manics
commented
1 year ago This has been cross-posted on https://discourse.jupyter.org/t/v8-related-security-issues/16079
Open qian1166 opened 1 year ago
manics
commented
1 year ago This has been cross-posted on https://discourse.jupyter.org/t/v8-related-security-issues/16079
I am using the latest Jupyter Notebook docker image(6.4.12) and found the version of Google V8 JavaScript Engine is still 9.6.180.15. There are two CVEs that may be related to that. One is CVE-2022-0470 and another one is CVE-2022-0457.
Just to confirm, does Google V8 in Jupyter Notebook 6.4.12 will be affected by those two CVEs? If yes, is there a way to mitigate it?
Thanks.