52·
6 days agoYou’re aware those CVEs are only relevant for ancient versions of Plex and were fixed long ago?
- 0 Posts
- 3 Comments
Joined 2 years ago
Cake day: July 1st, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
You’re going to need to back up your claim otherwise you might as well be lying as there’s no CVE like this I can find nor any public disclosure.
Plex have a bug bounty program and a responsive security team too.
Post your security report.
CVEs don’t get issued “resolved” statuses… They are either reserved, published, or rejected (technically NVD have a few extra for published). That’s just junk data in that tool you’re using. Use authoritative sources like cve.org or nvd.nist.gov.
You can see the CPEs on NVD and they’re old versions of Plex (and were old when the vulns were published).