This is an automated email from the ASF dual-hosted git repository. gaborgsomogyi pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/flink-web.git
commit d1a6a3e43170e80788a9036f18847725a2370d4c Author: Gabor Somogyi <[email protected]> AuthorDate: Wed Jun 10 17:06:28 2026 +0200 Replace OSV/NVD links with ASF Security page for CVE tracking --- docs/content/what-is-flink/security.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/content/what-is-flink/security.md b/docs/content/what-is-flink/security.md index 15050e4db4..838fcc26f2 100644 --- a/docs/content/what-is-flink/security.md +++ b/docs/content/what-is-flink/security.md @@ -91,8 +91,7 @@ The operator runs with cluster-scoped RBAC by default -- apply least-privilege p The Flink project does not maintain its own CVE list. For a complete and up-to-date record of known vulnerabilities, consult the authoritative external databases: -- [OSV](https://osv.dev) -- package-aware, used by Dependabot, Snyk, and osv-scanner -- [NVD](https://nvd.nist.gov) -- NIST's authoritative CVE database +- [Apache Security](https://security.apache.org/projects/flink/) -- ASF-maintained, authoritative record for Apache Flink CVEs ## Reporting a Vulnerability
