Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not allowing CNA seems to be the biggest issue. Long time ago we had issues where getting a new cve for an open source project was really rare and hard to achieve. Now anyone who asks gets one without validation. Two extremes, likely due to lack of resources, but they won't share the load...


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: