jupyterlab-git · IA Squad

Skip to content

python · jupyterlab-gitCritical

jupyterlab-git: Stored XSS via unsanitized filenames in PlainTextDiff.ts

A stored XSS vulnerability was found in jupyterlab-git's PlainTextDiff.

20 Jun 2026 · act now

python · jupyterlab-gitCritical

jupyterlab-git 0.53.0: Case-sensitive path check bypass on case-insensitive filesystems

jupyterlab-git 0.53.0 uses fnmatch.fnmatchcase() in GitHandler.prepare() to enforce excluded_paths, which is case-sensitive on all

20 Jun 2026 · act now