-
The Vulnerability Disclosure WG has developed a proposal for an OpenSSF Vulnerability Disclosure Policy. This policy is for **outgoing** vulnerabilities, not incoming vulnerabilities. This is particul…
-
# Microsoft Security Advisory - Multiple UMCI bypass vulnerabilities
* CVE-2019-0627
* CVE-2019-0631
* CVE-2019-0632
## Executive Summary
Multiple security feature bypass vulnerability exi…
-
pub needs a feature similar to [npm audit](https://docs.npmjs.com/cli/audit) that will scan a given project for known vulnerabilities and security issues by checking package versions against a vulnera…
-
## Goal
| User story |
|:---------------------------------------------------------------------------|
| As a security engineer using Fleet's API for device health,
| I want to hit one API endpo…
-
We would like feedback from the group on the Secure Software Guiding Principles document(1) that the team recently agreed to collaborate on. Please provide feedback and comments here in this issue, o…
-
The Drupal project is considering adding this library as one of our dependencies, so we're performing a standard stability review. We're looking into adopting this as a dependency of Drupal core (star…
-
## Foundation Mission Request – Code of Conduct Enforcement Solution
* **Foundation Mission Summary:** Code of Conduct Enforcement Solution
* **S4 Intent**: Improve Governance Accessibility
* **…
-
Description: as discussed in Feb 16 TOC meeting (TBD toc issue), take a look at incubated/graduated projects and check to what degree projects have documented policies for users to report security vul…
-
# 每日安全资讯(2023-08-03)
- SecWiki News
- [ ] [SecWiki News 2023-08-02 Review](http://www.sec-wiki.com/?2023-08-02)
- HackerOne Hacker Activity
- [ ] [Tor IP leak caused by the PDF Viewer extension i…
-
- [x] I have read the [SECURITY.md](https://github.com/GoogleContainerTools/distroless/blob/main/SECURITY.md)
- [x] I understand that this repo tracks debian package releases and cannot fix debian CV…