|
|
Subscribe / Log in / New account

Google's open-source vulnerability schema

Google's open-source vulnerability schema

[Security] Posted Jun 25, 2021 14:39 UTC (Fri) by corbet

The Google Security Blog announces the release of a schema intended to describe vulnerabilities in a project-independent manner:

With this schema we hope to define a format that all vulnerability databases can export. A unified format means that vulnerability databases, open source users, and security researchers can easily share tooling and consume vulnerabilities across all of open source. This means a more complete view of vulnerabilities in open source for everyone, as well as faster detection and remediation times resulting from easier automation.

This schema is already being provided by a number projects, including Go, Rust, Python, DWF, and OSS-Fuzz.

Comments (none posted)


Copyright © 2021, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds