CVE® International in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures.
CVE’s common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.
Technical Guidance and Test Data for the New CVE-ID Syntax
Technical Guidance for Handling the New CVE-ID Syntax is now available on the CVE Web site. As of January 1, 2014, the format for CVE-IDs changed from 4 fixed digits to arbitrary digits in CVE-IDs.
This new resource on the CVE Web site provides technical guidance and test data for developers and consumers for tools, web sites, and other capabilities that use CVE Identifiers (CVE-IDs), including the following: considerations for input and output formats, considerations for extraction or parsing, extraction and conversion methods for CVE-IDs, an example conversion algorithm for incoming IDs, and CVE-ID Test Data for Implementers available for download in a ZIP file.
Feedback about this guidance, and/or the test data, is welcome at firstname.lastname@example.org.