Sign up to save your podcasts
Or
Share CVE for EOL with Aaron Frost
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CVE for EOL with Aaron Frost
Aaron Frost explores the overly complex world of vulnerability identifiers for end of life software. We discuss how incomplete CVE reporting creates blind spots for users while arming attackers with knowledge. The conversation uncovers the ethical tensions between resource constraints and security transparency, highlighting why the "vulnerable until proven otherwise" approach is the best path forward for end of life software.
The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-04-cve_eol_aaron_frost/
View all episodes
By Josh Bressers
4.7
4040 ratings
Aaron Frost explores the overly complex world of vulnerability identifiers for end of life software. We discuss how incomplete CVE reporting creates blind spots for users while arming attackers with knowledge. The conversation uncovers the ethical tensions between resource constraints and security transparency, highlighting why the "vulnerable until proven otherwise" approach is the best path forward for end of life software.
The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-04-cve_eol_aaron_frost/
More shows like Open Source Security
View all
Hacked
187 Listeners
The Changelog: Software Development, Open Source
288 Listeners
Security Now (Audio)
2,011 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
LINUX Unplugged
275 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,028 Listeners
Late Night Linux
168 Listeners
Smashing Security
317 Listeners
Darknet Diaries
8,077 Listeners
Hacking Humans
315 Listeners
Defense in Depth
73 Listeners
2.5 Admins
98 Listeners
Risky Bulletin
45 Listeners