Live Breaking News & Updates on Python Advisory Database
Stay updated with breaking news from Python advisory database. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
Copy Boffins in Finland have scanned the open-source software libraries in the Python Package Index, better known as PyPI, for security issues and said they found that nearly half contain problematic or potentially exploitable code. In a research paper distributed via ArXiv, Jukka Ruohonen, Kalle Hjerppe, and Kalle Rindell from the University of Turku describe how they subjected some 197,000 Python packages available through PyPI to a static analysis tool called Bandit and found more than 749,000 instances of at best poor, or at worst insecure, programming. Even under the constraints imposed by static analysis, the results indicate [the] prevalence of security issues; at least one issue is present for about 46 per cent of the Python packages, the researchers claimed. ....
Copy Boffins in Finland have scanned the open-source software libraries in the Python Package Index, better known as PyPI, for security issues and found that nearly half contain potentially vulnerable code. In a research paper distributed via ArXiv, Jukka Ruohonen, Kalle Hjerppe, and Kalle Rindell from the University of Turku describe how they subjected some 197,000 Python packages available through PyPI to a static analysis tool called Bandit and found more than 749,000 instances of insecure code. Even under the constraints imposed by static analysis, the results indicate [the] prevalence of security issues; at least one issue is present for about 46 per cent of the Python packages, the researchers said. ....