From 7d98e23bc2ec692fa20d96b39aa0df1ba79df633 Mon Sep 17 00:00:00 2001 From: Ervin Hegedus Date: Sat, 12 Oct 2024 11:04:43 +0200 Subject: [PATCH] Update content/blog/2024-10-11-cve-2024-46292.md Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com> --- content/blog/2024-10-11-cve-2024-46292.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/blog/2024-10-11-cve-2024-46292.md b/content/blog/2024-10-11-cve-2024-46292.md index c8c008a..0576b43 100644 --- a/content/blog/2024-10-11-cve-2024-46292.md +++ b/content/blog/2024-10-11-cve-2024-46292.md @@ -27,7 +27,7 @@ On October 9 the CVE was published. We immediately contacted the reporter and as * why did they not inform us about the publication of the CVE? * they responded that they had opened the CVE before informing us and wrote that they _"didn't expect it to pass."_ and _"only remembered to contact you after submitting."_ - * **note**: the CVE was recorded on **Septeber 11** - see [mitre.org](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-46292) page + * **note**: the CVE was submitted on **Septeber 11** - see [mitre.org](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-46292) page. * they also added that they _"did not continue to verify it due to busy work"_, and that they are _"not very familiar with the specific reasons"_. * they never mentioned "buffer overflow" at all in any of our exchanges, so why does the CVE contain that wording? * they responded that they did not know how that wording became part of their CVE submission