curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Regarding service request 1513650 (fwd)

From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Tue, 29 Aug 2023 23:19:56 +0200 (CEST)

I asked MITRE for CVE-2020-19909 to be rejected. Denied.

-- 
  / daniel.haxx.se
---------- Forwarded message ----------
Date: Tue, 29 Aug 2023 17:10:47
From: CVE Request <CVE-Request_at_mitre.org>
To: "daniel_at_haxx.se" <daniel_at_haxx.se>
Subject: Regarding service request 1513650
Hello,
Regarding your CVE service request, logged on 2023-08-28T11:09:47, we have the following question or update:
After review there are multiple perspectives on whether the issue information is helpful to consumers of the CVE List, our current preference is in the direction of keeping the CVE ID assignment. There is a valid weakness (integer overflow) that can lead to a valid security impact (denial of service, based on retrying network traffic much more often than is documented/requested). The record has been flagged as DISPUTED and the views have been recorded as a NOTE in the record as well. This request will now be closed.
Please do not hesitate to contact the CVE Team by replying to this email if you have any questions, or to provide more details.
Please do not change the subject line, which allows us to effectively track your request.
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[A PGP key is available for encrypted communications at
http://cve.mitre.org/cve/request_id.html]
{CMI: MCID14239336}
-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html
Received on 2023-08-29