[HN] Now it's PostgreSQL's turn to have a bogus CVE
[HN] Now it's PostgreSQL's turn to have a bogus CVE
opensourcewatch.beehiiv.com Now it's PostgreSQL's turn to have a bogus CVE
PostgreSQL and cURL aren't the only ones. Someone is faking security alerts for numerous open-source projects.
[ comments | sourced from HackerNews ]
You're viewing a single thread.
1
comments
This makes me wonder... If there really is someone automating these reports, how did they not forsee the potencial for reporting completely harmless commits? It's like this was caused by someone who just recently got into the world of software and scripting and thought they were good enough to help with the security for decades-old software.
Was it intentional and - if so - what would they benefit from this??