NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

ONTAP Rest API Discussions

NetApp OnTap Python Library uses old version of marshmallow

jsharpe
2,110 Views

When installing the netapp-ontap package via pip, it shows a dependency of marshmallow<=3.0.0rc7,>=3.0.0rc5. These version of marshmallow are vulnerable to CVE-2018-17175 and thus not allowed within my organization. Why does the library force such an old version (current version is 3.2.2)? Can the OnTap library be updated to support the new version?

0 REPLIES 0
Public