oss-sec mailing list archives

Re: Whats worth a CVE?

From: Eitan Adler <lists () eitanadler com>
Date: Mon, 21 Jan 2013 16:17:43 -0500

On 21 January 2013 14:50, Scott Herbert <scott.a.herbert () googlemail com> wrote:

Well the subject sum's the question up really, are their any fixed
guidelines for what counts as a CVE and what doesn't? Or is it just up
to the CVE pool manager as to what they feel is of note?


CVEs are given to vulnerabilities.
A detailed explanation of what these are can be found here:
https://cve.mitre.org/about/terminology.html


-- 
Eitan Adler

Current thread:

CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Henrique (Jan 20)
- Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Kurt Seifried (Jan 20)
  - Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Agostino Sarubbo (Jan 21)
    - Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Henrique Montenegro (Jan 21)
    - Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Giles Coochey (Jan 21)
    - Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Henri Salo (Jan 21)
    - Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Henrique Montenegro (Jan 21)
    - Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Kurt Seifried (Jan 21)
    - Whats worth a CVE? Scott Herbert (Jan 21)
    - Re: Whats worth a CVE? Eitan Adler (Jan 21)
    - Re: Whats worth a CVE? Kurt Seifried (Jan 21)
    - Re: CVE Request - Wordpress 3.5 Full-path disclosure vulnerability Milan Berger (Jan 21)