High and medium vulnerabilities in CIROH image

CIROH-UA / awi-ciroh-image

CIROH JupyterHub image repository

https://ciroh.awi.2i2c.cloud/

BSD 3-Clause "New" or "Revised" License

2 stars 6 forks source link

High and medium vulnerabilities in CIROH image #15

Open arpita0911patel opened 2 years ago

arpita0911patel commented 2 years ago

Context

We are seeing two high and two medium vulnerabilities in CIROH image based on quay security scanner.

Quay Security Scanner has detected 4 vulnerabilities. 2 High-level vulnerabilities. 2 Medium-level vulnerabilities.

Package: ujson, httplib2, numpy

Proposal

No response

Updates and actions

No response

colliand commented 2 years ago

Thanks for communicating in the open @arpita0911patel. Please note the shared responsibility model explains how 2i2c and AWI/CIROH share tasks. While issues within the software environment should be assigned to CIROH/AWI, we at 2i2c are here to assist you and your community. 2i2c's engineering team, including @sgibson91, has a more-than-full assignment of tasks across a variety of communities so can't take on GitHub issue assignments outside our intended scope.

arpita0911patel commented 2 years ago

Thank you James for sharing this shared responsibility model details. I wasn't aware on that.