Skip Navigation

[HN] Now it's PostgreSQL's turn to have a bogus CVE

opensourcewatch.beehiiv.com Now it's PostgreSQL's turn to have a bogus CVE

PostgreSQL and cURL aren't the only ones. Someone is faking security alerts for numerous open-source projects.

[ comments | sourced from HackerNews ]

1
1 comments
  • This makes me wonder... If there really is someone automating these reports, how did they not forsee the potencial for reporting completely harmless commits? It's like this was caused by someone who just recently got into the world of software and scripting and thought they were good enough to help with the security for decades-old software.

    Was it intentional and - if so - what would they benefit from this??

    1