Jupyter security issue Aug. 13, 2021


Please do not run any Jupyter applications at OSC until further notice due to a security vulnerability.

OSC will update JupyterLab and Jupyter Notebook applications to rectify this as soon as possible.

List of versions changed:

  • 0.35: removed because there is no official patch release.
  • 1.2: upgraded to 1.2.21
  • 2.1: replaced with 2.2.10 because there is no official patch release.
  • 3.0: upgraded to 3.0.17

References for more information:


CVE-2021–32797 and CVE-2021–32798 Remote Code execution in JupyterLab and Jupyter Notebook


Jupyter applications have been updated to patch security vulnerabilities.

  • Version 0.35 of Jupyter has been dropped as there is no patch available for that version.
  • Version 1.2 has been updated to 1.2.21.
  • Version 2.1 has been replaced by 2.2.
  • Version 3.0 has been updated to 3.0.17.

Exentensions that were built for 3.0 will likely need to be rebuilt by running the jupyter lab build command in a terminal within the Jupyter application.