Hacker News new | ask | show | jobs
by worthless-trash 1067 days ago
Doesn't look like there is a CVE either: https://www.cvedetails.com/vulnerability-list/vendor_id-1947...
1 comments
capableweb 1067 days ago
> Will you release any information about the vulnerability?

> Yes, we’ll be releasing the patch publicly, as well as a CVE and an explanation in two weeks. We’re delaying release to give our install base a bit of extra time before this is widely exploited.

From their blog.

link
ungamedplayer 1067 days ago
Oh absolutely, but its trivial to get a CVE from the relevant CNA's. A webform or a phone call.

Its a bit silly.

link
capableweb 1066 days ago
Don't you have to share more details about the exploit then? That seems to be the thing they're trying to avoid for now.
link
worthless-trash 1064 days ago
Negative, you can request a CVE without specific details, CNA's do this all the time until unembargo.
link