In the pod Linux Matters ep 30, Alan Pope told that NIST has stopped/paused to add "metadata" to eg CVE vulnerability reports in their NVD data base. In the unclear situation, Anchore weher Alan works, has initiated something open source and asks other to join to fill the gap.

All is outside of my competence area but appears to be interesting/critical/concern.

Ref Anchor blog post and pod:
linuxmatters.sh/30/
anchore.com/blog/national-vuln

Follow

Ping @karlemilnikka För info till dig; om du begriper, vet om eller är intresserad av ovanstående inlägg - se länkar!

Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml