[ Date Prev ][ Date Next ][ Thread Prev ][ Thread Next ][ Date Index ][ Thread Index ]

Re: Agenda for CVE Board Meeting Wednesday, 15 November 2017 

On 2017-11-15 16:32, Art Manion wrote:

> (*) YYYY is meant to be the year the vulnerability (not the CVE ID)
> was published, right?  Not year the CVE ID was requested, assigned,
> or published?

CVE web site says:

https://cve.org/CVERecord?id=CVE-2017-3222

Date Entry Created: 20161205

Disclaimer: The entry creation date may reflect when the CVE-ID was
allocated or reserved, and does not necessarily indicate when this
vulnerability was discovered, shared with the affected vendor, publicly
disclosed, or updated in CVE.

Best reasonable guess at ${date_public} really should be in CVE
entries.  Possibly also ${date_last_updated}, which might be obtainable
from github?

 - Art
Page Last Updated or Reviewed: November 16, 2017