oss-sec mailing list archives
Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE Request)
From: Jonas Schäfer <jonas () wielicki name>
Date: Wed, 28 Jul 2021 15:08:01 +0200
On Mittwoch, 28. Juli 2021 08:28:53 CEST Salvatore Bonaccorso wrote:
Hi Jonas, On Thu, Jul 22, 2021 at 05:03:36PM +0200, Jonas Schäfer wrote:(NB: [1] suggested that posting to this list is still an acceptable way to request a CVE, especially if disclosure should happen immediately. Please let me know if that's not going to work, then I'll fill out the form.)Can you request a CVE directly through https://cveform.mitre.org/ ?
Will do, thanks. Where to go to get a CVE for a "random" open source project is always a bit opaque for me. I noticed that I managed to omit the link in my original email, this is the guide I was referring to: (sorry for the broken link) https://github.com/CVEProject/cveproject.github.io/blob/gh-pages/requester/ reservation-guidelines.md#4-requests-to-third-party-coordinator-cnas-or-email- lists kind regards, Jonas
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE Request) Jonas Schäfer (Jul 22)
- Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE Request) Salvatore Bonaccorso (Jul 27)
- Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE Request) Jonas Schäfer (Jul 28)
- Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE-2021-37601) Jonas Schäfer (Jul 28)
- Re: Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE Request) Salvatore Bonaccorso (Jul 27)