Snyk vulnerabilities in jupyterhub/k8s-hub – outdated icu, libxml2, and tornado packages

[ronak-sirwani]

Bug description

Security vulnerabilities reported by Snyk in the image jupyterhub/k8s-hub:4.2.0 due to outdated base packages:

Package	Current Version	Fixed In Version
icu / libicu72	72.1-3	72.1-3+deb12u1
libxml2	2.9.14+dfsg-1.3~deb12u1	2.9.14+dfsg-1.3~deb12u2
tornado	6.4.2	6.5

Vulnerability 1

CVE: CVE-2025-5222
Package: icu/libicu72
Version installed through docker image: 72.1-3
Fixed in version: 72.1-2+deb12u1
Severity: High

Vulnerability 2

CVE: CVE-2025-27113, CVE-2025-32415, CVE-2025-32414, CVE-2024-25062
Package: libxml2
Version installed through docker image: 2.9.14+dfsg-1.3~deb12u1
Fixed in version: 2.9.14+dfsg-1.3~deb12u2
Severity: High

Vulnerability 3

CVE: CVE-2025-47287
Package: tornado
Version installed through docker image: 6.4.2
Fixed in version: 6.5
Severity: High

i can see tornado package has already been updated in the main branch, but latest release tag does not includes this fix yet. Similarly, the image is based on Debian Bookworm, and these system-level packages are not hard-pinned, so rebuilding the image with an updated base could resolve the issues.

How to reproduce

1. Deploy jupyterhub/k8s-hub:4.2.0 using a Kubernetes-based deployment (e.g., via the JupyterHub Helm chart)
2. Run a container image scan using Snyk or any vulnerability scanner
3. Observe reported vulnerabilities in the packages mentioned above

Expected behaviour

The official image should contain patched versions of all known vulnerable packages and should pass security scanning tools like Snyk.

Actual behaviour

Outdated versions of system and Python packages are bundled in the released image. These versions have known vulnerabilities that have already been addressed in upstream packages or in main, but are not yet released in any image tag.

Your personal set up

• OS: Debian Bookworm (inside container)
• Image: jupyterhub/k8s-hub:4.2.0
• Deployment: Kubernetes using zero-to-jupyterhub
• JupyterHub Version: 4.2.0

Full environment

N/A – issue originates in the container image base packages

Configuration

Deployed using default Helm values from zero-to-jupyterhub with `jupyterhub/k8s-hub:4.2.0`

Logs

N/A – this issue is observable via image scan rather than runtime behavior.

Suggested Fix

• Rebuild the image with an updated Debian Bookworm base
• Release a new tag (e.g., 4.2.1) to include:
  • Patched versions of icu, libxml2
  • Upgraded tornado==6.5 (already present in main)

[ronak-sirwani]

any update on above issue ?

[manics]

As you've pointed out the image is updated on the main branch. There are no significant changes
https://github.com/jupyterhub/zero-to-jupyterhub-k8s/compare/4.2.0..HEAD

so it's fine to override your hub image to use the latest build from
https://quay.io/repository/jupyterhub/k8s-hub?tab=tags&tag=latest

A release won't have any additional testing beyond what's already done for the main branch, so doesn't guarantee any additional stability.

[ronak-sirwani]

@manics Thank you for the clarification!

I understand that the fixes are already available on main and reflected in the latest image. That definitely helps as a temporary solution.

That said, for production environments and CI pipelines, it's often preferable to rely on a properly versioned and tagged release (e.g., 4.2.1) rather than using a floating latest tag — mainly for stability, traceability, and compliance purposes.

Is there an estimated timeline for when a new tagged release (such as 4.2.1) might be published to include these security updates?

Thanks again for your support!