UNCLASSIFIED - NO CUI

Skip to content

chore(findings): aiml/jupyter/jupyterlab-rsession-proxy

Summary

aiml/jupyter/jupyterlab-rsession-proxy has 112 new findings discovered during continuous monitoring.

Layer: opensource/python:v3.11.9 is EOL, please update if possible

Layer: redhat/ubi/ubi9:9.4 is EOL, please update if possible

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=aiml/jupyter/jupyterlab-rsession-proxy&tag=2.2.1-1&branch=master

EPSS (Exploit Prediction Scoring System) provides an estimate of the likelihood that a vulnerability will be exploited in the wild.

KEV (Known Exploited Vulnerabilities) indicates whether a vulnerability is actively being exploited according to CISA.

id source severity package impact workaround epss_score kev
CVE-2023-2650 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.91970 false
CVE-2023-2650 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.91970 false
CVE-2023-0286 Anchore CVE High compat-openssl11-1:1.1.1k-4.el9_0 0.91080 N/A
CVE-2023-0286 Twistlock CVE High compat-openssl11-1.1.1k-4.el9_0 0.91080 N/A
CVE-2022-2068 Twistlock CVE Medium compat-openssl11-1.1.1k-4.el9_0 0.72645 N/A
CVE-2022-2068 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.72645 N/A
CVE-2022-1292 Twistlock CVE Medium compat-openssl11-1.1.1k-4.el9_0 0.70186 N/A
CVE-2022-1292 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.70186 N/A
CVE-2023-45288 Twistlock CVE High net/http-1.20.10 0.59177 false
CVE-2021-4217 Anchore CVE Low unzip-6.0-58.el9_5 0.17169 N/A
CVE-2021-4217 Twistlock CVE Low unzip-6.0-58.el9_5 0.17169 N/A
CVE-2022-3857 Anchore CVE Low libpng-2:1.6.37-12.el9 0.16155 N/A
CVE-2022-3555 Anchore CVE Low libX11-common-1.7.0-11.el9 0.13207 N/A
CVE-2022-3555 Anchore CVE Low libX11-1.7.0-11.el9 0.13207 N/A
CVE-2024-5535 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.05152 false
CVE-2024-5535 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.05152 false
CVE-2017-17095 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.02665 N/A
CVE-2017-17095 Anchore CVE Medium libtiff-4.4.0-13.el9 0.02665 N/A
CVE-2021-31535 Twistlock CVE Medium libX11-1.7.0-11.el9 0.02608 N/A
CVE-2021-31535 Anchore CVE High libX11-common-1.7.0-11.el9 0.02608 N/A
CVE-2021-31535 Anchore CVE High libX11-1.7.0-11.el9 0.02608 N/A
CVE-2017-16232 Anchore CVE Low libtiff-4.4.0-13.el9 0.02211 N/A
CVE-2024-7264 Anchore CVE Low libcurl-devel-7.76.1-31.el9 0.02201 false
CVE-2023-2004 Anchore CVE Low freetype-2.10.4-10.el9_5 0.01414 N/A
CVE-2023-0464 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00899 false
CVE-2023-0464 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00899 false
CVE-2023-0466 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.00666 false
CVE-2023-0466 Twistlock CVE Medium compat-openssl11-1.1.1k-4.el9_0 0.00666 false
CVE-2022-3554 Anchore CVE Medium libX11-common-1.7.0-11.el9 0.00637 N/A
CVE-2022-3554 Anchore CVE Medium libX11-1.7.0-11.el9 0.00637 N/A
CVE-2017-17973 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00614 N/A
CVE-2022-2097 Twistlock CVE Medium compat-openssl11-1.1.1k-4.el9_0 0.00553 N/A
CVE-2022-2097 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.00553 N/A
CVE-2024-2511 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00469 false
CVE-2024-2511 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00469 false
CVE-2023-0215 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.00437 N/A
CVE-2023-0215 Twistlock CVE Medium compat-openssl11-1.1.1k-4.el9_0 0.00437 N/A
CVE-2023-0465 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00421 false
CVE-2023-0465 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00421 false
CVE-2023-6277 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00418 false
CVE-2023-6277 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.00418 false
CVE-2023-45289 Twistlock CVE Medium net/http-1.20.10 0.00348 false
CVE-2024-24783 Twistlock CVE Medium crypto/x509-1.20.10 0.00340 false
CVE-2023-45290 Twistlock CVE Medium net/textproto-1.20.10 0.00277 false
CVE-2023-52356 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00263 false
CVE-2023-52356 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.00263 false
CVE-2023-3817 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00249 false
CVE-2023-3817 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00249 false
CVE-2023-25434 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00209 false
CVE-2023-25434 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.00209 false
CVE-2022-0529 Anchore CVE Low unzip-6.0-58.el9_5 0.00203 N/A
CVE-2022-0529 Twistlock CVE Low unzip-6.0-58.el9_5 0.00203 N/A
CVE-2024-24791 Twistlock CVE Medium net/http-1.20.10 0.00200 false
CVE-2024-9681 Anchore CVE Low libcurl-devel-7.76.1-31.el9 0.00197 false
