UBUNTU-CVE-2019-10856
Advisory lineage Upstream: 1 Downstream: 1
Upstream
Downstream
Published: 04 Apr 2019, 16:29
Last modified:20 May 2026, 16:03
Vulnerability Summary
Overall Risk (default)
low
24/100 CVSS Score
6.1 MEDIUM
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
04 Apr 2019, 16:29
Published
Vulnerability first disclosed
20 May 2026, 16:03
Last Modified
Vulnerability information updated
Description
In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.
CVSS Metrics
- v3.0•MEDIUM•Score: 6.1CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Systems
- ubuntu•jupyter-notebook
< 5.2.2-1ubuntu0.1 | < 6.0.3-2ubuntu0.1 | < 6.4.8-1ubuntu0.1 | all | all | all
References (6)
- https://ubuntu.com/security/CVE-2019-10856
- https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
- https://github.com/jupyter/notebook/commit/979e0bd15e794ceb00cc63737fcd5fd9addc4a99
- https://github.com/jupyter/notebook/compare/16cf97c...b8e30ea
- https://ubuntu.com/security/notices/USN-5585-1
- https://www.cve.org/CVERecord?id=CVE-2019-10856