Skip to content

[Aikido] Fix critical issue in constantinople via minor version upgrade from 3.0.2 to 3.1.1 in server#35

Open
aikido-autofix[bot] wants to merge 1 commit into
masterfrom
fix/aikido-security-update-packages-57619440-cuep
Open

[Aikido] Fix critical issue in constantinople via minor version upgrade from 3.0.2 to 3.1.1 in server#35
aikido-autofix[bot] wants to merge 1 commit into
masterfrom
fix/aikido-security-update-packages-57619440-cuep

Conversation

@aikido-autofix

Copy link
Copy Markdown

Upgrade constantinople to fix critical sandbox bypass vulnerability enabling arbitrary code execution.

⚠️ Breaking changes analysis not available for: constantinople

✅ 1 CVE resolved by this upgrade, including 1 critical 🚨 CVE

This PR will resolve the following CVEs:

Issue Severity           Description
GHSA-4vmm-mhcq-4x9j
🚨 CRITICAL
[constantinople] Versions of constantinople prior to 3.1.1 are vulnerable to a sandbox bypass which can lead to arbitrary code execution.


## Recommendation

Update to version 3.1.1 or later.

@aikido-autofix aikido-autofix Bot added bug Something isn't working documentation Improvements or additions to documentation labels Jun 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working documentation Improvements or additions to documentation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants