CVE-2026-54527 in Git Plugininformación

Resumen

por MITRE • 2026-07-09

JupyterLab Git is a Git extension for JupyterLab. From 0.30.0b3 before 0.54.0, the PlainTextDiff.ts createHeader() method passes Git filenames directly to innerHTML when rendering renamed files in commit history, allowing a crafted filename to execute JavaScript when a victim views the rename diff in the Git History tab. This issue is fixed in version 0.54.0.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsable

GitHub M

Reservar

2026-06-15

Divulgación

2026-07-09

Moderación

aceptado

Artículo

VDB-377029

CPE

listo

EPSS

0.00000

KEV

no

Actividades

muy bajo

Fuentes

Do you know our Splunk app?

Download it now for free!