CVE-2026-39378

NameCVE-2026-39378
DescriptionThe nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's markdown renderer allows arbitrary file read via path traversal in image references. A malicious notebook can exfiltrate sensitive files from the conversion host by embedding them as base64 data URIs in the output HTML. nbconvert 7.17.1 contains a fix. As a workaround, do not enable `HTMLExporter.embed_images`; it is not enabled by default.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1134890

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nbconvert (PTS)bullseye5.6.1-3vulnerable
bullseye (security)5.6.1-3+deb11u1vulnerable
bookworm6.5.3-3vulnerable
trixie7.16.6-1vulnerable
forky, sid7.17.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
nbconvertsource(unstable)7.17.1-11134890

Notes

[trixie] - nbconvert <no-dsa> (Minor issue)
[bookworm] - nbconvert <no-dsa> (Minor issue)
https://github.com/jupyter/nbconvert/security/advisories/GHSA-7jqv-fw35-gmx9
Fixed by: https://github.com/jupyter/nbconvert/commit/0e6b8ccabf2aca6c18fac8c574f22b7155f441fb (v7.17.1)
Search for package or bug name: Reporting problems