all InfoSec news
Trellix automates patching for 62,000 open-source projects linked to a 15-year-old python bug
Jan. 25, 2023, 7:14 p.m. | Menghan Xiao
SC Magazine feed for Strategy www.scmagazine.com
The team identified the bug, tracked under CVE-2007-4559, in Python’s tarfile module late last year. It was first reported to the Python project in 2007 but left unchecked. Since then, it’s presence has greatly expanded as it has been used in approximately 350,000 open-source projects and countless other closed-source or proprietary software projects.
application security bug cve old patching project projects python software tarfile team third party risk trellix under vulnerability management
More from www.scmagazine.com / SC Magazine feed for Strategy
Smoke and (screen) mirrors: A strange signed backdoor
2 days, 19 hours ago |
www.scmagazine.com
Accelerated patching found with CISA KEV catalog-listed flaws
3 days, 1 hour ago |
www.scmagazine.com
New AI security bill unveiled in Senate
3 days, 1 hour ago |
www.scmagazine.com
Jobs in InfoSec / Cybersecurity
PMO Cybersécurité H/F
@ Hifield | Sèvres, France
Third Party Risk Management - Consultant
@ KPMG India | Bengaluru, Karnataka, India
Consultant Cyber Sécurité H/F - Strasbourg
@ Hifield | Strasbourg, France
Information Security Compliance Analyst
@ KPMG Australia | Melbourne, Australia
GDS Consulting - Cyber Security | Data Protection Senior Consultant
@ EY | Taguig, PH, 1634
Senior QA Engineer - Cloud Security
@ Tenable | Israel