Google's open-source vulnerability schema

by
corbet
from LWN.net on (#5KH77)
The Google Security Blog announcesthe release of a schema intended to describe vulnerabilities in aproject-independent manner:

With this schema we hope to define a format that all vulnerabilitydatabases can export. A unified format means that vulnerabilitydatabases, open source users, and security researchers can easilyshare tooling and consume vulnerabilities across all of opensource. This means a more complete view of vulnerabilities in opensource for everyone, as well as faster detection and remediationtimes resulting from easier automation.

This schema is already being provided by a number projects, including Go,Rust, Python, DWF, and OSS-Fuzz.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments