-
## Release Checklist
- [x] [OWNERS](https://github.com/kubernetes-sigs/kueue/blob/main/OWNERS) must LGTM the release proposal.
At least two for minor or major releases. At least one for a patch …
-
The classification of a vulnerability in NVD can be somewhat divisive & debatable.
Maintainers may wish to alter the severity or an aspect of the vector. Cunsuming organisations may wish to manag…
-
I am having difficulty understanding the following statement:
> The latest version is not vulnerable. Please read https://github.com/tianon/gosu/blob/master/SECURITY.md
I recently downloaded v1.…
-
## Release Checklist
- [x] [OWNERS](https://github.com/kubernetes-sigs/kueue/blob/main/OWNERS) must LGTM the release proposal.
At least two for minor or major releases. At least one for a patch …
-
## Release Checklist
- [x] [OWNERS](https://github.com/kubernetes-sigs/kueue/blob/main/OWNERS) must LGTM the release proposal.
At least two for minor or major releases. At least one for a patch …
-
The README says:
> With the help of automatically executed rules and manual assessments, the results can be efficiently evaluated to eliminate irrelevant results and accept risks. This allows the d…
-
The foundation is planning a table top exercise event as part of the SOSS Community Day NA 2024 in Seattle. Would like to get input from TAC.
The TTX planning proposal below.
-
Hi,
I'd like to check that my Zephyr product is not affected by any CVE. For this, I use the NVD database (using CPE "zephyrproject:zephyr") which mostly links to the "Security Advisories" on this …
-
# Description
When calling `vexctl attest --sign --attach report.vex.json`, the attached attestation seemingly cannot be verified via `cosign verify-attestion`.
## Repro steps:
1. Create a samp…
-
**Describe the bug**
When running `guacone query vuln --vuln-id `, the table output does not show any related VEX statements when they are present. However, if you were to run `guacone query vuln ` …