Skip to content

This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)

License

Notifications You must be signed in to change notification settings

psf/advisory-database

Python Software Foundation Advisory Database

This is a repository of vulnerability advisories for projects in scope for the prospective Python Software Foundation CVE Numbering Authority (CNA). Advisories are also published to the security-announce@python.org mailing list.

You can find all advisories in the advisories/ directory. Sub-directories under advisories/ denote the affected product (ie python). Advisories are published in the OSV Format.

Historical advisories have been converted into the OSV format for easier consumption by automated tools. CVE IDs and metadata for historical advisories are sourced from vstinner/python-security.

Contributing

Advisories in OSV format are generated from published CVE records. Updating an advisory requires updating the upstream CVE record so must be done by either creating an issue on GitHub or contacting the CNA operators at cna@python.org. Pull requests updating advisories sourced from CVEs will be closed.

About

This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Contributors 4

  •  
  •  
  •  
  •  

Languages