Skip to content
forked from CVRF/cvrf1.1

Common Vulnerability Reporting Framework (CVRF) version 1.1

Notifications You must be signed in to change notification settings

robincover/cvrf1.1

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

Common Vulnerability Reporting Framework (CVRF)

ICASI Common Vulnerability Reporting Framework (CVRF) is an XML-based language that enables different stakeholders across different organizations to share critical security-related information in a single format, speeding up information exchange and digestion. CVRF is a common and consistent framework for exchanging not just vulnerability information, but any security-related documentation. The current version is CVRF 1.1.

CVRF was created to fill a major gap in vulnerability standardization: the lack of a standard framework for the creation of vulnerability report documentation. Although the computer security community had made significant progress in several other areas, including categorizing and ranking the severity of vulnerabilities in information systems with the widespread adoption of the Common Vulnerabilities and Exposures (CVE) dictionary and the Common Vulnerability Scoring System (CVSS), this lack of standardization was evident in every vulnerability report, best practice document, or security bulletin released by any vendor or coordinator.

CVRF replaces the many nonstandard reporting formats previously in use, thus speeding up information exchange and processing.

http://www.icasi.org/cvrf

New development of CVRF will be tracked and documented at: https://cvrf.github.io/

About

Common Vulnerability Reporting Framework (CVRF) version 1.1

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published