Nixpkgs security tracker
Untriaged
Activity log
- Created suggestion
nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. As of time of publication, no known patches exist.
References
-
-
https://github.com/jupyter/nbconvert/issues/2258 x_refsource_MISC
-
https://github.com/jupyter/nbconvert/releases/tag/v7.17.0 x_refsource_MISC
-
https://github.com/jupyter/nbconvert/security/advisories/GHSA-xm59-rqc7-hhvf x_refsource_CONFIRM
Affected products
nbconvert
- ==< 7.17.0
- =<7.16.6
- <7.17.0
Matching in nixpkgs
pkgs.python312Packages.nbconvert
Converting Jupyter Notebooks
-
nixos-unstable 7.16.6
pkgs.python313Packages.nbconvert
Converting Jupyter Notebooks
pkgs.python314Packages.nbconvert
Converting Jupyter Notebooks
Package maintainers
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@thomasjm Tom McLaughlin <tom@codedown.io>
-
@natsukium Tomoya Otabi <nixpkgs@natsukium.com>