CVE-2021-32862 - Vulnerability Details - OpenCVE

The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer).

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Jupyter	Nbconvert

Configuration 1 [-]

cpe:2.3:a:jupyter:nbconvert:*:*:*:*:*:python:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/jupyter/nbconvert/security/advisories/GHSA-9jmq-rx5f-8jwq
https://github.com/jupyter/nbviewer/security/advisories/GHSA-h274-fcvj-h2wm
https://lists.debian.org/debian-lts-announce/2023/06/msg00003.html
https://lists.debian.org/debian-lts-announce/2024/09/msg00004.html

History

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/09/msg00004.html

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-08-18T00:00:00

Updated: 2024-09-02T21:02:59.728Z

Reserved: 2021-05-12T00:00:00

Link: CVE-2021-32862

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-18T19:15:14.337

Modified: 2024-11-21T06:07:54.300

Link: CVE-2021-32862

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-32862", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2024-09-02T21:02:59.728Z", "dateReserved": "2021-05-12T00:00:00", "datePublished": "2022-08-18T00:00:00"}, "containers": {"cna": {"title": "nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-06-03T00:00:00"}, "descriptions": [{"lang": "en", "value": "The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer)."}], "affected": [{"vendor": "jupyter", "product": "nbconvert", "versions": [{"version": "<= 6.2", "status": "affected"}]}], "references": [{"url": "https://github.com/jupyter/nbconvert/security/advisories/GHSA-9jmq-rx5f-8jwq"}, {"url": "https://github.com/jupyter/nbviewer/security/advisories/GHSA-h274-fcvj-h2wm"}, {"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3442-1] nbconvert security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00003.html"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79"}]}], "source": {"advisory": "GHSA-9jmq-rx5f-8jwq", "discovery": "UNKNOWN"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/jupyter/nbconvert/security/advisories/GHSA-9jmq-rx5f-8jwq", "tags": ["x_transferred"]}, {"url": "https://github.com/jupyter/nbviewer/security/advisories/GHSA-h274-fcvj-h2wm", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3442-1] nbconvert security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00003.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00004.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-02T21:02:59.728Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jupyter:nbconvert:*:*:*:*:*:python:*:*", "matchCriteriaId": "9435F75B-A4F7-483E-BB77-312C5AE7BD31", "versionEndIncluding": "6.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbviewer)."}, {"lang": "es", "value": "GitHub Security Lab detect\u00f3 diecis\u00e9is formas de explotar una vulnerabilidad de tipo cross-site scripting en nbconvert. Cuando es usado nbconvert para generar una versi\u00f3n HTML de un cuaderno controlable por el usuario, es posible inyectar HTML arbitrario que puede conllevar a vulnerabilidades de tipo cross-site scripting (XSS) si estos cuadernos HTML son servidos por un servidor web (por ejemplo: nbviewer)."}], "id": "CVE-2021-32862", "lastModified": "2024-11-21T06:07:54.300", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-18T19:15:14.337", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/jupyter/nbconvert/security/advisories/GHSA-9jmq-rx5f-8jwq"}, {"source": "security-advisories@github.com", "tags": ["Broken Link"], "url": "https://github.com/jupyter/nbviewer/security/advisories/GHSA-h274-fcvj-h2wm"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/jupyter/nbconvert/security/advisories/GHSA-9jmq-rx5f-8jwq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://github.com/jupyter/nbviewer/security/advisories/GHSA-h274-fcvj-h2wm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00004.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}