{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33709", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-23T17:06:05.747Z", "datePublished": "2026-04-03T22:00:46.703Z", "dateUpdated": "2026-04-06T17:33:47.412Z"}, "containers": {"cna": {"title": "JupyterHub has an Open Redirect Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "lang": "en", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-3vff-hjqv-m7h8", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-3vff-hjqv-m7h8"}, {"name": "https://github.com/jupyterhub/jupyterhub/releases/tag/5.4.4", "tags": ["x_refsource_MISC"], "url": "https://github.com/jupyterhub/jupyterhub/releases/tag/5.4.4"}], "affected": [{"vendor": "jupyterhub", "product": "jupyterhub", "versions": [{"version": "< 5.4.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-03T22:00:46.703Z"}, "descriptions": [{"lang": "en", "value": "JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an arbitrary attacker-controlled site outside JupyterHub instead of a JupyterHub page, bypassing JupyterHub's check to prevent this. This issue has been patched in version 5.4.4."}], "source": {"advisory": "GHSA-3vff-hjqv-m7h8", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T17:33:39.103906Z", "id": "CVE-2026-33709", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T17:33:47.412Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33709", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T17:33:39.103906Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T17:33:43.265Z"}}], "cna": {"title": "JupyterHub has an Open Redirect Vulnerability", "source": {"advisory": "GHSA-3vff-hjqv-m7h8", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW"}}], "affected": [{"vendor": "jupyterhub", "product": "jupyterhub", "versions": [{"status": "affected", "version": "< 5.4.4"}]}], "references": [{"url": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-3vff-hjqv-m7h8", "name": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-3vff-hjqv-m7h8", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/jupyterhub/jupyterhub/releases/tag/5.4.4", "name": "https://github.com/jupyterhub/jupyterhub/releases/tag/5.4.4", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an arbitrary attacker-controlled site outside JupyterHub instead of a JupyterHub page, bypassing JupyterHub's check to prevent this. This issue has been patched in version 5.4.4."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-03T22:00:46.703Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33709", "state": "PUBLISHED", "dateUpdated": "2026-04-06T17:33:47.412Z", "dateReserved": "2026-03-23T17:06:05.747Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-03T22:00:46.703Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jupyter:jupyterhub:*:*:*:*:*:*:*:*", "matchCriteriaId": "63A399BE-7434-4082-87C9-A1CCE40E8102", "versionEndExcluding": "5.4.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an open redirect vulnerability in JupyterHub allows attackers to construct links which, when clicked, take users to the JupyterHub login page, after which they are sent to an arbitrary attacker-controlled site outside JupyterHub instead of a JupyterHub page, bypassing JupyterHub's check to prevent this. This issue has been patched in version 5.4.4."}], "id": "CVE-2026-33709", "lastModified": "2026-04-22T15:59:59.570", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-03T22:16:26.657", "references": [{"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/jupyterhub/jupyterhub/releases/tag/5.4.4"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/jupyterhub/jupyterhub/security/advisories/GHSA-3vff-hjqv-m7h8"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.4.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "jupyterhub", "vendor": "jupyterhub"}], "analysis": {"en": {"generated_at": "2026-04-04T01:25:42.510928+00:00", "value": {"mitigation_remediation": ["Upgrade JupyterHub to version 5.4.4 or later"], "summary": {"action": "Apply Patch", "impact": "Open Redirect leading to external site bypassing login"}, "threat_synthesis": {"affected_systems": "The issue affects the JupyterHub application supplied by the community. Any instance running a version older than 5.4.4 is susceptible, as the patch was introduced in that release. No other vendors or product lines are listed as affected.", "description_and_impact": "JupyterHub versions prior to 5.4.4 contain an open redirect flaw that enables an attacker to craft URLs that, after a user logs in, forward them to an arbitrary external site. By exploiting CWE-601, a malicious actor can deliver phishing content or malicious payloads once the user has authenticated, potentially compromising credentials or other sensitive data. The flaw does not grant direct code execution but can be used to subvert user trust and facilitate further attacks.", "risk_and_exploitability": "The vulnerability has a CVSS score of 5.1, indicating moderate potential impact. Exploit likelihood is unquantified (EPSS not available), and the flaw is not listed in CISA\u2019s KEV catalog. An attacker can exploit the flaw by sending a user a carefully constructed link that, once clicked, redirects the authenticated session to a malicious domain. Such an exploit requires user interaction but does not require privileged access on the target system."}}}}, "created": "2026-04-06T21:22:16.232064+00:00", "updated": "2026-04-06T22:21:53.580834+00:00", "vendors": ["jupyterhub", "jupyterhub$PRODUCT$jupyterhub"]}