TC39 Delegates on 2023-10-11

09:35	<Michael Ficarra>	shu: an example of a spec-level vulnerability (as opposed to a vulnerability in any particular implementation): https://nvd.nist.gov/vuln/detail/CVE-2023-44487
09:37	<Michael Ficarra>	Because the attack abuses an underlying weakness in the HTTP/2 protocol, we believe any vendor that has implemented HTTP/2 will be subject to the attack. This included every modern web server.
14:37	<shu>	ah okay, i can see the case for protocols having such vulnerabilities