|
|
|
New CVE-ID Format as of January 1, 2014 — learn more |
|
|
1 Product from Altex-Soft Now Registered as Officially "CVE-Compatible" CVE-IDs Included in Annual "Secunia Vulnerability Review 2014" CVE Mentioned in Article about Vulnerability Statistics on NetworkWorld.com CVE Mentioned in Article about Secure Software Development on GCN.com Proximis Makes Declaration of CVE Compatibility 1 Product from NSFOCUS Now Registered as Officially "CVE-Compatible" Codenomicon Makes Declaration of CVE Compatibility Technical Guidance for Handling the New CVE-ID Syntax Now Available |
||||||
|
CVE® International in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures. CVE’s common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.
Focus On
Technical Guidance and Test Data for the New CVE-ID Syntax
Technical Guidance for Handling the New CVE-ID Syntax is now available on the CVE Web site. As of January 1, 2014, the format for CVE-IDs changed from 4 fixed digits to arbitrary digits in CVE-IDs. This new resource on the CVE Web site provides technical guidance and test data for developers and consumers for tools, web sites, and other capabilities that use CVE Identifiers (CVE-IDs), including the following: considerations for input and output formats, considerations for extraction or parsing, extraction and conversion methods for CVE-IDs, an example conversion algorithm for incoming IDs, and CVE-ID Test Data for Implementers available for download in a ZIP file. Feedback about this guidance, and/or the test data, is welcome at cve-id-change@mitre.org. |
||||||
