Alerts This Week
Warning Icon 1 876
Alerts This Week
Warning Icon 1 876

Fedora 43 python-jupyter-server Critical Path Traversal DoS 2026-9536c7cb79

fedora
Calendar Grey June 26, 2026
Dist Fedora Esm H88
Update for python-jupyter-server in Fedora 43 addresses critical security flaws for enhanced safety.
New version of jupyter-server fixing various security vulnerabilities.

Summary

The Jupyter Server provides the backend (i.e. the core services,

APIs, and REST endpoints) for Jupyter web applications like

Jupyter notebook, JupyterLab, and Voila.

Update Information:

New version of jupyter-server fixing various security vulnerabilities.

Topics%20covered

Topics Covered

security advisory unauthorized access fedora arbitrary code execution important authentication bypass

Change Log

* Thu Jun 4 2026 Python Maint - 2.19.0-2 - Rebuilt for Python 3.15 * Mon Jun 1 2026 Lumir Balhar - 2.19.0-1 - Update to 2.19.0 (rhbz#2483209) * Mon May 11 2026 Lumir Balhar - 2.18.2-1 - Update to 2.18.2 (rhbz#2466683) * Tue May 5 2026 Lumir Balhar - 2.18.0-1 - Update to 2.18.0 (rhbz#2465646) * Tue Apr 14 2026 Tomáš Hrnčiar - 2.17.0-5 - Raise pytest upper bound to allow pytest 9 * Fri Mar 20 2026 Lumir Balhar - 2.17.0-4 - Ignore deprecation warnings from ptyprocess:pty to fix build with Python 3.15 alpha 7 * Sat Jan 17 2026 Fedora Release Engineering - 2.17.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

References


[ 1 ] Bug #2484708 - CVE-2026-35397 python-jupyter-server: Jupyter Server: Unauthorized File Access via Path Traversal Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484708 [ 2 ] Bug #2484713 - CVE-2026-40934 python-jupyter-server: Jupyter Server: Authentication bypass due to unrotated cookie secret [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484713 [ 3 ] Bug #2485374 - CVE-2026-6657 python-jupyter-server: jupyter-server: Arbitrary code execution due to CORS origin validation bypass [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2485374

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9536c7cb79' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: python-jupyter-server
Product: Fedora 43
Version: 2.19.0
Release: 2.fc43
URL: https://jupyter-server.readthedocs.io
Summary: The backend for Jupyter web applications

Topics%20covered

Topics Covered

security advisory unauthorized access fedora arbitrary code execution important authentication bypass

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here