this post was submitted on 18 Apr 2025
342 points (99.7% liked)

Technology

69098 readers
3105 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
342
CVE fallout: The splintering of the standard vulnerability tracking system has begun (go.theregister.com)
submitted 4 days ago by Tea@programming.dev to c/technology@lemmy.world
24 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] JohnEdwa@sopuli.xyz 10 points 2 days ago* (last edited 2 days ago)

Why does it have that braindead URL?

euvd.enisa.europa.eu -> European Union Vulnerability Database, run by the European Union Agency for Cybersecurity (from the previous name, European Network and Information Security Agency ENISA), hosted on the official website of the european union, europa.eu.

And why, for the love of god, does it have a separate numbering scheme?!

Because they want the ability to reference other vulnerability sources - like JVN - and not just CVE:

The EUVD service builds upon the CVE system and vulnerabilities in the scope of the CVE numbering service receive a CVE. In addition, the EUVD data aggregates and enriches the vulnerability information and lists an EUVD ID on top of the CVE when new vulnerability entries are created. To allow further cross referencing, the CVE identifier and additional vulnerability identifiers are listed when available. -https://euvd.enisa.europa.eu/faq

And because, you know, standards.