Jump to content
  • 1

CVE tracking of cybersecurity vulnerabilities of the packages we install via VIPM


Marco Pignati

Question

Hello, in other programming languages there are ways to track vulnerabilities of the packages that are used in one's source code. This is done via CVE lists.

Also in the case of LabVIEW, for example, cybersecurity vulnerabilities are published in such CVE lists, so that users can get notified and decide to patch it or not.

What we miss, in my opinion, is a similar tool for all the packages we install via VIPM. If those packages, as of today, are affected by a vulnerabilities, there is no way to know (in my knowledge).

It would be useful if, for the packages accessible via VIPM, such a CVE list is generated and maintained. Any user, would then track the packages he has installed and patch them when a soon as a fix is released.

Link to comment
Share on other sites

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.