Home > Security > Cve

Common Vulnerabilities and Exposures

The Common Vulnerabilities and Exposures project (CVE), which is maintained by the MITRE Corporation, is a list of standardized names for security vulnerabilities and exposures. This list is important because it helps reduce confusion regarding new and old vulnerabilties as it is vendor neutral. This allows users to spend more time dealing with security because it is already cross-referenced, instead of spending their time researching and investigating vulnerabilities.

Mandriva has been including CVE names in advisories since December 2001 as we've been aware of them, and as of February 2003 is committed to providing CVE names in each and every advisory. The CVE names are included in email advisories and web advisories. In February 2003, a search system has been implemented to allow users to search by CVE name (ie. "CVE-2002-1398").

Some users may notice that a CVE name is referenced but upon referring to that name on the CVE website, see that the name does not exist. This normally happens with non-public vulnerabilities and may take a few days to appear on the CVE website.

For more information on CVE, please visit the CVE website (http://cve.mitre.org/).

Please note that we are performing an audit of old advisories and will include CVE references where they have been missed.