CVE-2019-10255: URL Redirection to Untrusted Site (Open Redirect)

March 28, 2019 (updated April 12, 2019)

An Open Redirect vulnerability for all browsers in Jupyter allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected.

References

blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
nvd.nist.gov/vuln/detail/CVE-2019-10255

Code Behaviors & Features

Detect and mitigate CVE-2019-10255 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →