NVD - News

<!DOCTYPE html> <html lang="en"> <head><script type="text/javascript" src="/_static/js/bundle-playback.js?v=HxkREWBo" charset="utf-8"></script> <script type="text/javascript" src="/_static/js/wombat.js?v=txqj7nKC" charset="utf-8"></script> <script>window.RufflePlayer=window.RufflePlayer||{};window.RufflePlayer.config={"autoplay":"on","unmuteOverlay":"hidden"};</script> <script type="text/javascript" src="/_static/js/ruffle/ruffle.js"></script> <script type="text/javascript"> __wm.init("https://web.archive.org/web"); __wm.wombat("https://nvd.nist.gov/general/news","20231005173120","https://web.archive.org/","web","/_static/", "1696527080"); </script> <link rel="stylesheet" type="text/css" href="/_static/css/banner-styles.css?v=S1zqJCYt" /> <link rel="stylesheet" type="text/css" href="/_static/css/iconochive.css?v=3PDvdIFv" />  <title>NVD - News</title> <meta http-equiv="content-type" content="text/html; charset=UTF-8"/> <meta http-equiv="content-style-type" content="text/css"/> <meta http-equiv="content-script-type" content="text/javascript"/> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-scripts/font-awesome/css/font-awesome.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-media/bootstrap/css/bootstrap.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-media/bootstrap/css/bootstrap-theme.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-scripts/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css" type="text/css" rel="stylesheet"/> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-media/css/nist-fonts.css" type="text/css" rel="stylesheet"/> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-media/css/base-style.css" type="text/css" rel="stylesheet"/> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-media/css/media-resize.css" type="text/css" rel="stylesheet"/> <meta name="theme-color" content="#000000"> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-scripts/jquery/dist/jquery.min.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-scripts/jquery-visible/jquery.visible.min.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-scripts/underscore/underscore-min.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-media/bootstrap/js/bootstrap.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-scripts/moment/min/moment.min.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-scripts/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-media/js/megamenu.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-media/js/nist-exit-script.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-media/js/forms.js" type="text/javascript"></script> <script src="/web/20231005173120js_/https://nvd.nist.gov/site-media/js/federated-analytics.all.min.js?agency=NIST&subagency=nvd&pua=UA-37115410-41&yt=true" type="text/javascript" id="_fed_an_js_tag"></script>  <script async src="https://web.archive.org/web/20231005173120js_/https://www.googletagmanager.com/gtag/js?id=G-4KKFZP12LQ"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-4KKFZP12LQ'); </script> <style id="antiClickjack"> body>* { display: none !important; } #antiClickjack { display: block !important; } </style> <noscript> <style id="antiClickjackNoScript"> body>* { display: block !important; } #antiClickjack { display: none !important; } </style> </noscript> <script type="text/javascript" id="antiClickjackScript"> if (self === top) { // no clickjacking var antiClickjack = document.getElementById("antiClickjack"); antiClickjack.parentNode.removeChild(antiClickjack); } else { setTimeout(tryForward(), 5000); } function tryForward() { top.location = self.location; } </script> <meta charset="UTF-8"> <link href="/web/20231005173120cs_/https://nvd.nist.gov/site-media/css/nvd-style.css" type="text/css" rel="stylesheet"/> <link href="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/favicons/apple-touch-icon.png" rel="apple-touch-icon" type="image/png" sizes="180x180"/> <link href="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/favicons/favicon-32x32.png" rel="icon" type="image/png" sizes="32x32"/> <link href="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/favicons/favicon-16x16.png" rel="icon" type="image/png" sizes="16x16"/> <link href="/web/20231005173120/https://nvd.nist.gov/site-media/images/favicons/manifest.json" rel="manifest"/> <link href="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/favicons/safari-pinned-tab.svg" rel="mask-icon" color="#000000"/> <link href="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="shortcut icon"/> <meta name="msapplication-config" content="/site-media/images/favicons/browserconfig.xml"/> <link href="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="shortcut icon" type="image/x-icon"/> <link href="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/favicons/favicon.ico" rel="icon" type="image/x-icon"/> <meta charset="UTF-8"> </head> <body> <header role="banner" title="Site Banner"> <div id="antiClickjack" style="display: none"> <h1>You are viewing this page in an unauthorized frame window.</h1> <p> This is a potential security issue, you are being redirected to <a href="https://web.archive.org/web/20231005173120/https://nvd.nist.gov/">https://nvd.nist.gov</a> </p> </div> <div> <section class="usa-banner" aria-label="Official government website"> <div class="usa-accordion container"> <header class="usa-banner__header"> <noscript> <p style="font-size: 0.85rem; font-weight: bold;">You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.</p> </noscript> <img class="usa-banner__header-flag" src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/usbanner/us_flag_small.png" alt="U.S. flag">   <span class="usa-banner__header-text">An official website of the United States government</span> <button id="gov-banner-button" class="usa-accordion__button usa-banner__button" data-toggle="collapse" data-target="#gov-banner" aria-expanded="false" aria-controls="gov-banner"> <span class="usa-banner__button-text">Here's how you know</span> </button> </header> <div class="usa-banner__content usa-accordion__content collapse" role="tabpanel" id="gov-banner" aria-expanded="true"> <div class="row"> <div class="col-md-5 col-sm-12"> <div class="row"> <div class="col-sm-2 col-xs-3"> <img class="usa-banner__icon usa-media-block__img" src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/usbanner/icon-dot-gov.svg" alt="Dot gov"> </div> <div class="col-sm-10 col-xs-9"> <p> <strong>Official websites use .gov</strong> <br> A <strong>.gov</strong> website belongs to an official government organization in the United States. </p> </div> </div> </div> <div class="col-md-5 col-sm-12"> <div class="row"> <div class="col-sm-2 col-xs-3"> <img class="usa-banner__icon usa-media-block__img" src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/usbanner/icon-https.svg" alt="Https"> </div> <div class="col-sm-10 col-xs-9"> <p> <strong>Secure .gov websites use HTTPS</strong> <br> A <strong>lock</strong> (<img class="usa-banner__lock" src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/usbanner/lock.svg" alt="Dot gov">) or <strong>https://</strong> means you've safely connected to the .gov website. Share sensitive information only on official, secure websites. </p> </div> </div> </div> </div> </div> </div> </section> </div> <div> <div> <nav id="navbar" class="navbar"> <div id="nist-menu-container" class="container"> <div class="row">  <div class="col-xs-6 col-md-4 navbar-header" style="height:104px"> <a class="navbar-brand" href="https://web.archive.org/web/20231005173120/https://www.nist.gov/" target="_blank" id="navbar-brand-image" style="padding-top: 36px"> <img alt="National Institute of Standards and Technology" src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.svg" width="110" height="30"> </a> </div> <div class="col-xs-6 col-md-8 navbar-nist-logo"> <span id="nvd-menu-button" class="pull-right" style="margin-top: 26px"> <a href="#"> <span class="fa fa-bars"></span> <span id="nvd-menu-full-text"><span class="hidden-xxs">NVD </span>MENU</span> </a> </span> </div> </div> </div> <div class="main-menu-row container">  <div id="main-menu-drop" class="col-lg-12" style="display: none;"> <ul> <li><a href="/web/20231005173120/https://nvd.nist.gov/general"> General <span class="expander fa fa-plus" id="nvd-header-menu-general" data-expander-name="general" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="general"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/general/nvd-dashboard">NVD Dashboard</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/general/news">News</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/general/email-list">Email List</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/general/faq">FAQ</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/general/visualizations">Visualizations</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/general/legal-disclaimer">Legal Disclaimer</a> </p> </div> </div> </div></li> <li><a href="/web/20231005173120/https://nvd.nist.gov/vuln"> Vulnerabilities <span class="expander fa fa-plus" id="nvd-header-menu-vulnerabilities" data-expander-name="vulnerabilities" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="vulnerabilities"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln/search">Search & Statistics</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln/full-listing">Full Listing</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln/categories">Weakness Types</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln/data-feeds">Legacy Data Feeds</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln/vendor-comments">Vendor Comments</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln/cvmap">CVMAP</a> </p> </div> </div> </div></li> <li><a href="/web/20231005173120/https://nvd.nist.gov/vuln-metrics/cvss"> Vulnerability Metrics <span class="expander fa fa-plus" id="nvd-header-menu-metrics" data-expander-name="metrics" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="metrics"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator">CVSS V3 Calculator</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator">CVSS V2 Calculator</a> </p> </div> <div class="col-lg-4"></div> </div> </div></li> <li><a href="/web/20231005173120/https://nvd.nist.gov/products"> Products <span class="expander fa fa-plus" id="nvd-header-menu-products" data-expander-name="products" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="products"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/products/cpe">CPE Dictionary</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/products/cpe/search">CPE Search</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/products/cpe/statistics">CPE Statistics</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/products/swid">SWID</a> </p> </div> <div class="col-lg-4"></div> </div> </div></li> <li> <a href="/web/20231005173120/https://nvd.nist.gov/developers">Developers<span class="expander fa fa-plus" id="nvd-header-menu-developers" data-expander-name="developers" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="developers"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/developers/start-here">Start Here</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/developers/request-an-api-key">Request an API Key</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/developers/vulnerabilities">Vulnerabilities</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/developers/products">Products</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/developers/data-sources">Data Sources</a> </p> <p> <a href="/web/20231005173120/https://nvd.nist.gov/developers/terms-of-use">Terms of Use</a> </p> </div> </div> </div> </li> <li><a href="/web/20231005173120/https://nvd.nist.gov/info"> Contact NVD </a></li> <li><a href="/web/20231005173120/https://nvd.nist.gov/other"> Other Sites <span class="expander fa fa-plus" id="nvd-header-menu-othersites" data-expander-name="otherSites" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="otherSites"> <div class="row"> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20231005173120/https://ncp.nist.gov/">Checklist (NCP) Repository</a> </p> <p> <a href="https://web.archive.org/web/20231005173120/https://ncp.nist.gov/cce">Configurations (CCE)</a> </p> <p> <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search">800-53 Controls</a> </p> </div> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/scap-validation-program">SCAP Validated Tools</a> </p> <p> <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/security-content-automation-protocol">SCAP</a> </p> </div> <div class="col-lg-4"> <p> <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/united-states-government-configuration-baseline">USGCB</a> </p> </div> </div> </div></li> <li><a href="/web/20231005173120/https://nvd.nist.gov/search"> Search <span class="expander fa fa-plus" id="nvd-header-menu-search" data-expander-name="search" data-expanded="false"> <span class="element-invisible">Expand or Collapse</span> </span> </a> <div style="display: none;" class="sub-menu" data-expander-trigger="search"> <div class="row"> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/vuln/search">Vulnerability Search</a> </p> </div> <div class="col-lg-4"> <p> <a href="/web/20231005173120/https://nvd.nist.gov/products/cpe/search">CPE Search</a> </p> </div> </div> </div></li> </ul> </div>  </div> </nav> <section id="itl-header" class="has-menu"> <div class="container"> <div class="row"> <div class="col-sm-12 col-md-8"> <h2 class="hidden-xs hidden-sm"> <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/itl" target="_blank">Information Technology Laboratory</a> </h2> <h1 class="hidden-xs hidden-sm"> <a id="nvd-header-link" href="/web/20231005173120/https://nvd.nist.gov/">National Vulnerability Database</a> </h1> <h1 class="hidden-xs text-center hidden-md hidden-lg">National Vulnerability Database</h1> <h1 class="hidden-sm hidden-md hidden-lg text-center">NVD</h1> </div> <div class="col-sm-12 col-md-4"> <a style="width: 100%; text-align: center; display: block;padding-top: 14px"> <img id="img-logo-nvd-lg" alt="National Vulnerability Database" src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/F_NIST-Logo-NVD-white.svg" width="500" height="100"> </a> </div> </div> </div> </section> </div> </div> </header> <main> <div> <div id="body-section" class="container"> <div class="row"> <ol class="breadcrumb"> <li><a href="/web/20231005173120/https://nvd.nist.gov/general" class="CMSBreadCrumbsLink">General</a></li> </ol> </div> <div> <h2>News</h2> <span class="lead">Find all the NVD-related news right here.</span> <div id="NVD_NEWS"> <table class="table table-striped"> <tbody> <tr> <th> <span>January 17, 2023</span> </th> <td>The 2.0 APIs have exited the open beta period, deprecating the 1.0 APIs. Deprecated APIs do not receive updates or product support. For more information on this release and to learn about upcoming changes please see <a href="/web/20231005173120/https://nvd.nist.gov/general/news/change-timeline">the change timeline</a>. For more information on how to transition existing processes to the new APIs please see the <a href="/web/20231005173120/https://nvd.nist.gov/general/news/api-20-announcements">transition guide</a>.</td> </tr> <tr> <th>September 21, 2022</th> <td>The NVD has released updated versions of its API in an open beta. The open beta is scheduled to run until January 2023, at which point the updated APIs will enter regular production and the 1.0 APIs will be marked deprecated. For more information on this release and to learn about other changes the NVD has planned over the next 24 months please see <a href="/web/20231005173120/https://nvd.nist.gov/general/news/change-timeline">the change timeline</a>. For more information on how to transition existing processes to the new APIs please see the <a href="/web/20231005173120/https://nvd.nist.gov/general/news/api-20-announcements">transition guide</a>.</td> </tr> <tr> <th>July 13, 2022</th> <td>In late 2022 the NVD will release updated versions of its APIs. Approximately 12 months after this release the NVD will retire the current version of its APIs. Approximately 6 months after the release of the new APIs the NVD will retire all RSS feeds. Approximately 12 months after the release of the new APIs the NVD will also retire all remaining data feeds. For more information see the <a href="/web/20231005173120/https://nvd.nist.gov/general/news/changes-to-feeds-and-apis">API and Data Feeds announcement.</a></td> </tr> <tr> <th>July 13, 2022</th> <td>The NVD has added information to its CVE detail pages to identify vulnerabilities appearing in CISA's Known Exploited Vulnerabilities Catalog. Information on exploited vulnerabilities and the affected products will also become available to developers when the NVD releases new APIs in late 2022. Questions about the Known Exploited Vulnerabilities Catalog <a href="https://web.archive.org/web/20231005173120/https://www.cisa.gov/contact-us">should be directed to CISA</a>. Questions about the CVE may be <a href="/web/20231005173120/https://nvd.nist.gov/info/contact-form">directed to the NVD</a>. </td> </tr> <tr> <th>July 13, 2022</th> <td>As of July 13th, 2022, the NVD will no longer generate Vector Strings, Qualitative Severity Ratings, or Severity Scores for CVSS v2. Existing CVSS v2 information will remain in the database though it is no longer required for new CVEs. For more information see the <a href="/web/20231005173120/https://nvd.nist.gov/general/news/retire-cvss-v2">CVSS v2 announcement</a>.</td> </tr> <tr> <th>July 13, 2022</th> <td>To aid users with research and reference materials, the NVD has acquired a Distinct Object Identifier (DOI). DOI are persistent, unique identifiers typically used with scholarly articles, books, data sets, and other publications. For information on how to the cite the NVD, including the database's DOI, machine-readable repository metadata, and NIST's Fair Use Statement, please consult <a href="https://web.archive.org/web/20231005173120/https://data.nist.gov/od/id/1E0F15DAAEFB84E4E0531A5706813DD8436">NIST's Public Data Repository</a>. </td> </tr> <tr> <th>October 21, 2021</th> <td>NVD API users may obtain an API key that can be included as a URL parameter in API requests. Users who include an API key will see no change in service and may continue to make requests at the current rate. In six months, users making requests without a key will see a reduction in the number of requests they can make each minute. For more information see the <a href="/web/20231005173120/https://nvd.nist.gov/general/news/API-Key-Announcement">API Key announcement</a>.</td> </tr> <tr> <th>August 5, 2021</th> <td>Beginning in October of 2021 both the Vuln and CPE APIs will limit date ranges to 120 days total. In addition, while the date ranges will continue to be an optional parameter for both APIs, it will now be required that both begin and end dates are supplied when in use. Impacts are as follows: <table class="table table-borderless"> <tbody><tr> <td rowspan="2">Vuln API</td> <td>modStartDate<br>modEndDate</td> <td>Both values will now be required when used. Maximum date ranges between dates cannot exceed 120 days.</td> </tr> <tr><td>pubStartDate<br>pubEndDate</td> <td>Both values will now be required when used. Maximum date ranges between dates cannot exceed 120 days.</td> </tr> <tr> <td>CPE API</td> <td>modStartDate<br>modEndDate</td> <td>Both values will now be required when used. Maximum date ranges between dates cannot exceed 120 days.</td> </tr> </tbody></table></td> </tr> <tr> <th>July 2, 2021</th> <td>To satisfy the different needs of the NVD Vuln API user base, the parameter cpeName has been added as an alternative to the current cpeMatchString parameter. Use the cpeName parameter when the CPE URI is known and retrieval of all CVEs attached to that CPE are desired. Use cpeMatchString for a broader search to find CVEs attached to multiple CPEs that match the CPE match string criteria.</td> </tr> <tr> <th>June 23, 2021</th> <td>The National Checklist program content has been moved to <a href="https://web.archive.org/web/20231005173120/https://ncp.nist.gov/">https://ncp.nist.gov</a>. This site contains all of the checklist content found at <a href="https://web.archive.org/web/20231005173120/https://checklists.nist.gov/">https://checklists.nist.gov</a> as well as the CCE information formerly found within the NVD. This move will allow the expansion of the NCP's capabilities with an additional focus on the mappings of checklist to controls through the use of CCEs.</td> </tr> <tr> <th>June 30, 2020</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/NVD-Release-of-CVMAP">NVD release of the Collaborative Vulnerability Metadata Acceptance Process (CVMAP)</a></td> </tr> <tr> <th>February 10, 2020</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/New-NVD-CVE-CPE-API-and-SOAP-Retirement">New NVD CVE/CPE API and Legacy SOAP Service Retirement</a></td> </tr> <tr> <th>January 1, 2020</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/2019-in-Review">2019 in Review</a></td> </tr> <tr> <th>November 7, 2019</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/Assigner-CVSS-CWE-Support">CVSS/CWE from CVE List now Supported!</a></td> </tr> <tr> <th>October 16, 2019</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/XML-Vulnerability-Feed-Retirement-Phase-3">Implemented XML Vulnerability Feed Retirement Phase 3</a></td> </tr> <tr> <th>September 9, 2019</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/NVD-CWE-Slice-Update-2019">NVD CWE Slice Updated!</a><br>CVSS v3.1 Official Support!<br> JSON 1.1 Vulnerability Feed Released!</td> </tr> <tr> <th>August 8, 2019</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/JSON-1-1-Vulnerability-Feed-Release">JSON 1.1 Feed</a> and <a href="/web/20231005173120/https://nvd.nist.gov/general/News/CVSS-v3-1-Official-Support">CVSS v3.1 Support</a> announcements</td> </tr> <tr> <th>July 22, 2019</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/CPE-Match-Feed-1-0-Release">CPE Match Feed Released!</a></td> </tr> <tr> <th>July 22, 2019</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/XML-Vulnerability-Feed-Retirement-Phase-2">Implemented XML Vulnerability Feed Retirement Phase 2</a></td> </tr> <tr> <th>April 3, 2019</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/XML-Vulnerability-Feed-Retirement">Updated XML Vulnerability Feeds Retirement Timeline Update</a></td> </tr> <tr> <th>October 30, 2018</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/general/News/JSON-Feed-1-0-Release">JSON 1.0 Data Feed Released!</a></td> </tr> <tr> <th>July 10, 2017</th> <td>Scheduled maintenance of a large number of vulnerability reference links will appear in the NVD Modified data feeds. This will result in larger than average Modified Feed files. These changes will be staggered in batches with 8 day intervals to avoid extreme impact to downstream consumers of our data. Read more at the <a href="https://web.archive.org/web/20231005173120/https://cve.mitre.org/news/archives/2017/news.html#July032017_IMPORTANT:_CVE_Identifier_CVE_ID_Reference_Updates_Begin_July_10_2017"> MITRE announcement.</a></td> </tr> <tr> <th>July 5, 2017</th> <td>Revised <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/schema/nvd/feed/0.1/nvd_cve_feed_json_0.1_beta.schema" target="_blank">BETA JSON vulnerability feed schema</a> and <a href="/web/20231005173120/https://nvd.nist.gov/vuln/data-feeds#JSON_FEED">BETA JSON feeds</a> based on public comments and feedback.</td> </tr> <tr> <th>July 1, 2017</th> <td>2017 year-to-date number of vulnerabilities analyzed surpassed 2016 total, see the <a href="/web/20231005173120/https://nvd.nist.gov/general/nvd-dashboard">NVD Dashboard</a> page for more information.</td> </tr> <tr> <th>April 20, 2017</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/vuln/data-feeds#JSON_FEED">BETA JSON Vulnerability Feeds Now Available</a></td> </tr> <tr> <th>March 27, 2017</th> <td>NVD website update goes live</td> </tr> <tr> <th>September 30, 2016</th> <td>Vulntology <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/csrc/media/publications/nistir/8138/draft/documents/nistir_8138_draft.pdf">(NISTIR 8138) </a> draft 1 released</td> </tr> <tr> <th>July 5, 2016</th> <td><a href="/web/20231005173120/https://nvd.nist.gov/vuln/categories">NVD CWE</a> slice broadened</td> </tr> <tr> <th>June 23, 2016</th> <td>TLS 1.0 disabled on NVD webservers per M-15-13</td> </tr> <tr> <th>February 2, 2016</th> <td>CVSS v3.0 calculator released</td> </tr> <tr> <th>December 20, 2015</th> <td>NVD begins scoring with CVSS v3.0</td> </tr> <tr> <th>September 9, 2015</th> <td><a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/Events/2015/2015-Cybersecurity-Innovation-Forum">2015 Cybersecurity Innovation Forum</a></td> </tr> <tr> <th>September 1, 2015</th> <td>NVD begins support for CVE-ID syntax change</td> </tr> <tr> <th>January 28, 2014</th> <td><a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/Events/2014/2014-Cybersecurity-Innovation-Forum">2014 Cybersecurity Innovation Forum</a></td> </tr> <tr> <th>October 3, 2012</th> <td>8th Annual IT Security Automation Conference</td> </tr> <tr> <th>October 31, 2011</th> <td><a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/news-events/events/2011/10/7th-annual-it-security-automation-conference">7th Annual IT Security Automation Conference</a></td> </tr> <tr> <th>August 29, 2011</th> <td>EMAP Developer Workshop</td> </tr> <tr> <th>September 27, 2010</th> <td><a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/news-events/events/2010/09/6th-annual-it-security-automation-conference">6th Annual IT Security Automation Conference</a></td> </tr> <tr> <th>May 11, 2010</th> <td>2010 NASA / Army Systems and Software Engineering Forum</td> </tr> <tr> <th>April 13, 2010</th> <td>Security Solutions 2010</td> </tr> <tr> <th>March 16, 2010</th> <td>IT Security Entrepreneurs' Forum</td> </tr> <tr> <th>February 22, 2010</th> <td>Security Automation Developer Days Winter 2010</td> </tr> <tr> <th>October 26, 2009</th> <td>5th Annual IT Security Automation Conference</td> </tr> <tr> <th>September 5, 2008</th> <td>NVD updated to version 2.2</td> </tr> <tr> <th>August 18, 2008</th> <td>OMB has released a new memo relating to FDCC and the SCAP validation program. The memo can be found at: <a class="external" href="https://web.archive.org/web/20231005173120/https://georgewbush-whitehouse.archives.gov/omb/memoranda/fy2008/m08-22.pdf" target="_blank">https://georgewbush-whitehouse.archives.gov/omb/memoranda/fy2008/m08-22.pdf</a></td> </tr> <tr> <th>August 11, 2008</th> <td>Interactive Schema and the Interactive Schema Interpreter is now available through NVD at <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/security-content-automation-protocol/specifications/ocil">https://csrc.nist.gov/Projects/Security-Content-Automation-Protocol/Specifications/ocil</a><br> Minor update made to <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/fdcc-reporting_20080127.zip">FDCC Reporting Format</a> - update pertains to the Schematron Stylesheet, please reference the changelog for details.