CVE-2026-39377

NameCVE-2026-39377
DescriptionThe nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes to locations outside the intended output directory when processing notebooks containing crafted cell attachment filenames. The `ExtractAttachmentsPreprocessor` passes attachment filenames directly to the filesystem without sanitization, enabling path traversal attacks. This vulnerability provides complete control over both the destination path and file extension. Version 7.17.1 contains a patch.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1134889

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nbconvert (PTS)bullseye5.6.1-3fixed
bullseye (security)5.6.1-3+deb11u1fixed
bookworm6.5.3-3fixed
trixie7.16.6-1vulnerable
forky, sid7.17.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nbconvertsourcebullseye(not affected)
nbconvertsourcebookworm(not affected)
nbconvertsource(unstable)7.17.1-11134889

Notes

[trixie] - nbconvert <no-dsa> (Minor issue)
[bookworm] - nbconvert <not-affected> (Vulnerable code introduced later)
[bullseye] - nbconvert <not-affected> (Vulnerable code introduced later)
https://github.com/jupyter/nbconvert/security/advisories/GHSA-4c99-qj7h-p3vg
Introduced after: https://github.com/jupyter/nbconvert/commit/27804f13185bcf1d55ab8cde7ae00dbd4a1e6a5b (v7.4.0)
Fixed by: https://github.com/jupyter/nbconvert/commit/ba5e5cdd737704388251fa55fa9e58f5752fa39d (v7.17.1)
Search for package or bug name: Reporting problems