Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://peculiar.florist/notes/aez1mrootbqnbycj">🪨 (varpie@peculiar.florist)'s status on Wednesday, 12-Nov-2025 13:09:33 JST</a><a href="https://peculiar.florist/@Varpie" title="varpie@peculiar.florist"><img src="https://gnusocial.jp/avatar/158221-48-20230807083007.webp" width="48" height="48" alt="🪨" style="position: absolute; left: 0; top: 0;">🪨</a><div><a href="https://queer.hacktivis.me/objects/00e568ea-b48b-426d-b8f3-34dbf09d0146" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/6007" title="wolf480pl@mstdn.io">Wolf480pl</a></li><li><a href="https://gnusocial.jp/user/13764" title="sjvn@mastodon.social">sjvn</a></li><li><a href="https://gnusocial.jp/user/71923" title="jrdepriest@infosec.exchange">J. R. DePriest :verified_trans: :donor: :Moopsy: :EA DATA. SF:</a></li><li><a href="https://gnusocial.jp/user/158739" title="phnt@fluffytail.org">Phantasm</a></li></ul></div></section><article><p><a href="https://queer.hacktivis.me/users/lanodan">@lanodan</a> <a href="https://mastodon.social/@sjvn">@sjvn</a> <a href="https://mstdn.io/@wolf480pl">@wolf480pl</a> <a href="https://infosec.exchange/@jrdepriest">@jrdepriest</a> <a href="https://fluffytail.org/users/phnt">@phnt</a> Let me rephrase: it wouldn't be possible to exploit a 10.0 CVE vulnerability on a dev server without internet access, because a part of the CVSS score is the attack vector, and for a score of 10.0 you'd need an attack that can be easily made over a network, so the offline dev server can't be impacted. So that example is irrelevant.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5853465#notice-11499836">In conversation</a><time datetime="2025-11-12T13:09:33+09:00" title="Wednesday, 12-Nov-2025 13:09:33 JST">about a month ago</time> <span>from <span><a href="https://gnusocial.jp/notice/11499836" rel="external" title="Sent from gnusocial.jp via ActivityPub">gnusocial.jp</a></span></span><a href="https://gnusocial.jp/notice/11499836">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
🪨 (varpie@peculiar.florist)'s status on Wednesday, 12-Nov-2025 13:09:33 JST🪨
in reply to
@lanodan @sjvn @wolf480pl @jrdepriest @phnt Let me rephrase: it wouldn't be possible to exploit a 10.0 CVE vulnerability on a dev server without internet access, because a part of the CVSS score is the attack vector, and for a score of 10.0 you'd need an attack that can be easily made over a network, so the offline dev server can't be impacted. So that example is irrelevant.
In conversationabout a month ago from gnusocial.jppermalink

Public

Embed Notice

HTML Code

Corresponding Notice