vulnerability disclosure


vulnerability disclosure

Reporting security flaws to vendors and the general public. Normally, vulnerabilities are first reported to the software vendor and then revealed to the public after the vendor has published a patch to fix the problem. If the vendor does not develop a remedy after 30 to 60 days, the discovering party often makes the flaw public. See vulnerability and CERT.