The fate of the CVE Program—a database that catalogs publicly disclosed security vulnerabilities—was unknown over the past 24 hours. Yesterday, it was leaked that the maintainer of the CVE Program, MITRE, sent a letter to CVE board members, saying that funding for the CVE program was set to expire today, April 16. “If a break … continue reading
Google launched Open Source Vulnerabilities (OSV) this week to provide users with precise data on where a vulnerability was introduced, where it got fixed, and to help users know if they’ve been impacted. According to Google, OSV solves issues surrounding open-source security using automation in two key ways: improving the accuracy of vulnerability queries and … continue reading
The Apache Software Foundation (ASF) has released a new report examining key metrics, specific vulnerabilities and top security issues across its projects last year. The new report also notes all of the major security events that posed risks to its projects. According to the report, the first serious security event last year was an issue … continue reading
These days it is almost impossible to develop in JavaScript without utilizing one of the thousands of open-source JavaScript libraries available. Libraries make coding in JavaScript simpler and more efficient by taking processes that would ordinarily require several lines of code to achieve and simplifying them, usually by creating a single function that can be … continue reading
