Common Vulnerabilities and Exposures

Logo

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures.[1] The United States' National Cybersecurity FFRDC, operated by The MITRE Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security.[2] The system was officially launched for the public in September 1999.[3]

The Security Content Automation Protocol uses CVE, and CVE IDs are listed on Mitre's system as well as in the US National Vulnerability Database.[4]

  1. ^ Wu, Xiaoxue; Zheng, Wei; Chen, Xiang; Wang, Fang; Mu, Dejun (2020). "CVE-assisted large-scale security bug report dataset construction method". Journal of Systems and Software. 160: 110456. doi:10.1016/j.jss.2019.110456. S2CID 209056007.
  2. ^ "CVE – Common Vulnerabilities and Exposures". Mitre Corporation. 3 July 2007. Retrieved 18 June 2009. CVE is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.
  3. ^ "CVE - History". cve.mitre.org. Retrieved 25 March 2020.
  4. ^ "CVE - Common Vulnerabilities and Exposures (CVE)". cve.mitre.org. Archived from the original on 7 April 2013. Retrieved 8 April 2013.