|
|
|
|
|
|
by cp9
832 days ago
|
|
|
my understanding matches yours. I don't think this article is particularly clear about why rapid7 would threaten to disclose a vulnerability before a patch is ready and then subsequently get angry that jetbrains put out a patch to fix the issue |
|
|
They are angry that it was a _silent_ patch. The whole issue revolves around the _silent_ part.
More on why Rapid7 doesn't like silent patching here: https://www.rapid7.com/blog/post/2022/06/06/the-hidden-harm-...