<br> Version 1.0.2 of the <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/docs/SCAP_Validation_Program_RC_v1.0.2.doc" target="_blank">SCAP Validation Program Derived Test Requirements Document</a> has been released.</td> </tr> <tr> <th>January 24, 2008</th> <td>Free Federal Desktop Core Configuration (<a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/united-states-government-configuration-baseline" target="_blank">FDCC</a>) Implementers Workshop held at NIST. Workshop will address technical aspects of FDCC and corresponding Security Content Automation Protocol (<a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/security-content-automation-protocol">SCAP</a>) updates.</td> </tr> <tr> <th>January 21, 2008</th> <td>XCCDF-based FDCC reporting format has been released. Specification and associated schematron stylesheet can be found at <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/fdcc-reporting_20080108.zip"> https://nvd.nist.gov/scap/content/fdcc-reporting_20080108.zip</a></td> </tr> <tr> <th>October 16, 2007</th> <td>The NVD CVSS V2 calculator has been updated to comply with the official <a href="https://web.archive.org/web/20231005173120/https://www.first.org/cvss/v2/guide" target="_blank" class="external">CVSS V2 Specification</a>. For more information please see: <a href="/web/20231005173120/https://nvd.nist.gov/vuln-metrics/cvss">NVD CVSS</a></td> </tr> <tr> <th>October 12, 2007</th> <td>The Draft of XCCDF Specification 1.1.4 has been posted to the <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/security-content-automation-protocol/specifications/xccdf">NVD XCCDF Webpage</a>.</td> </tr> <tr> <th>September 27, 2007</th> <td>NVD is now mapping into a cross section of the Common Weakness Enumeration (CWE). Please see the <a href="/web/20231005173120/https://nvd.nist.gov/vuln/categories">NVD CWE</a> page for more details.</td> </tr> <tr> <th>September 19, 2007</th> <td>The 3rd Annual IT Security Automation Conference was held at NIST.</td> </tr> <tr> <th>August 6, 2007</th> <td>A U.S. Office of Management and Budget memorandum requires specific secure configuration settings for Microsoft operating systems and requires use of <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/projects/scap-validation-program">SCAP validated tools</a> to monitor system configurations over time.</td> </tr> <tr> <th>August 6, 2007</th> <td>The Payment Card Industry <a href="https://web.archive.org/web/20231005173120/https://www.pcisecuritystandards.org/pdfs/pci_dss_technical_and_operational_requirements_for_approved_scanning_vendors_ASVs_v1-1.pdf" target="_blank" class="external">Data Security Standard</a> requires use of NVD Common Vulnerability Scoring System impact scores for use within approved scanning vendor tools.</td> </tr> <tr> <th>July 27, 2007</th> <td>The National Vulnerability Database announces support for the <a href="/web/20231005173120/https://nvd.nist.gov/products/cpe">Common Platform Enumeration</a> (CPE) standard for vendor and product naming version 2.0.</td> </tr> <tr> <th>June 20, 2007</th> <td>The National Vulnerability Database deployed support for the Common Vulnerability Scoring System (CVSS) .</td> </tr> <tr> <th>May 22, 2007</th> <td>The National Vulnerability Database upgraded to version 2.0. NIST Checklist Program moved within NVD.<br> Plans for the 3rd Annual Security Automation Conference and Workshop to be held Sept 19th & 20th, 2007 are under way.