Richard Levitte: "@bagder Oh... I should've know…" - Mastodon.nu

Senaste sökningarna

Sökalternativ

Endast tillgängligt när du är inloggad.

daniel:// stenberg:// @bagder@mastodon.social

CVSS is dead to us

https://daniel.haxx.se/blog/2025/01/23/cvss-is-dead-to-us/

daniel.haxx.se · 23 jan.CVSS is dead to usCVSS is short for Common Vulnerability Scoring System and is according to Wikipedia a technical standard for assessing the severity of vulnerabilities in computing systems. Typically you use an online CVSS calculator, click a few checkboxes and radio buttons and then you magically get a number from 0 to 10. There are also different versions … Continue reading CVSS is dead to us →

daniel:// stenberg:// @bagder@mastodon.social

on hacker news: https://news.ycombinator.com/item?id=42802736

news.ycombinator.comCVSS Is Dead to Us | Hacker News

Richard Levitte @levitte

@bagder
Should we participate in CVE production at all?

daniel:// stenberg:// @bagder@mastodon.social

@levitte then we just leave it to someone else to do it and I think that is even worse...

Richard Levitte @levitte

@bagder
Uhmmmm... so, make yourself a CVE authority on your stuff [effectively blocking anyone else from publishing anything on your stuff), and do nothing else (i.e. no CVE published).

Of course, it's a bit late for #curl, but you know, other projects?

(and yes, it's naughty. I'm in a naughty mood, yeah?)

daniel:// stenberg:// @bagder@mastodon.social

@levitte there's an appeal process to prevent that kind of action from CNAs

Richard Levitte @levitte@mastodon.nu

@bagder
Oh... I should've known, I guess

24 jan. 2025 07:48··Mastodon for Android

00 röster·0favoriter

Dra & släpp för att ladda upp