Customized components of the Jupyterhub server in SWAN (handlers, spawners, templates).
GNU Affero General Public License v3.0
26
stars
14
forks
source link
[Niah] Security upgrade Jupyterhub from ==1.1 to 1.2.0 in swanhub #28
Closed
niah-security closed 3 years ago
Subject of the issue
Niah has created this Issue to report Jupyterhub vulnerable packages in the pip dependencies of this project. https://pypi.org/project/swanhub/
Vulnerability Scanning Report : Niah Report
Description: Jupyterhub upgraded jquery 3.3.1 dependencies in Jupyterhub version 1.2.0 to fixed few XSS issues. In
References : https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/ https://jquery.com/upgrade-guide/3.5/
Solution: Update Jupyterhub dependancies version 1.1 to 1.2.0