Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)

Docker Don't miss News Open Source Python Trellix

Trellix Advanced Research Center published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in closed-source projects. Successful exploit The vulnerability exists in the Python tarfile module which is a default module in any project using Python and is found extensively in frameworks created by Netflix, AWS, Intel, Facebook, Google, and applications used for machine learning, automation and docker containerization. The vulnerability can be exploited by uploading … More

The post Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559) appeared first on Help Net Security.