v8.0.1
Breaking Changes📦 pinecone-clientView on GitHub →
⚠ 1 breaking🐛 1 fixes🔧 3 symbols
Summary
This release patches a critical denial-of-service vulnerability (CVE-2025-4565) affecting gRPC users by upgrading the protobuf dependency. The minimum required protobuf version is now 6.33.0.
⚠️ Breaking Changes
- The minimum required version for the `protobuf` dependency has increased from `5.29.5` to `6.33.0`. Users who pinned `protobuf` to a version less than `6.33.0` must upgrade their dependency constraint.
Migration Steps
- If you have pinned the `protobuf` dependency, update your constraint to ensure it is `>=6.33.0`.
🐛 Bug Fixes
- Addressed a denial-of-service vulnerability (CVE-2025-4565) related to parsing deeply nested recursive structures in the Pure-Python backend for gRPC users.