Google V8 related security issues

[qian1166]

I am using the latest Jupyter Notebook docker image(6.4.12) and found the version of Google V8 JavaScript Engine is still 9.6.180.15. There are two CVEs that may be related to that. One is CVE-2022-0470 and another one is CVE-2022-0457.

Just to confirm, does Google V8 in Jupyter Notebook 6.4.12 will be affected by those two CVEs? If yes, is there a way to mitigate it?

Thanks.

[manics]

This has been cross-posted on https://discourse.jupyter.org/t/v8-related-security-issues/16079