Y
Hacker News
new
|
ask
|
show
|
jobs
by
Ygg2
340 days ago
If you fork a dependency and change features, the CVE information on original depenency is now no longer valid for your code. Your additions or removals can induce new CVEs, or render CVE for original lib a moot point.