Standardised identifier for publicly known security vulnerabilities (Common Vulnerabilities and Exposures).
CVE (Common Vulnerabilities and Exposures) is a standardised system for identifying and naming publicly known security vulnerabilities. Each CVE entry has a unique identifier (e.g., CVE-2021-44228 for Log4j) and is catalogued in the CVE database maintained by MITRE. CVE identifiers enable consistent communication about vulnerabilities across organisations, tools, and reports. When a CVE is published, security teams can search for affected systems and prioritise remediation.
Why It Matters
The DSC Perspective:
CVE numbers are the common language for vulnerabilities. When security advisories reference CVEs, you can quickly determine if you're affected. Vulnerability scanners report findings using CVE identifiers for consistent tracking.