• <span>Open Source SecurityCon </span>

    Open Source SecurityCon

    Attending Open Source SecurityCon? Book a one-on-one meeting with the Perforce OpenLogic team to explore solutions to keep your OSS infrastructure secure.

  • CVE-2007-4559

    OL CVE Issue Summary:
    Directory traversal vulnerability in the extract() and extractall() functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files using .. in filenames in a TAR archive

    CVE-2007-4559
    CentOS
    CentOS 7
    python3-3.6.8-21_ol011.el7_9
    python3
    6.8

  • CVE-2024-25062

    OL CVE Issue Summary:

    A use-after-free in XML Reader path when DTD validation and XInclude expansion are both enabled. A crafted document can trigger XML Reader backtracking and reprocessing of an XInclude node, which may invalidate or free nodes while validation still references them.

    CVE-2024-25062
    CentOS
    CentOS 7
    libxml2-2.9.1-6_ol013.el7.6
    libxml2
    7.5

  • The Spring Framework Lifecycle Challenge: Move Fast or Stay Stable?

    Find out how changes to the Spring Framework lifecycle and support model could impact your organization. Get guidance on planning Spring Framework upgrades and explore LTS options.

  • Managing End-of-Life Spring Vulnerabilities

    Learn about critical Spring vulnerabilities in EOL Spring Boot and Framework versions and how to protect your applications from CVE exploits if you can't upgrade immediately.

  • CVE-2017-18018

    OL CVE Issue Summary:
    chown in GNU coreutils is vulnerable to a race condition when using the POSIX
    "-R -L" options to follow symlinks recursively.
    In the presence of symlinks, the recursive directory traversal is not guaranteed
    to be performed depth-first. As a result, the "new owner" may be able to
    introduce a symlink at a point in the traversal that has yet to be reached.
    When it is reached, chown will be performed on the target of that symlink --
    a situation that is often exploitable to gain root privileges.

    chgrp is implemented with chown and is vulnerable in the same way when used
    on group-writable paths.

    CVE-2017-18018
    CentOS
    CentOS 7
    coreutils-8.22-24_ol001.el7.2
    coreutils
    7.1

  • CVE-2007-4559

    OL CVE Issue Summary:

    Directory traversal vulnerability in the extract() and extractall()
    functions in the tarfile module in Python allows user-assisted remote
    attackers to overwrite arbitrary files using .. in filenames in a TAR
    archive

    CVE-2007-4559
    CentOS
    CentOS 7
    python-2.7.5-94_ol013.el7
    python
    5.5

  • Untangling Spring Dependencies in Legacy Environments

    In legacy Spring environments, transitive dependencies, deprecated APIs, and shifting namespaces can complicate migration paths. Find out how to regain control through dependency

  • 2026 State of Open Source Report: Top Takeaways

    Get key open source insights from the latest State of Open Source Report, which explores trends around open source software adoption and deployment challenges.

  • Schedule Account Review

    Schedule a dedicated account review session with one of our Enterprise Architects or Technical Account Managers.