What It Means to Be CVE-Compatible (Archived)


NOTICE: The CVE Compatibility Program has been discontinued. The product listings included in this section have been moved to "archive" status.

MOVING FORWARD: Please follow these CVE Compatibility Guidelines to make your product or service "CVE Compatible."


Archived:


"CVE-compatible" means that a tool, website, database, or service uses CVE names in a way that allows it to cross-link with other repositories that use CVE names. CVE-compatible products and services must meet the four (4) requirements below. Please review the complete set of requirements to fully understand CVE compatibility.

CVE Enterprise
Review a CVE enabled process
  1. CVE Searchable: A user can search using a CVE name to find related information.
  2. CVE Output: Information is presented which includes the related CVE name(s).
  3. Mapping: The repository owner has provided a mapping relative to a specific version of CVE, and has made a good faith effort to ensure accuracy of that mapping.
  4. Documentation: The organization's standard documentation includes a description of CVE, CVE compatibility, and the details of how its customers can use the CVE-related functionality of its product or service.

See the CVE Compatibility Process or email cve@mitre.org for information on how to register your product(s) or services(s) as CVE-compatible.

Back to top
Page Last Updated or Reviewed: September 26, 2017