Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Does CVE have a procedure for determining how to assign candidate numbers to newly discovered vulnerabilities?

assign candidate CVE determining newly Numbers procedure vulnerabilities
0
Posted

Does CVE have a procedure for determining how to assign candidate numbers to newly discovered vulnerabilities?

0 CommentsAdd a Comment

1 Answer

0

Yes. CVE editorial policies, or “content decisions” (CDs), are the criteria and consistency rules that determine (1) what security issues become CVE candidates for eventual inclusion in the CVE List, and (2) how we distinguish between similar or security related issues. Generally, the CVE approach is to create separate candidates for: • Vulnerabilities of different types • Vulnerabilities of the same type that appear in different versions • Vulnerabilities that appear in different codebases (i.e., “by vendor;” however, this also includes vendors who share the same code such as Linux/Unix vendors) See CVE Editorial Policies for a detailed description and examples of this process.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123