Jeff Robbins
Jeff Robbins
Perhaps one of the project's devs could email [[email protected]](https://mail.google.com/mail/?view=cm&fs=1&tf=1&[email protected]) and ask what the security issue is? The status given at https://nvd.nist.gov/vuln/detail/CVE-2022-33124 is > This vulnerability is currently awaiting analysis. which...
@webknjaz according to the NIST [website](https://nvd.nist.gov/vuln/detail/CVE-2022-33124), the CVE "Source" is "MITRE", which is not a random user. The website has [a feedback link](https://cveform.mitre.org/), so I submitted feedback (choosing "Request an...
@webknjaz I truly apologize for not knowing your circumstances. Please let me know if I can do any of the leg work in tracking down the process at Mitre that...
On re-reading the issue https://github.com/aio-libs/aiohttp/issues/6772#issue-1253751995, I see that the issue has this phrase in it > Denial of service Perhaps MITRE is using some bot and surfaced this issue? It...
Section `C5` of this [document](https://www.cve.org/ResourcesSupport/AllResources/CNARules) explains the `** DISPUTED **` status terminology, and section `9` describes an "Appeals" process. I'm glad that we can see that `** DISPUTED **` status,...
[Section 9](https://www.cve.org/ResourcesSupport/AllResources/CNARules) outlines an appeals process: > The party seeking to appeal a decision made by a Root, or resolve a disagreement between Roots, contacts their hierarchy's Top-Level Root. For...
I suggest making a second submittal following their procedure. I see in "7.1.2 If the CNA determines that an issue violates the security policy of a product, then the issue...
To be clear, in the simplest case of a Lambda function with a Mangum-based app (e.g. using `FastAPI`), there only needs to be one event loop, not multiple event loops....
I tried this on the AWS EC2 (using a `.whl` from the artifacts from that PR): ```cmd python --version Python 3.9.9 md artifact cd artifact python -m venv .venv .venv\Scripts\activate...
I am seeing this notice at the end of deploying various cdk stacks written in Python. I'm puzzled as to why I see this even when the stack isn't using...