Details

    • Sub-task
    • Resolution: Done
    • Neutral
    • None
    • None
    • None
    • None

    Description

      Add an optional CVE field that can be defined on security issues. How should it work, though? Sometimes, the same CVE has multiple IDs. Sometimes, a library is affected by multiple CVEs. Sometimes CVEs are false positives or require extra commentary.

      Also, at which point of the process do we assign CVEs to issues? Who is responsible for this, who are the fallbacks?

      Attachments

        Activity

          People

            fgrilli Federico Grilli
            mmichel Maxime Michel
            Foundation
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: