[IPython-dev] Vulnerability in IPython Notebook ≤ 1.1

Kyle Kelley rgbkrk at gmail.com
Sun Jul 13 17:56:25 EDT 2014


On IPython ≤ 1.1, a remote site could have exploited a vulnerability in
cross origin websocket handling to execute code on an IPython kernel, with
knowledge of the kernel id (which requires user intervention).

This vulnerability was patched in
https://github.com/ipython/ipython/pull/4845 and reported to the CVE
(Common Vulnerabilities and Exposure) database.

Summary given to the CVE database: The origin of websocket requests was not
verified within the IPython notebook server. If an attacker has knowledge
of an IPython kernel id they can run arbitrary code on a user's machine
when the client visits a crafted malicious page.

The CVE ID is CVE-2014-342 (

If you were at SciPy and watched the final round of lightning talks, you
already know about this vulnerability (as much as you can within a 5 minute
talk that is).

I wrote a more detailed explanation at

Feel free to ask us (the IPython team) any questions!


Kyle Kelley
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20140713/bdcaf500/attachment.html>

More information about the IPython-dev mailing list