Closed saitouena closed 3 years ago
Currently carmine uses nippy 2.14.0. It has remote code execution vulnerability https://github.com/ptaoussanis/nippy/issues/130.
I'm not sure whether camine code can satisfie "who is affected?" conditions https://github.com/ptaoussanis/nippy/issues/130. It might depend on the application code (how carmine store is used).
Hi @saitouena, will be addressed in an upcoming release - thanks!
Currently carmine uses nippy 2.14.0. It has remote code execution vulnerability https://github.com/ptaoussanis/nippy/issues/130.
I'm not sure whether camine code can satisfie "who is affected?" conditions https://github.com/ptaoussanis/nippy/issues/130. It might depend on the application code (how carmine store is used).