No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi, I just noticed that version `3.53.1` of `pulumi` depends on `grpcio==1.50`, which according to <https://cwe.mitre.org/data/definitions/834.html|CWE-834>, <https://www.cve.org/CVERecord?id=CVE-2023-33953|CVE-2023-33953> is a version vulnerable to Excessive Iteration, and some crafted requests can cause a termination of connection between a proxy and a backend. So I would like to request, if possible, to change the requirement to `grpcio==1.53.2` which seems safer.

you are right, I had in my `requirements.txt` `pulumi==3.53.1`,  `3.121.0` uses `grpcio~=1.60.1` thanks a lot for noticing!