|
| ▲ | charcircuit an hour ago | parent | next [-] |
| Considering there were patched libraries at the time of disclosure, those libraries' authors must have been informed ahead of time. |
|
| ▲ | Pharaoh2 an hour ago | parent | prev [-] |
| https://react.dev/blog/2025/12/03/critical-security-vulnerab... Privately Disclosed: Nov 29
Fix pushed: Dec 1
Publicly disclosed: Dec 3 |
| |
| ▲ | drysart an hour ago | parent [-] | | Then even in the worst case scenario, they were addressing this issue two days after it was publicly disclosed. So this wasn't a "rush to fix the zero day ASAP" scenario, which makes it harder to justify ignoring errors that started occuring in a small scale rollout. |
|
