Trellix Advanced Research Center recently published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in closed-source projects. It exists in the Python tarfile module which is a default module in any project using Python. Doug McKee, Trellix Principal Engineer and Director of Vulnerability Research, shares their research into this vulnerability.