[Python-Dev] Python possible vulnerabilities in concurrency
Mark Shannon
mark at hotpy.org
Thu Nov 16 04:34:53 EST 2017
On 16/11/17 04:53, Guido van Rossum wrote:
[snip]
>
> They then go on to explain that sometimes vulnerabilities can be
> exploited, but I object to calling all bugs vulnerabilities -- that's
> just using a scary word to get attention for a sleep-inducing document
> containing such gems as "Use floating-point arithmetic only when
> absolutely needed" (page 230).
Thanks for reading it, so we don't have to :)
As Wes said, cwe.mitre.org is the place to go if you care about this
stuff, although it can be a bit opaque.
For non-experts, https://www.owasp.org/index.php/Top_10_2013-Top_10 is a
good starting point to learn about software vulnerabilities,
Cheers,
Mark.
More information about the Python-Dev
mailing list