Skip to content
GitHub Fork of cvelist. For use in GitHub's CVE Submission process.
Branch: master
Clone or download
Pull request Compare This branch is 153 commits behind CVEProject:master.
cve-team Auto-merge PR#2861
Auto-merge PR#2861
Latest commit 1d2a67d Nov 29, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009 "-Synchronized-Data." Nov 25, 2019
2010
2011 "-Synchronized-Data." Nov 27, 2019
2012
2013
2014
2015 "-Synchronized-Data." Nov 28, 2019
2016
2017
2018
2019 Auto-merge PR#2861 Nov 29, 2019
2020/1xxx
CODEOWNERS Added reviewers file Nov 13, 2017
CONTRIBUTING.md
README.md

README.md

CVE Automation Working Group Git Pilot

The CVE Automation Working Group is piloting use of git to share information about public vulnerabilities. The goal is to learn not only what features are necessary to support the "plumbing" of sending and receiving the data, but also which attributes and metadata are needed in the CVE format to support automation.

See How to Contribute for details on participating in this pilot.

This repository holds information included in the CVE List formatted using the CVE JSON format.

Use of the CVE information in this repository is subject to the CVE Terms of Use.

Overview of the Repository

Information about each CVE id is stored as a unique file in the repo in a subdirectory based on the year as well as the numeric portion of the id, truncated by 1,000. Thus, 2017/3xxx is for CVE-2017-3000 - CVE-2017-3999, and 2017/1002xxx is for CVE-2017-1002000 - CVE-2017-1002999.

The CVE Team updates these files automatically every hour using information from the CVE List, provided there have been changes. The synchronization job kicks off at the top of the hour and should complete within 5 minutes.

For ids that have been populated, the files contain the description and references that appear in the CVE List. They may also contain information about the affected product(s) and problem type(s), which CNAs have been supplying when making assignments during the past year but which is not included in the CVE List. And going forward, it is hoped that they will contain a richer collection of information about the vulnerability, as supported by the full CVE JSON schema.

Contact

Direct questions, comments, or concerns about use of this repo to the CVE Team using the CVE Request web form.

You can’t perform that action at this time.