CISO2CISO.COM & CYBER SECURITY GROUP

Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)

Trellix Advanced Research Center published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in closed-source projects. Successful exploit The vulnerability exists in the Python tarfile module which is a default module in any project using Python and is found extensively in frameworks created by Netflix, AWS, Intel, Facebook, Google, and applications used for machine learning, automation and docker containerization. The vulnerability can be exploited by uploading … More

The post Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559) appeared first on Help Net Security.

Leer másHelp Net Security

Leave a Reply

Your email address will not be published.