oss-sec mailing list archives

Re: Voiding CVE-2020-16248

From: Richard Hartmann <richih.mailinglist () gmail com>
Date: Sun, 9 Aug 2020 10:26:44 +0200

Thanks, Sylvain & Florian.

I wasn't aware that MITRE offered this option. I didn't want to send
email to them as I could no be certain if they own the CVE and as
putting random support burden on a closed list is worse than putting
it onto an open list IMO.

Will do.

On Sat, Aug 8, 2020 at 12:41 PM Sylvain Beucler <beuc () beuc net> wrote:


Hi,

On 08/08/2020 10:49, Richard Hartmann wrote:

I could not find out which organization has
reserved CVE-2020-16248 so I decided to send email to this list to
inform the organization, enabling them to update their records.


I would suggest reaching MITRE:
https://cve.mitre.org/cve/update_cve_entries.html
- "Request an update to an exiting CVE entry"
- Type: "Rejection"

They'll either do the update or point you to the assigning CNA.

Most likely they'll mark the issue as "DISPUTED" within a few business days.

Cheers!
Sylvain




-- 
Richard

Current thread:

Voiding CVE-2020-16248 Richard Hartmann (Aug 08)
- Re: Voiding CVE-2020-16248 Hanno Böck (Aug 08)
- Re: [prometheus-team] Voiding CVE-2020-16248 Bartłomiej Płotka (Aug 08)
  - Re: [prometheus-team] Voiding CVE-2020-16248 Julien Pivotto (Aug 08)
- Re: Voiding CVE-2020-16248 Sylvain Beucler (Aug 08)
  - Re: Voiding CVE-2020-16248 Richard Hartmann (Aug 09)
- Re: Voiding CVE-2020-16248 Bastian Blank (Aug 08)
  - Re: Voiding CVE-2020-16248 Jeffrey Walton (Aug 08)
  - Re: Voiding CVE-2020-16248 Richard Hartmann (Aug 09)