Vulnerabilities
Yahoo banishes ImageMagick after version it was using was found vulnerable to data exfiltration
Yahoo has reportedly shelved its use of ImageMagick image processing software after a researcher discovered two vulnerabilities that could be exploited to pull user content in unauthorized fashion from the memory of Yahoo’s private servers. Security researcher Chris Evans, who discovered the vulnerabilities, dubbed them Yahoobleed #1 and Yahoobleed #2, because they evoked memories of…
