Jason Frey
Jason Frey
Skipping backport to `quinteros`, because it is already in the branch.
cross-repo test is still red - I'm good with this PR, but I think I want to see cross-repo green first.
Not against duplicating the type, I just lost track of this PR (along with many others 😬)
@richardgirges While you are reviewing these, I think it might be helpful to reach out to NIST/Mitre and request that these CVEs be marked as disputed. At the moment, all...
@richardgirges - [CVE-2022-27140](https://nvd.nist.gov/vuln/detail/CVE-2022-27140) is now marked as disputed in NIST's database > ** DISPUTED ** ... NOTE: the vendor's position is that the observed behavior can only occur with "intentional...
I also found this: https://bugs.ruby-lang.org/issues/20084
Gah, I just noticed https://github.com/coreinfrastructure/best-practices-badge/issues/2070, so might be a duplicate of that one.
I'm fine with closing this one, especially if #2070 is the same issue.
Might be related to #334
I think this might be handled by #406