Google launches unified initiative to boost open source security reporting

One of the problems with open source vulnerability databases is that each uses its own format to describe vulnerabilities and this makes tracking and sharing of vulnerabilities between databases difficult. To address this and boost security, the Google Open Source Security team, Go team, and the broader open-source community have been developing a simple vulnerability interchange schema for describing vulnerabilities. It's been designed from the beginning for open-source ecosystems, allowing for easier automation and empowering consumers of open-source software to know when they are impacted and make security fixes as soon as possible. Google launched its Open Source Vulnerabilities (OSV)… [Continue Reading]