Open source has always been paradoxical: it’s software developed by passionate developers and given away for free, yet it’s monetized and funded by some of the largest companies in the world. An underdog, once called “a cancer,” and yet it’s the single largest driver of innovation and technological progress we have ever seen. In the world of open source, paradox will always exist, but nowhere more so than in the understanding of security vulnerabilities.Twenty-five years ago, the Common Vulnerabilities and Exposures (CVE) program was established to standardize the naming and tracking of softw
This article has been indexed from Red Hat Security