Use CVD Tools to Manage Vulnerability Reports
tip
This check is currently under development and not yet implemented. Click here to learn how you can help.
Use Case
- Incubating: expected
- Active: expected
- Retiring: expected
Description
Project Leverages a CVD Tool to Privately Receive/Manage External Vulnerability Reports (eg: H1/GH PVR)
Details
- C-SCRM: false
- Priority Group: P7
- Sources: OpenSSF Best Practices Badge Passing Level [vulnerability_report_private]
- How To: Github Docs