Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
chjara (chjara@snowdin.town)'s status on Tuesday, 18-Jul-2023 04:08:33 JST chjara

two kinds of CVE:
- code execution by remote untrusted user (severity: low)
- using deprecated configuration option could cause information leak to system administrator (severity: extreme)

In conversation Tuesday, 18-Jul-2023 04:08:33 JST from snowdin.town permalink
- Haelwenn /элвэн/ :triskell: likes this.
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Tuesday, 18-Jul-2023 04:09:28 JST Haelwenn /элвэн/ :triskell:
  in reply to
  
  @chjara Meanwhile cve's website: https://github.com/CVEProject/cve-website/pulls?q=is%3Apr+security
  In conversation Tuesday, 18-Jul-2023 04:09:28 JST permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
    
    Pull requests · CVEProject/cve-website
    
    The new CVE website. Contribute to CVEProject/cve-website development by creating an account on GitHub.
- Embed this notice
  Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Tuesday, 18-Jul-2023 04:13:01 JST Haelwenn /элвэн/ :triskell:
  in reply to
  - Haelwenn /элвэн/ :triskell:
  @chjara Also I'm glad to see ones that haven't been merged after 6 months, imagine injecting a funny json to CVE.org (prototype pollution vuln so maybe you get JS injection?)
  In conversation Tuesday, 18-Jul-2023 04:13:01 JST permalink
  Attachments
  1. No result found on File_thumbnail lookup.
    
    cve-website

Public

Conversation

Notices

Feeds