What It Means to Be CVE-Compatible

"CVE-compatible" means that a tool, Web site, database, or service uses CVE names in a way that allows it to cross-link with other repositories that use CVE names. CVE-compatible products and services must meet the four (4) requirements below. Please review the complete set of requirements to fully understand CVE compatibility.

  1. CVE Searchable: A user can search using a CVE name to find related information.
  2. CVE Output: Information is presented which includes the related CVE name(s).
  3. Mapping: The repository owner has provided a mapping relative to a specific version of CVE, and has made a good faith effort to ensure accuracy of that mapping.
  4. Documentation: The organization's standard documentation includes a description of CVE, CVE compatibility, and the details of how its customers can use the CVE-related functionality of its product or service.

See the CVE Compatibility Process or email cve@mitre.org for information on how to register your product(s) or services(s) as CVE-compatible.

Page Last Updated or Reviewed: April 28, 2016