Y
Hacker News
new
|
ask
|
show
|
jobs
by
zaphirplane
104 days ago
How did the security team conduct a security review of a non trivial package
1 comments
vrighter
103 days ago
they run it throuh a tool that checks online whether any cves relate to that version. They don't care whether you actually hit the vuln, if there's a cve it's "bad". That's usually the level i see.
link