jsch icon indicating copy to clipboard operation
jsch copied to clipboard
verified publisher icon mwiede

Please consider reporting to NVD

Open wisteso opened this issue 1 year ago • 2 comments

When jSch was developed by jCraft, it had entries maintained on NVD. Due to the nature of what jSch, I think this was important to have, as NVD is used as a source of truth that can automatically notify downstream consumers if there is an urgent security vulnerability.

I imagine there may be some annoying red tape in order to get approved for NVD, but the request is still made in any case.

wisteso avatar Dec 18 '24 01:12 wisteso

@wisteso can you guide me how to report to CPE?

mwiede avatar Dec 18 '24 07:12 mwiede

Hi @wisteso,

Do you have any details to help @mwiede out? Otherwise, I'm not sure what outcome you are expecting from opening this issue?

Thanks, Jeremy

norrisjeremy avatar Jan 17 '25 12:01 norrisjeremy