Embed Notice
HTML Code
Corresponding Notice
- Embed this notice@animeirl @sysrq @nishi
> a constant deluge of CVEs
The problem is that you don't understand Hoare's Dictum and you make terrible, massive, shit codebases.
$ jq -r '.problemtype.problemtype_data |map(.description | map(.value) | join(" ")) | join("\n")' 2023/*/* | sort | uniq -c | sort -n
111 Out-of-bounds Read (CWE-125)
120 CWE-20: Improper Input Validation
134 CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
153 CWE-862 Missing Authorization
153 Information disclosure
157 Information Disclosure
188 CWE-20 Improper Input Validation
193 Elevation of privilege
194 CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
274 Remote Code Execution
292 CWE-79 Cross Site Scripting
313 CWE-79 Cross-Site Scripting (XSS)
353 Elevation of Privilege
366 CWE-352 Cross-Site Request Forgery (CSRF)
541 CWE-89 SQL Injection
1154 CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Goddamn, looks like it's almost all webshit.