a-martynovich
commented
4 years ago @vpetersson Any idea where we can get this data? All I know is Debian Security Tracker, other sources we use (Ubuntu Security Tracker, ALAS) don't have such info.
Open vpetersson opened 4 years ago
a-martynovich
commented
4 years ago @vpetersson Any idea where we can get this data? All I know is Debian Security Tracker, other sources we use (Ubuntu Security Tracker, ALAS) don't have such info.
vpetersson
commented
4 years ago I don't know how to get this as of right now. Let's leave this aside for now.
Knowing if a CVE has Remote Code Execution (RCE) makes a huge impact in determining its severity. We should enrich our reporting to include this.