Jupyter Nbconvert Inkscape Path Vulnerability Leading to Arbitrary Code Execution on Windows

A vulnerability in the Jupyter nbconvert tool, specifically in versions up to and including 7.16.6 on Windows, allows for unauthorized code execution when exporting notebooks containing SVG output to PDF. This occurs because the conversion process can be manipulated to execute a Windows batch script, 'inkscape.bat', created by a third party. The vulnerability exploits the way nbconvert resolves the Inkscape executable path, leading to the execution of arbitrary code with the user's privileges.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the user's Windows machine, with the executed code running under the user's privileges. This could lead to unauthorized access, modification, or disruption of the user's data and workflows. Given that data science workstations often have cached cloud credentials and access to package managers, the effects of the compromise could extend beyond the initial workstation.

Reproduction

To reproduce this vulnerability, create a Jupyter notebook that includes SVG output. Place a malicious 'inkscape.bat' file in the same directory as the notebook, ensuring that the file contains a Windows batch script capable of executing arbitrary code. Then, run the command 'jupyter nbconvert --to pdf' on the notebook from a Windows machine with Python version prior to 3.12. The nbconvert tool will process the SVG output, triggering the exploitation by executing the 'inkscape.bat' file.

Remediation

It is recommended to update to a version of Jupyter nbconvert that addresses this vulnerability. Additionally, users can enable the 'NoDefaultCurrentDirectoryInExePath' environment variable to reduce the risk of executing files from untrusted locations.