oss-sec mailing list archives
CVE for program distributing vulnerable components ?
From: security minded <osssecur1tym1nded () gmail com>
Date: Fri, 14 Feb 2020 00:11:00 +0100
Hello, I've identified a program whose installer contains components with known CVEs. Should one or several CVE be asked for the installer itself ?
Current thread:
- CVE for program distributing vulnerable components ? security minded (Feb 14)
- Re: CVE for program distributing vulnerable components ? Simon McVittie (Feb 14)
- Re: CVE for program distributing vulnerable components ? Francis Perron (Feb 14)
- Re: CVE for program distributing vulnerable components ? Simon McVittie (Feb 14)