Hello,
I'm a Ph.D. candidate in UC (Portugal) working with Xen's vulnerability
discovery process, right now focusing on modeling, and I'd like to
understand the process before the disclosure (by XSA or CVE/NVD).
It would be nice to have a more precise date that traces a vulnerability
(XSA) to its discovery rather than the public release date.
Currently, I'm parsing any references from NVD/CVE and analyzing the
dates. For older XSA, this works better than from newer ones.
Is there any other place that I could find this information?
Atenciosamente,
*Charles Ferreira Gonçalves *
I'm a Ph.D. candidate in UC (Portugal) working with Xen's vulnerability
discovery process, right now focusing on modeling, and I'd like to
understand the process before the disclosure (by XSA or CVE/NVD).
It would be nice to have a more precise date that traces a vulnerability
(XSA) to its discovery rather than the public release date.
Currently, I'm parsing any references from NVD/CVE and analyzing the
dates. For older XSA, this works better than from newer ones.
Is there any other place that I could find this information?
Atenciosamente,
*Charles Ferreira Gonçalves *