|
|
|
|
|
|
by Clamchop
637 days ago
|
|
|
The point of the person you're replying to is that JVM software has far fewer vulnerabilities than it would have otherwise. The number of CVEs reveals that there is a lot of Java software and that there's a strong culture of importing dependencies. But we also care about the nature of them, the normalized relative frequency of very serious flaws like RCE exploits. |
|
|