Download Latest Version
v1.8.4 - Security Fix source code.tar.gz (2.2 MB)
Get an email when there's a new version of Open Notebook
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| README.md | 2026-04-09 | 1.3 kB | |
| v1.8.4 - Security Fix source code.tar.gz | 2026-04-09 | 2.2 MB | |
| v1.8.4 - Security Fix source code.zip | 2026-04-09 | 2.5 MB | |
| Totals: 3 Items | 4.7 MB | 0 | |
Security
Three vulnerabilities reported by CERT-EU Offensive Security Team via coordinated disclosure:
- Remote Code Execution via Server-Side Template Injection (CVSS 9.2 Critical)
-
User-created transformation prompts were rendered by an unsandboxed Jinja2 environment, allowing arbitrary Python code execution on the server. Bumped ai-prompter to 0.4.0 which uses
SandboxedEnvironmentfor all template rendering. -
Arbitrary file write via path traversal (CVSS 7.0 High)
-
File upload did not sanitize filenames, allowing path traversal payloads (e.g.,
../../../../tmp/test.txt) to write files outside the upload directory. Filenames are now sanitized withos.path.basename()and resolved paths are validated. -
Arbitrary file read via Local File Inclusion (CVSS 8.2 High)
- The source creation endpoint accepted arbitrary
file_pathvalues, allowing reading of any file on the container (e.g.,/etc/passwd,/proc/self/environ). File paths are now validated to be within the uploads directory.
Affected versions
All versions up to and including v1.8.3.
Recommended action
Upgrade to v1.8.4 immediately.
Credit
Reported by CERT-EU Offensive Security Team via coordinated vulnerability disclosure.
