Giters

RConsortium / r-advisory-database

Advisory database for R packages published on cran.r-project.org or bioconductor.org

Home Page:https://osv.dev/list?ecosystem=CRAN&q=

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

bioconductorcranrsecurityvulnerabilities

RConsortium Advisory Database

This is a community owner repository of advisories for packages published on https://cran.r-project.org/ and https://www.bioconductor.org/.

Advisories live in the vulns directory and use a YAML encoding of the OSV format.

Contributing advisories

Making a pull request

Existing entries can be edited by simply creating a pull request.

To introduce a new entry, create a pull request with a new file that has a name matching RSEC-<latest-id.txt + 1>-.yaml.

Increment the file latest-id.txt in your pull request.

Triage process

Vulnerabilities should be pulled from a source like Github or the NVD CVE feeds. These will be properly vetted, and approved.

About

Advisory database for R packages published on cran.r-project.org or bioconductor.org

https://osv.dev/list?ecosystem=CRAN&q=

bioconductorcranrsecurityvulnerabilities

License:Apache License 2.0