Alert: 15-year-old Python tarfile flaw lurks in ‘over 350,000’ code projects

At least 350,000 open source projects are believed to be potentially vulnerable to exploitation via a Python module flaw that has remained unfixed for 15 years. On Tuesday, security firm Trellix said its threat researchers had encountered a vulnerability in Python’s module, which provides a way to read and write compressed bundles of files known as tar archives.

Read full article on The Register