-
# Background
This issue relates to the following CoST IDS elements proposed in the CoST IDS/OC4IDS review:
Policy coherence
## Policy coherence
**Module:** Institutional
**Indicator…
-
Congresswoman Nancy Mace has introduced a bill that would require federal contractors to have a Vulnerability Disclosure Policy (VDP).
The post [Lawmaker Wants Federal Contractors to Have Vulnerabi…
-
The Vulnerability Disclosure WG has developed a proposal for an OpenSSF Vulnerability Disclosure Policy. This policy is for **outgoing** vulnerabilities, not incoming vulnerabilities. This is particul…
-
I suggested to remove the instance NFData (a -> b) because it cannot be implemented properly. I think the proposal got broad support:
https://mail.haskell.org/libraries/2016-May/026961.html
We have st…
-
pub needs a feature similar to [npm audit](https://docs.npmjs.com/cli/audit) that will scan a given project for known vulnerabilities and security issues by checking package versions against a vulnera…
-
# Microsoft Security Advisory - Multiple UMCI bypass vulnerabilities
* CVE-2019-0627
* CVE-2019-0631
* CVE-2019-0632
## Executive Summary
Multiple security feature bypass vulnerability exi…
-
## Goal
| User story |
|:---------------------------------------------------------------------------|
| As a security engineer using Fleet's API for device health,
| I want to hit one API endpo…
-
We would like feedback from the group on the Secure Software Guiding Principles document(1) that the team recently agreed to collaborate on. Please provide feedback and comments here in this issue, o…
-
This is totally related to #5045, but I can not comment on it.
For me this should be re-opened, because it's a security issue.
I provide the package `xxx` to the private repository `my-company.c…
-
The current Database container was last updated ~2 years ago and should be updated, as it accumulated quite some security issues over the time, or upgrade to version 15, as this seems to be the latest…