• monogram@feddit.nl
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 month ago

        The fact that a CVE was found doesn’t make it bad

        In fact I’d say if it is handled well, fixed in an appropriate way & communicated correctly, having a fixed CVE should be seen as a good thing.

        The alternative, lying to yourself and all your users that your code is perfectly sculpted and reviewed by each godly entity, is not the way.