Merge pull request #338 from sboldyreva/python-vex

sboldyreva · web-flow · commit 627e4538a14b · 2025-12-12T20:25:56.000+01:00
Python libs: add vex info
diff --git a/docs/els-for-libraries/celery/README.md b/docs/els-for-libraries/celery/README.md
@@ -100,6 +100,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for Celery ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/celery/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/celery/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Celery from TuxCare versions:
diff --git a/docs/els-for-libraries/django/README.md b/docs/els-for-libraries/django/README.md
@@ -100,6 +100,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.   
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for Django ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/django/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/django/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Django from TuxCare versions:
diff --git a/docs/els-for-libraries/fastapi/README.md b/docs/els-for-libraries/fastapi/README.md
@@ -100,6 +100,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for FastAPI ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/fastapi/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/fastapi/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for FastAPI from TuxCare versions:
diff --git a/docs/els-for-libraries/flask/README.md b/docs/els-for-libraries/flask/README.md
@@ -100,6 +100,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for Flask ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/flask/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/flask/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Flask from TuxCare versions:
diff --git a/docs/els-for-libraries/numpy/README.md b/docs/els-for-libraries/numpy/README.md
@@ -100,6 +100,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for NumPy ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/numpy/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/numpy/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for NumPy from TuxCare versions:
diff --git a/docs/els-for-libraries/python-libraries/README.md b/docs/els-for-libraries/python-libraries/README.md
@@ -141,6 +141,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for Python Libraries ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Python Libraries from TuxCare versions:
diff --git a/docs/els-for-libraries/starlette/README.md b/docs/els-for-libraries/starlette/README.md
@@ -100,6 +100,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for Starlette ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/starlette/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/starlette/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Starlette from TuxCare versions:
diff --git a/docs/els-for-libraries/werkzeug/README.md b/docs/els-for-libraries/werkzeug/README.md
@@ -100,6 +100,12 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
 To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
 
+## Vulnerability Exploitability eXchange (VEX) 
+
+VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.
+
+TuxCare provides VEX for Werkzeug ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_python/werkzeug/](https://security.tuxcare.com/vex/cyclonedx/els_lang_python/werkzeug/).
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Werkzeug from TuxCare versions:
