Tink Python dependency CVEs

9 views
Skip to first unread message

Nicholas Romero

unread,
Oct 1, 2025, 6:08:20 PMOct 1
to tink-users
My team and I have notices that the dependencies in tink-py have open CVEs and are very slow to be addressed at times. We were wondering if this is normally the case before we adopted using the Tink libs overall.

Cheers!

alexis gayte

unread,
Oct 3, 2025, 11:10:31 AMOct 3
to tink-users
I would say yes.

There are open CVE on the java.
However in general the team is doing a good jobs. I believe they are understaffed, as it is always the case for old project. It is a shame for a google payment lib to have security issue tho.
Reply all
Reply to author
Forward
0 new messages