Conversation
buherator
buherator
Edited 4 months ago
[oss-security] CVE-2023-49606, CVE-2023-40533: memory safety vulnerabilities in tinyproxy <=1.11.1
"Talos claims to have contacted them in December 2023, but according to the developer there was no contact before the above advisories were released. The developer also disputes the veracity of CVE-2023-40533." - Weird, esp. considering @TalosSecurity has plenty of experience with vulnerability reporting...
https://www.openwall.com/lists/oss-security/2024/05/07/1
"Talos claims to have contacted them in December 2023, but according to the developer there was no contact before the above advisories were released. The developer also disputes the veracity of CVE-2023-40533." - Weird, esp. considering @TalosSecurity has plenty of experience with vulnerability reporting...
https://www.openwall.com/lists/oss-security/2024/05/07/1
1
0
2