Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Update paramiko to v2.4.2+ #3861
We currently use paramiko v2.4.1, for which a CVE was issued (https://nvd.nist.gov/vuln/detail/CVE-2018-1000805):
The vulnerability is on the server-side of the paramiko code, which means that it shouldn't be directly exploitable, as we only use it as a client, but safety will soon alert us of the vulnerable package.
As an admin, I would like to use have no associated CVEs with the libraries used.