undefined | Better HN

0 pointsworthless-trash2y ago0 comments

Doesn't look like there is a CVE either: https://www.cvedetails.com/vulnerability-list/vendor_id-1947...

0 comments

> Will you release any information about the vulnerability?

> Yes, we’ll be releasing the patch publicly, as well as a CVE and an explanation in two weeks. We’re delaying release to give our install base a bit of extra time before this is widely exploited.

From their blog.

ungamedplayer2y ago

Oh absolutely, but its trivial to get a CVE from the relevant CNA's. A webform or a phone call.

Its a bit silly.

capableweb2y ago

Don't you have to share more details about the exploit then? That seems to be the thing they're trying to avoid for now.

1 more reply

j / k navigate · click thread line to collapse

0 comments

capableweb2y ago

> Will you release any information about the vulnerability?

From their blog.

ungamedplayer2y ago

Oh absolutely, but its trivial to get a CVE from the relevant CNA's. A webform or a phone call.

Its a bit silly.

capableweb2y ago

Don't you have to share more details about the exploit then? That seems to be the thing they're trying to avoid for now.

1 more reply

j / k navigate · click thread line to collapse