this post was submitted on 01 Apr 2024
240 points (93.2% liked)

Programmer Humor

19725 readers
54 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 28 points 8 months ago (1 children)

I mean you're not wrong but I'd argue you can get more interesting cve's using a higher more performant language such as c++. Where there are are ways to include CVE 's from C and introduce new ones to each level of your program using inheritance.

[–] [email protected] 6 points 8 months ago (1 children)

Here is the thing. Everybody, including attackers, is too overwhelmed with the boring variety of CVEs and unable to even think about the more interesting kind.

As soon as we make people stop generating those boring ones by the millions, our days will be way more interesting while we find and fix more complex CVEs. But anyway, those will also be way more common on C and C++ code than most other languages (maybe with an exception for JS).

[–] Mikina 1 points 8 months ago* (last edited 8 months ago)

We can call them CCVE's! Critical CVE's.

EDIT: Oh, nevermind. I've forgotten that it's using CVSS, which has a tendency to really overestimate the risk, so almost everyting is CCVE according to them :D