[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [oss-security] Prosody XMPP server advisory 2021-07-22 (Remote Information Disclosure) (CVE Request)



On Mittwoch, 28. Juli 2021 08:28:53 CEST Salvatore Bonaccorso wrote:
> Hi Jonas,
> 
> On Thu, Jul 22, 2021 at 05:03:36PM +0200, Jonas Schäfer wrote:
> > (NB: [1] suggested that posting to this list is still an acceptable way to
> > request a CVE, especially if disclosure should happen immediately. Please
> > let me know if that's not going to work, then I'll fill out the form.)
> Can you request a CVE directly through https://cveform.mitre.org/ ?

Will do, thanks.

Where to go to get a CVE for a "random" open source project is always a bit 
opaque for me. I noticed that I managed to omit the link in my original email, 
this is the guide I was referring to:

(sorry for the broken link)

https://github.com/CVEProject/cveproject.github.io/blob/gh-pages/requester/
reservation-guidelines.md#4-requests-to-third-party-coordinator-cnas-or-email-
lists

kind regards,
Jonas

Attachment: signature.asc
Description: This is a digitally signed message part.