Python affected by 15-year-old bug that keeps on giving The Python programming language has a serpentine issue no one wants to fix By Alfonso Maruccia September 22, 2022, 12:31.

A 15-year-old vulnerability in the open source Python programming language is still finding its way into live code, with the result that over 350,000 projects are at risk of potential supply chain ...

The vulnerability is in the Python tarfile package, in code that uses un-sanitized tarfile.extract() function or the built-in defaults of tarfile.extractall(). It is a path traversal bug that ...

Over 350,000 open-source repositories may be open to compromise because they include a Python module containing an unpatched 15-year-old vulnerability. That's the finding of researchers at Trellix ...

In the end, the original Python file contains the changes added by GPT-4. The code is available on GitHub , and the developer says the technique could be applied to other programming languages.

Python's saving grace can be found within the original premise above: all other things being equal, shorter code is more likely to be bug-free. When you combine Python's dynamic typing with its ...