We are using jupyterhub 1.1.3-n423.hae439dba (released in April - See installation instructions for: | JupyterHub’s Helm chart repository) which has hub image jupyterhub/k8s-hub:1.1.3-n416.h2541a732 and configurable http proxy(CHP) image 4.5.1
We ran image vulnerability scan on “configurable http proxy” image and found that there is a vulnerability in “node.js, Version: 16.13.2” and it is fixed in 16.16. CHP image 4.5.3 has this fix.
If we just change “configurable http proxy” image to 4.5.3, will this work with existing jupyterhub 1.1.3-n423.hae439dba which corresponds to hub image of 1.1.3-n416.h2541a732?
We are planning to upgrade to jupyterhub 2.0 next month. Right now we want to address the vulnerability. Thanks