all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Trellix automates patching for 62,000 open-source projects linked to a 15-year-old python bug

Add to bookmarks
Jan. 25, 2023, 7:14 p.m. | Menghan Xiao

SC Magazine feed for Strategy www.scmagazine.com

The team identified the bug, tracked under CVE-2007-4559, in Python’s tarfile module late last year. It was first reported to the Python project in 2007 but left unchecked. Since then, it’s presence has greatly expanded as it has been used in approximately 350,000 open-source projects and countless other closed-source or proprietary software projects.

application security bug cve old patching project projects python software tarfile team third party risk trellix under vulnerability management

Visit resource

More from www.scmagazine.com / SC Magazine feed for Strategy

Why IR teams now need an incident commander 5 hours ago | www.scmagazine.com
commander executives incident incident response +2
RSA Conference 2024: What to expect 11 hours ago | www.scmagazine.com
aiml art cloud security conference +12
Smoke and (screen) mirrors: A strange signed backdoor 2 days, 19 hours ago | www.scmagazine.com
backdoor masquerading network security ops +6
Attackers evade detection by leveraging Microsoft Graph API 2 days, 21 hours ago | www.scmagazine.com
api api security application security attackers +14
Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 3 days, 1 hour ago | www.scmagazine.com
cloud cloud security collaboration customers +10
US arrests ex-cyber consultant accused of IT firm extortion 3 days, 1 hour ago | www.scmagazine.com
address arrest arrests bleepingcomputer +21
Accelerated patching found with CISA KEV catalog-listed flaws 3 days, 1 hour ago | www.scmagazine.com
agency catalog cisa cisa kev +24
Path traversal vulnerability elimination in software sought by feds 3 days, 1 hour ago | www.scmagazine.com
agency bleepingcomputer cybersecurity devsecops +17
New AI security bill unveiled in Senate 3 days, 1 hour ago | www.scmagazine.com
act ai act aiml ai security +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

PMO Cybersécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Third Party Risk Management - Consultant

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Consultant Cyber Sécurité H/F - Strasbourg

@ Hifield | Strasbourg, France
View on infosec-jobs.com

Information Security Compliance Analyst

@ KPMG Australia | Melbourne, Australia
View on infosec-jobs.com

GDS Consulting - Cyber Security | Data Protection Senior Consultant

@ EY | Taguig, PH, 1634
View on infosec-jobs.com

Senior QA Engineer - Cloud Security

@ Tenable | Israel
View on infosec-jobs.com
View more jobs