",{"date":168,"score":53,"percentile":122},"2025-11-26",{"date":170,"score":53,"percentile":171},"2025-11-27",0.38273,{"date":173,"score":53,"percentile":174},"2025-11-28",0.38247,{"date":176,"score":53,"percentile":177},"2025-11-29",0.38224,{"date":179,"score":53,"percentile":180},"2025-11-30",0.38208,{"date":182,"score":53,"percentile":183},"2025-12-01",0.3833,{"date":185,"score":53,"percentile":186},"2025-12-02",0.38339,{"date":188,"score":53,"percentile":189},"2025-12-03",0.38338,{"date":191,"score":53,"percentile":192},"2025-12-04",0.38204,{"date":194,"score":53,"percentile":195},"2025-12-05",0.38238,{"date":197,"score":53,"percentile":198},"2025-12-06",0.38236,{"date":200,"score":53,"percentile":201},"2025-12-07",0.38213,{"date":203,"score":53,"percentile":204},"2025-12-08",0.38227,{"date":206,"score":53,"percentile":207},"2025-12-09",0.38268,{"date":209,"score":53,"percentile":210},"2025-12-10",0.38327,{"date":212,"score":53,"percentile":213},"2025-12-11",0.38353,{"date":215,"score":53,"percentile":216},"2025-12-12",0.38386,{"date":218,"score":53,"percentile":219},"2025-12-13",0.38362,{"date":221,"score":53,"percentile":222},"2025-12-14",0.38328,{"date":224,"score":53,"percentile":104},"2025-12-15",{"date":226,"score":53,"percentile":227},"2025-12-16",0.38335,{"date":229,"score":53,"percentile":230},"2025-12-17",0.3838,{"date":232,"score":53,"percentile":233},"2025-12-18",0.38433,{"date":235,"score":53,"percentile":236},"2025-12-19",0.38454,{"date":238,"score":53,"percentile":239},"2025-12-20",0.38437,{"date":241,"score":53,"percentile":242},"2025-12-21",0.38388,{"date":244,"score":53,"percentile":219},"2025-12-22",{"date":246,"score":53,"percentile":247},"2025-12-23",0.38364,{"date":249,"score":53,"percentile":250},"2025-12-24",0.38377,{"date":252,"score":53,"percentile":253},"2025-12-25",0.3843,{"date":255,"score":53,"percentile":256},"2025-12-26",0.38411,{"date":258,"score":259,"percentile":260},"2025-12-27",0.00171,0.38896,{"date":262,"score":53,"percentile":263},"2025-12-28",0.38331,{"date":265,"score":53,"percentile":104},"2025-12-29",{"date":267,"score":53,"percentile":268},"2025-12-30",0.38291,{"date":270,"score":53,"percentile":271},"2025-12-31",0.38358,{"date":273,"score":53,"percentile":274},"2026-01-01",0.38511,{"date":276,"score":53,"percentile":277},"2026-01-02",0.38486,{"date":279,"score":53,"percentile":280},"2026-01-03",0.38481,{"date":282,"score":53,"percentile":283},"2026-01-04",0.38314,{"date":285,"score":53,"percentile":286},"2026-01-05",0.38286,{"date":288,"score":53,"percentile":289},"2026-01-06",0.38293,{"date":291,"score":53,"percentile":292},"2026-01-07",0.38315,{"date":294,"score":53,"percentile":295},"2026-01-08",0.38341,{"date":297,"score":53,"percentile":227},"2026-01-09",{"date":299,"score":53,"percentile":186},"2026-01-10",{"date":301,"score":53,"percentile":292},"2026-01-11",{"date":303,"score":53,"percentile":304},"2026-01-12",0.38265,{"date":306,"score":53,"percentile":307},"2026-01-13",0.38243,{"date":309,"score":53,"percentile":143},"2026-01-14",{"date":311,"score":53,"percentile":312},"2026-01-15",0.38287,{"date":314,"score":53,"percentile":315},"2026-01-16",0.38307,{"date":317,"score":53,"percentile":318},"2026-01-17",0.38278,{"date":320,"score":53,"percentile":321},"2026-01-18",0.38226,{"date":323,"score":53,"percentile":324},"2026-01-19",0.38192,{"date":326,"score":53,"percentile":327},"2026-01-20",0.38171,{"date":329,"score":53,"percentile":330},"2026-01-21",0.38148,{"date":332,"score":53,"percentile":333},"2026-01-22",0.38139,{"date":335,"score":53,"percentile":336},"2026-01-23",0.38198,{"date":338,"score":53,"percentile":339},"2026-01-24",0.38206,{"date":341,"score":53,"percentile":342},"2026-01-25",0.38149,{"date":344,"score":53,"percentile":345},"2026-01-26",0.38081,{"date":347,"score":53,"percentile":348},"2026-01-27",0.38077,{"date":350,"score":53,"percentile":351},"2026-01-28",0.38053,{"date":353,"score":53,"percentile":354},"2026-01-29",0.3803,{"date":356,"score":53,"percentile":357},"2026-01-30",0.38028,{"date":359,"score":53,"percentile":360},"2026-01-31",0.38029,{"date":362,"score":53,"percentile":363},"2026-02-01",0.38134,[365,375],{"source":57,"cvss_v2_0":366,"cvss_v3_0":371,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":367,"baseSeverity":9,"vectorString":368,"impactScore":369,"exploitabilityScore":370},5.8,"AV:N/AC:M/Au:N/C:P/I:P/A:N",4.9,8.6,{"baseScore":55,"baseSeverity":372,"vectorString":58,"impactScore":373,"exploitabilityScore":374},"MEDIUM",4.5,7.2,{"source":63,"cvss_v2_0":9,"cvss_v3_0":376,"cvss_v3_1":9,"cvss_v4_0":377},{"baseScore":55,"baseSeverity":9,"vectorString":58,"impactScore":373,"exploitabilityScore":374},{"baseScore":378,"baseSeverity":9,"vectorString":379,"impactScore":9,"exploitabilityScore":9},5.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",[381,392],{"ecosystem":9,"name":382,"vendor":383,"product":382,"cpe_part":384,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":385},"notebook","jupyter","a",[386],{"version":387,"is_range":388,"range_type":389,"version_start":9,"version_start_type":9,"version_end":390,"version_end_type":391,"fixed_in":9},"lt5.7.8",true,"cpe","5.7.8","excluding",{"ecosystem":393,"name":382,"vendor":393,"product":382,"cpe_part":9,"purl_type":394,"purl_namespace":9,"purl_name":382,"source":9,"versions":395},"PyPI","pypi",[396],{"version":397,"is_range":388,"range_type":398,"version_start":9,"version_start_type":9,"version_end":390,"version_end_type":391,"fixed_in":9},"lt5_7_8","ecosystem"]