GitHub Improves Vulnerability Workflows and Becomes CVE Numbering Authority

Source:- Along with Semmle acquisition, GitHub has disclosed a number of improvements aimed to make it easier for maintainers and developers to fix and protect against vulnerabilities. This includes the possibility of creating a security advisory and assigning it a CVE number directly from GitHub UI. As GitHub senior vice president Shanku Niyogi explains, when a project maintainer or anyone with admin privileges for a repository discovers a vulnerability, they can now create a draft security advisory, which provide a private area to

Read more