We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2020-36428 = OSV-2021-440 = https://oss-fuzz.com/testcase-detail/5668218489536512 is considered invalid. How can both CVE and OSV be marked as fixed?
@fyi @inferno-chromium
The text was updated successfully, but these errors were encountered:
It's not fixed according to the OSV. https://osv.dev/vulnerability/OSV-2021-440 has an "introduced" event only, and no "fixed" event.
We also don't generate the CVE -- someone else is taking our entries and generating them.
Sorry, something went wrong.
Yes, I know, it is not marked as fixed in the yaml file. But I thought it is considered a false-positive issue and wondered how to deal with it.
Ah, I misunderstood your question. After your PR, https://osv.dev/vulnerability/OSV-2021-440 is marked as fixed, thanks!
No branches or pull requests
CVE-2020-36428 = OSV-2021-440 = https://oss-fuzz.com/testcase-detail/5668218489536512 is considered invalid. How can both CVE and OSV be marked as fixed?
@fyi @inferno-chromium
The text was updated successfully, but these errors were encountered: