Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://freespeechextremist.com/objects/7118933a-38e1-4f0c-b435-4e69b2ab0f0a">pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Sunday, 01-Oct-2023 09:04:54 JST</a><a href="https://freespeechextremist.com/users/p" title="p@freespeechextremist.com"><img src="https://gnusocial.jp/avatar/701-48-20220723171505.webp" width="48" height="48" alt="pistolero :thispersondoesnotexist:" style="position: absolute; left: 0; top: 0;">pistolero :thispersondoesnotexist:</a><div><a href="https://shitposter.club/objects/95f3869f-5857-4924-8596-1ca34d3c1611" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/10968" title="sysrq@freespeechextremist.com">sysrq</a></li><li><a href="https://gnusocial.jp/user/160682" title="nishi@hkgk.nishi.boats">:netbsd: Nishi</a></li></ul></div></section><article><a href="https://shitposter.club/users/animeirl">@animeirl</a> <a href="https://freespeechextremist.com/users/sysrq">@sysrq</a> <a href="https://hkgk.nishi.boats/users/nishi">@nishi</a> <br><br>&gt; a constant deluge of CVEs <br><br>The problem is that you don't understand Hoare's Dictum and you make terrible, massive, shit codebases.<br><br>$ jq -r '.problemtype.problemtype_data |map(.description | map(.value) | join(" ")) | join("\n")'  2023/*/* | sort | uniq -c | sort -n<br><br>    111 Out-of-bounds Read (CWE-125)<br>    120 CWE-20: Improper Input Validation<br>    134 CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')<br>    153 CWE-862 Missing Authorization<br>    153 Information disclosure<br>    157 Information Disclosure<br>    188 CWE-20 Improper Input Validation<br>    193 Elevation of privilege<br>    194 CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br>    274 Remote Code Execution<br>    292 CWE-79 Cross Site Scripting<br>    313 CWE-79 Cross-Site Scripting (XSS)<br>    353 Elevation of Privilege<br>    366 CWE-352 Cross-Site Request Forgery (CSRF)<br>    541 CWE-89 SQL Injection<br>   1154 CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br><br><br>Goddamn, looks like it's almost all webshit.</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2119926#notice-4167568">In conversation</a><time datetime="2023-10-01T09:04:54+09:00" title="Sunday, 01-Oct-2023 09:04:54 JST">Sunday, 01-Oct-2023 09:04:54 JST</time> <span>from <span><a href="https://freespeechextremist.com/objects/7118933a-38e1-4f0c-b435-4e69b2ab0f0a" rel="external" title="Sent from freespeechextremist.com via ActivityPub">freespeechextremist.com</a></span></span><a href="https://freespeechextremist.com/objects/7118933a-38e1-4f0c-b435-4e69b2ab0f0a">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
pistolero :thispersondoesnotexist: (p@freespeechextremist.com)'s status on Sunday, 01-Oct-2023 09:04:54 JSTpistolero :thispersondoesnotexist:
in reply to
@animeirl @sysrq @nishi

> a constant deluge of CVEs

The problem is that you don't understand Hoare's Dictum and you make terrible, massive, shit codebases.

$ jq -r '.problemtype.problemtype_data |map(.description | map(.value) | join(" ")) | join("\n")' 2023/*/* | sort | uniq -c | sort -n

111 Out-of-bounds Read (CWE-125)
120 CWE-20: Improper Input Validation
134 CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
153 CWE-862 Missing Authorization
153 Information disclosure
157 Information Disclosure
188 CWE-20 Improper Input Validation
193 Elevation of privilege
194 CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
274 Remote Code Execution
292 CWE-79 Cross Site Scripting
313 CWE-79 Cross-Site Scripting (XSS)
353 Elevation of Privilege
366 CWE-352 Cross-Site Request Forgery (CSRF)
541 CWE-89 SQL Injection
1154 CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Goddamn, looks like it's almost all webshit.
In conversationSunday, 01-Oct-2023 09:04:54 JST from freespeechextremist.compermalink

Public

Embed Notice

HTML Code

Corresponding Notice