17 野に咲く名無し@転載禁止 (主) 2023/09/07 02:55:05
Now it's PostgreSQL's turn to have a bogus CVE
https://opensourcewatch.beehiiv.com/p/now-postgresqls-turn-bogus-cve
Recently, the popular open-source command line copy tool, cURL for transferring data via URLs, was given a jaw-dropping 9.8 Common Vulnerability Scoring System (CVSS) critical security violation mark. There was only one little problem with this National Vulnerability Database (NVD) CVE-2020-19909 report: It was bogus. There's nothing wrong with cURL. Now, the same kind of crap security report has shown up for the open-source SQL database, PostgreSQL.