CVE-2026-44182

jupyter-server · Enterprise Gateway

A YAML injection vulnerability in Jupyter Enterprise Gateway allows attackers to inject malicious fields into Kubernetes manifests, potentially leading to unauthorized privilege escalation.

Executive summary

A critical YAML injection vulnerability in Jupyter Enterprise Gateway allows attackers to manipulate Kubernetes manifests, potentially enabling the creation of unauthorized or privileged container resources.

Vulnerability

The software fails to properly sanitize environment variables before interpolating them into Kubernetes YAML manifests. This allows an attacker to inject arbitrary YAML structures, including document boundaries or privileged security contexts, which the Kubernetes cluster may then process.

Business impact

Successful exploitation can lead to a total compromise of the Kubernetes cluster by allowing the deployment of malicious or overly privileged pods. Given the CVSS score of 10.0, this represents the highest level of risk, capable of impacting the entire containerized environment.

Remediation

Immediate Action: Update Jupyter Enterprise Gateway to version 3.3.0 or later to implement proper YAML-aware escaping for all template variables.

Proactive Monitoring: Review Kubernetes audit logs for the creation of unexpected resources or pods with elevated security contexts. Monitor for anomalous environment variable definitions.

Compensating Controls: Utilize Kubernetes Admission Controllers to enforce security policies that prevent the deployment of pods with privileged escalation or unauthorized configurations.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Given the perfect CVSS score, this vulnerability must be treated as an emergency. Immediate patching of the Enterprise Gateway is required to prevent potential cluster-wide compromise.