Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

CVE

CVE-2025-53000

nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
Back to all
CVE

CVE-2025-53000

nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows

Summary

On Windows, converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a inkscape.bat file that defines a Windows batch script, capable of arbitrary code execution.

When a user runs jupyter nbconvert --to pdf on a notebook containing SVG output to a PDF on a Windows platform from this directory, the inkscape.bat file is run unexpectedly.

Details

Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer.

nbconvert searches for an inkscape executable when converting notebooks to PDFs here: https://github.com/jupyter/nbconvert/blob/4f61702f5c7524d8a3c4ac0d5fc33a6ac2fa36a7/nbconvert/preprocessors/svg2pdf.py#L104

The MITRE page on CWE-427 (Uncontrolled Search Path Element) summarizes the root cause succinctly:

In Windows-based systems, when the LoadLibrary or LoadLibraryEx function is called with a DLL name that does not contain a fully qualified path, the function follows a search order that includes two path elements that might be uncontrolled:

- the directory from which the program has been loaded

- the current working directory

PoC

Complete instructions, including specific configuration details, to reproduce the vulnerability.

  1. Create a directory containing: 
    • A hidden bat file called inkscape.bat containing msg * "You've been hacked!"
    • A dummy ipynb file called Machine_Learning.ipynb
  2. Run the command jupyter nbconvert --to pdf Machine_Learning.ipynb.
  3. Wait a few seconds, and you should see a popup showing the message "You've been hacked!" 

Impact

All Windows users.

Package Versions Affected

Package Version
patch Availability
No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

CVSS Version

Severity
Base Score
CVSS Version
Score Vector
C
H
U
8.5
-
4.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
C
H
U
0
-
C
H
U
7.8
-
3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-53000, https://github.com/jupyter/nbconvert, https://github.com/jupyter/nbconvert/blob/4f61702f5c7524d8a3c4ac0d5fc33a6ac2fa36a7/nbconvert/preprocessors/svg2pdf.py#L104, https://www.imperva.com/blog/code-execution-in-jupyter-notebook-exports

Severity

7.8

CVSS Score
0
10

Basic Information

Ecosystem
Base CVSS
7.8
EPSS Probability
0.00005%
EPSS Percentile
0.00209%
Introduced Version
0,4.0.0
Fix Available

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.
Fix Without Upgrading