A vulnerability in the GitHub Actions workflow for PyPI’s source repository could be exploited to perform a malicious pull request and eventually execute arbitrary code on pypi.org, according to a warning from a Japanese security researcher.
from SecurityWeek RSS Feed https://ift.tt/3A3Pnl6
via https://ifttt.com/ IFTTT
No comments:
Post a Comment