[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] !CVE: A new platform to track security issues not acknowledged by vendors
From: Brian Peters <brianrpeters () gmail ! com>
Date: 2023-11-08 20:55:53
Message-ID: CAK_vis6udRU5MRodhseyqVdPVXD2iv0cU7uXqpAGxpGVh_fKAQ () mail ! gmail ! com
[Download RAW message or body]
> I somehow doubt the presence of the ! makes much of a difference.
What about NVID? NVID-2023-0001
Not (A) Vulnerability ID
On Wed, Nov 8, 2023 at 2:39 PM Vegard Nossum <vegard.nossum@oracle.com>
wrote:
>
> On 08/11/2023 14:22, !CVE Team wrote:
> > ==============
> > What is a !CVE
> > ==============
> >
> > - A common place for !vulnerabilities (read not vulnerabilities)
> >
> > - Security issues not covered by the traditional CVE.
> >
> > - An identifier following common naming starting with an exclamation
> > mark(!) Example: !CVE-2023-0001
>
> I am not a lawyer, but I'd assume you would run into some issues with
> the naming of all this -- wasn't that the exact issue that somebody else
> ran into when they tried to assign identifiers to bugs that MITRE
> wouldn't acknowledge? Here's what they said back then:
>
> <
> https://cve.mitre.org/news/archives/2021/news.html#April022021_Message_to_DWF_from_the_CVE_Board
> >
>
> I somehow doubt the presence of the ! makes much of a difference.
>
>
> Vegard
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic