Domande di colloquio per Open Source Engineer di Seal Security

Passa al contenuto Passa al piè di pagina

Seal Security

Colloqui

Colloquio per Open Source Engineer

18 dic 2024

Candidato anonimo a colloquio

Nessuna offerta

Esperienza neutra

Colloquio difficile

Candidatura

Ho presentato la mia candidatura online. La procedura ha richiesto 2 settimane. Ho sostenuto un colloquio presso Seal Security (Tel Aviv) nel mese di dic 2024

Colloquio

i got an email with a home task attachment. in the task you need to fix tough-cookie 2.5.0 (without upgrading to 4.1.3. version) so the application will not be affected by CVE-2023-26136 i had 3 days to complete i still didnt got a review.

Domande di colloquio [1]

Domanda 1

As part of their web application written in Node.JS, Penguin uses tough-cookie 2.5.0 to process their clients' cookies. Unfortunately, it is affected by CVE-2023-26136, rated as a critical vulnerability by NIST's NVD. According to the vulnerability advisory, the only way to solve the issue is by upgrading to 4.1.3. However, the Penguins feel shorthanded (pun intended) and don't have the necessary capacity to adjust their code to work with the new version of tough-cookie. In order to help them, our goal is to create a customized version of tough-cookie 2.5.0 which is not vulnerable to CVE-2023-26136.

Rispondi alla domanda

Le migliori aziende per "stipendio e benefit" vicino a te

Kelso-Burnett

3.7★Stipendio e benefit

Ricerche correlate: Recensioni su Seal Security | Offerte di lavoro di Seal Security | Stipendi di Seal Security | Benefit di Seal Security

Colloqui di Seal Security Colloqui per Open Source Engineer presso Seal Security Colloquio di Seal Security

Seal Security

Colloquio per Open Source Engineer

Le migliori aziende per "stipendio e benefit" vicino a te

Aziende seguite

Ricerche di lavoro

Colloquio per Open Source Engineer

Le migliori aziende per "stipendio e benefit" vicino a te