SecPod intends to publish security advisories in an XML format that conforms
to Common Vulnerability Reporting Format (CVRF version 1.1).

What is CVRF?
The Common Vulnerability Reporting Framework is an XML-based standard that
enables sharing of vulnerability information in a machine-readable format.
Originally derived from the Internet Engineering Task Force (IETF) draft Incident
Object Description Exchange Format (IODEF), this format was then developed by
the Industry Consortium for Advancement of Security on the Internet (ICASI).

CVRF Provides Two Key Benefits:
(1) It provides a consistent way to depict security information thus simplifying
the interpretation of the advisories, and
(2) It provides a machine-readable format for the interpretation of security
advisories, thus allowing automation (and integration of the advisories in,
for example, vulnerability scanning tools).

More can be found here:

One of our advisory in CVRF format:
Advantech WebAccess HMI/SCADA Software Persistence Cross-Site Scripting Vulnerability.

Subscribe For Latest Updates

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.

Leave a Reply

Your email address will not be published. Required fields are marked *