Skip to main content

Common Vulnerability Enumeration (CVE)

A Common Vulnerability Enumeration, or CVE, is a security flaw that has been discovered in an open source software package. We can think of CVEs like report cards for problems identified in computer programs.

With this in mind, let's look at what elements make up a CVE:

  1. CVE ID: A unique identifier for the CVE
  2. Description: A description of what the problem is and why
  3. Impact: An explanation of how bad the problem potentially is
  4. Severity Score (CVSS): A number that tells us how serious the problem is
  5. Reference: Links or notes with additional information about the problem