Perhaps we should look at if a similar, distributed model for vulnerability data would work more broadly for CVEs?
16.04.2025 03:54
๐ 0
๐ 0
๐ฌ 0
๐ 0
Perhaps we should look at if a similar, distributed model for vulnerability data would work more broadly for CVEs?
This is rather disappointing. Luckily the bulk of OSV.dev isn't directly impacted. We have a distributed database model where OSV feeds are directly pulled from upstream sources directly like GitHub, Canonical, PSF and others without requiring a centralized authority to be in the middle.