A new tool empowers users to proactively identify and mitigate risks in their projects or those they rely on.

The New Stack is a publication covering trends and technologies in cloud-native development, DevOps, and software delivery. Developers can learn about containerization, Kubernetes, and cloud computing, as well as explore topics such as microservices architecture, serverless computing, and continuous integration/continuous delivery (CI/CD) pipelines.

The New Stack

Security researchers have uncovered a critical gap in the public disclosure of vulnerabilities within open source projects. To address this issue, they developed the CVE Half-Day Watcher tool, which tracks instances of vulnerabilities and aims to minimize early exposure. The tool scans the National Vulnerabilities Database (NVD) and examines GitHub activities to identify and mitigate risks.

CVE Half-Day Watcher Closes Vulnerability Disclosure Gap

The Challenge of Early Disclosure in Open Source Projects

Analysis of Log4Shell (CVE-2021-44228) Disclosure Process