@mttaggart And China doesn't really use CVE, and there are vuln houses that don't use CVE, and we let vendors be their own CNA, and cloud has no CVEs.
We're rly broken.
@mttaggart And China doesn't really use CVE, and there are vuln houses that don't use CVE, and we let vendors be their own CNA, and cloud has no CVEs.
We're rly broken.
So
If CISA has to step in and assign CVEs when the appropriate CNA (or MITRE) doesn't,
And
We have consistent issues with bogus CVEs because of the existing process
Hmmm
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.