Skip to content
/ r-advisory-database Public

Advisory database for R packages published on cran.r-project.org or bioconductor.org

osv.dev/list?ecosystem=cran&q=

License

Apache-2.0 license
11 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RConsortium/r-advisory-database

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.github
.github
 
 
triage
triage
 
 
vulns
vulns
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
latest-id.txt
latest-id.txt
 
 

Repository files navigation

RConsortium Advisory Database

This is a community owner repository of advisories for packages published on https://cran.r-project.org/ and https://www.bioconductor.org/.

Advisories live in the vulns directory and use a YAML encoding of the OSV format.

Contributing advisories

Making a pull request

Existing entries can be edited by simply creating a pull request.

To introduce a new entry, create a pull request with a new file that has a name matching RSEC-<latest-id.txt + 1>-.yaml.

Increment the file latest-id.txt in your pull request.

Triage process

Vulnerabilities should be pulled from a source like Github or the NVD CVE feeds. These will be properly vetted, and approved.

About

Advisory database for R packages published on cran.r-project.org or bioconductor.org

osv.dev/list?ecosystem=CRAN&q=

Topics

security cran r bioconductor vulnerabilities

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

11 stars

Watchers

6 watching

Forks

4 forks
Report repository

Contributors 3

  •  
  •  
  •