4 comments

[ 1.7 ms ] story [ 21.7 ms ] thread
Begging the question of why the vulnerable version is still available to be grabbed in the first place?
this, companies who are hosting known vulnerable libraries should be charged criminally imo
That's one of the open questions. YES. Absolutely.
Deleting them would break builds ;)