29 lines
1.1 KiB
Plaintext
29 lines
1.1 KiB
Plaintext
=== is related to: S2201
|
|
|
|
=== is related to: S2677
|
|
|
|
=== on 13 Nov 2014, 22:55:27 Evgeny Mandrikov wrote:
|
|
There is some exclusions in CERT.
|
|
|
|
=== on 17 Nov 2014, 16:16:15 Ann Campbell wrote:
|
|
\[~evgeny.mandrikov] do you want to add a whitelist to this rule?
|
|
|
|
=== on 2 Feb 2015, 20:34:28 Sébastien Gioria wrote:
|
|
This could fall into OWASP Top10 2013 -A6
|
|
|
|
|
|
it's CERT EXP00-J
|
|
|
|
=== on 3 Feb 2015, 20:26:49 Ann Campbell wrote:
|
|
I've added the CERT reference [~sebastien.gioria], but don't understand the OWASP tie.
|
|
|
|
=== on 3 Feb 2015, 20:28:47 Ann Campbell wrote:
|
|
\[~freddy.mallet] the history on this ticket shows that you deleted the description on the 1st of December. How come?
|
|
|
|
=== on 4 Feb 2015, 09:45:11 Freddy Mallet wrote:
|
|
\[~ann.campbell.2] I guess my main goal was to remove the Compliant and NonCompliant sections that were suitable only for C/{cpp}. But indeed the first sentence should remain in the global description. I let you revert this change @Ann ?
|
|
|
|
=== on 29 Jul 2016, 09:59:15 Freddy Mallet wrote:
|
|
\[~ann.campbell.2], I tend to think that the impact should be "Low" on this vulnerability.
|
|
|