CVE-2024-24790 Twistlock CVE Medium net/netip-1.20.10 0.00171 false
CVE-2024-0727 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00165 false
CVE-2024-0727 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00165 false
CVE-2024-41996 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00157 false
CVE-2024-41996 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00157 false
CVE-2023-3446 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00134 false
CVE-2023-3446 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00134 false
CVE-2023-5678 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00126 false
CVE-2023-5678 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00126 false
CVE-2023-52355 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00123 false
CVE-2023-52355 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.00123 false
CVE-2024-11053 Anchore CVE Low libcurl-devel-7.76.1-31.el9 0.00116 false
CVE-2025-0725 Anchore CVE Low libcurl-devel-7.76.1-31.el9 0.00107 false
CVE-2022-0530 Anchore CVE Low unzip-6.0-58.el9_5 0.00092 N/A
CVE-2022-0530 Twistlock CVE Low unzip-6.0-58.el9_5 0.00092 N/A
CVE-2023-39326 Twistlock CVE Medium net/http/internal-1.20.10 0.00049 false
CVE-2023-25435 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00046 false
CVE-2023-25435 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.00046 false
CVE-2022-41409 Anchore CVE Low pcre2-devel-10.40-6.el9 0.00046 false
CVE-2022-41409 Anchore CVE Low pcre2-utf16-10.40-6.el9 0.00046 false
CVE-2022-41409 Anchore CVE Low pcre2-utf32-10.40-6.el9 0.00046 false
CVE-2023-36191 Anchore CVE Low sqlite-3.34.1-7.el9_3 0.00044 false
CVE-2022-27943 Anchore CVE Low gcc-c++-11.5.0-5.el9_5 0.00044 N/A
CVE-2022-27943 Anchore CVE Low libquadmath-11.5.0-5.el9_5 0.00044 N/A
CVE-2022-27943 Anchore CVE Low libgfortran-11.5.0-5.el9_5 0.00044 N/A
CVE-2022-27943 Anchore CVE Low gcc-gfortran-11.5.0-5.el9_5 0.00044 N/A
CVE-2022-27943 Anchore CVE Low libstdc++-devel-11.5.0-5.el9_5 0.00044 N/A
CVE-2022-27943 Anchore CVE Low libquadmath-devel-11.5.0-5.el9_5 0.00044 N/A
CVE-2025-29087 Anchore CVE Medium sqlite-3.34.1-7.el9_3 0.00043 false
CVE-2022-4450 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.00042 N/A
CVE-2022-4450 Twistlock CVE Medium compat-openssl11-1.1.1k-4.el9_0 0.00042 N/A
CVE-2022-4304 Anchore CVE Medium compat-openssl11-1:1.1.1k-4.el9_0 0.00042 N/A
CVE-2022-4304 Twistlock CVE Medium compat-openssl11-1.1.1k-4.el9_0 0.00042 N/A
CVE-2022-1056 Twistlock CVE Low libtiff-4.4.0-13.el9 0.00039 N/A
CVE-2022-1056 Anchore CVE Low libtiff-4.4.0-13.el9 0.00039 N/A
CVE-2024-4741 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00034 false
CVE-2024-4741 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00034 false
CVE-2024-45336 Twistlock CVE Medium net/http-1.20.10 0.00027 false
CVE-2023-25433 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00026 false
CVE-2023-25433 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.00026 false
CVE-2024-13176 Anchore CVE Low compat-openssl11-1:1.1.1k-4.el9_0 0.00024 false
CVE-2024-13176 Twistlock CVE Low compat-openssl11-1.1.1k-4.el9_0 0.00024 false
CVE-2023-45284 Twistlock CVE Medium path/filepath-1.20.10 0.00019 false
CVE-2025-22871 Twistlock CVE Medium net/http/internal-1.20.10 0.00018 false
CVE-2024-45341 Twistlock CVE Low crypto/x509-1.20.10 0.00018 false
CVE-2024-0232 Anchore CVE Low sqlite-3.34.1-7.el9_3 0.00018 false
CVE-2023-1916 Anchore CVE Low libtiff-4.4.0-13.el9 0.00017 false
CVE-2023-1916 Twistlock CVE Low libtiff-4.4.0-13.el9 0.00017 false
CVE-2024-24789 Twistlock CVE Medium archive/zip-1.20.10 0.00012 false
CVE-2023-3164 Anchore CVE Medium libtiff-4.4.0-13.el9 0.00010 false
CVE-2023-3164 Twistlock CVE Medium libtiff-4.4.0-13.el9 0.00010 false
CVE-2025-22866 Twistlock CVE Medium crypto/internal/nistec-1.20.10 0.00009 false
CVE-2025-4638 Anchore CVE High zlib-devel-1.2.11-40.el9 None false
PRISMA-2023-0024 Twistlock CVE High aiohttp-3.11.18 N/A N/A
PRISMA-2022-0168 Twistlock CVE High pip-24.0 N/A N/A
CCE-83903-5 OSCAP Compliance Medium N/A N/A
CCE-83623-9 OSCAP Compliance Medium N/A N/A
93d038f565708a5f903dfafcb79a9097 Anchore Compliance Low N/A N/A

More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=aiml/jupyter/jupyterlab-rsession-proxy&tag=2.2.1-1&branch=master

Tasks

Contributor:

  • Provide justifications for findings in the VAT (docs)
  • Apply the StatusVerification label to this issue and wait for feedback

Iron Bank:

  • Review findings and justifications

Note: If the above process is rejected for any reason, the Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Edited by Ghost User
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

UNCLASSIFIED - NO CUI