</td> </tr> <tr> <th>May 9, 2007</th> <td>Released <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/SCAP-WinXPPro.zip">Windows XP Professional beta version 7 security automation files</a></td> </tr> <tr> <th>April 13, 2007</th> <td>Released <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/SCAP-Win2K.zip">Windows 2000 Professional security automation files</a> beta version 1 (XCCDF skeleton and patch content)</td> </tr> <tr> <th>April 5, 2007</th> <td>Released <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/SCAP-IE7.zip">Microsoft Internet Explorer Version 7.0 security automation files</a> beta version 8</td> </tr> <tr> <th>April 5, 2007</th> <td>Released <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/SCAP-WinVista.zip">Windows Vista security automation files</a> version 5.0</td> </tr> <tr> <th>April 4, 2007</th> <td>Released <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/SCAP-Win2003.zip">Windows 2003 Server security automation files</a> version 2.0</td> </tr> <tr> <th>March 28, 2007</th> <td>Released <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/SCAP-Office2007.zip">Microsoft Office 2007 security automation files</a> beta version 4</td> </tr> <tr> <th>March 27, 2007</th> <td>Released <a href="https://web.archive.org/web/20231005173120/https://csrc.nist.gov/CSRC/media/Projects/Security-Content-Automation-Protocol/documents/content/SCAP-Symantec.zip">Symantec Antivirus security automation files</a> beta version 2</td> </tr> </tbody> </table> </div> <div class="col-md-12 historical-data-area" id="historical-data-area"> <span> Created <span id="page-created-date"> <span>September 20, 2022</span> </span>, </span> Updated <span id="page-updated-date"> <span>August 3, 2023</span> </span> </div> </div> </div> </div> </main> <footer id="footer" role="contentinfo"> <div class="container"> <div class="row"> <div class="col-sm-12"> <ul class="social-list pull-right"> <li class="field-item service-twitter list-horiz"><a href="https://web.archive.org/web/20231005173120/https://twitter.com/NISTCyber" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-twitter fa-fw"><span class="element-invisible">twitter</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a></li> <li class="field-item service-facebook list-horiz"><a href="https://web.archive.org/web/20231005173120/https://www.facebook.com/NIST" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-facebook fa-fw"><span class="element-invisible">facebook</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-linkedin list-horiz"><a href="https://web.archive.org/web/20231005173120/https://www.linkedin.com/company/nist" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-linkedin fa-fw"><span class="element-invisible">linkedin</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-youtube list-horiz"><a href="https://web.archive.org/web/20231005173120/https://www.youtube.com/user/USNISTGOV" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-youtube fa-fw"><span class="element-invisible">youtube</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span></a></li> <li class="field-item service-rss list-horiz"><a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/news-events/nist-rss-feeds" target="_blank" class="social-btn social-btn--large extlink"> <i class="fa fa-rss fa-fw"><span class="element-invisible">rss</span></i> </a></li> <li class="field-item service-govdelivery list-horiz last"><a href="https://web.archive.org/web/20231005173120/https://public.govdelivery.com/accounts/USNIST/subscriber/new?qsp=USNIST_3" target="_blank" class="social-btn social-btn--large extlink ext"> <i class="fa fa-envelope fa-fw"><span class="element-invisible">govdelivery</span></i><span class="ext"><span class="element-invisible"> (link is external)</span></span> </a></li> </ul> <span class="hidden-xs"> <a title="National Institute of Standards and Technology" rel="home" class="footer-nist-logo"> <img src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.png" alt="National Institute of Standards and Technology logo"/> </a> </span> </div> </div> <div class="row hidden-sm hidden-md hidden-lg"> <div class="col-sm-12"> <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/" title="National Institute of Standards and Technology" rel="home" target="_blank" class="footer-nist-logo"> <img src="/web/20231005173120im_/https://nvd.nist.gov/site-media/images/nist/nist-logo.png" alt="National Institute of Standards and Technology logo"/> </a> </div> </div> <div class="row footer-contact-container"> <div class="col-sm-6"> <strong>HEADQUARTERS</strong> <br> 100 Bureau Drive <br> Gaithersburg, MD 20899 <br> <a href="https://web.archive.org/web/20231005173120/tel:301-975-2000">(301) 975-2000</a> <br> <br> <a href="https://web.archive.org/web/20231005173120/mailto:nvd@nist.gov">Webmaster</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/about-nist/contact-us">Contact Us</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/about-nist/visit" style="display: inline-block;">Our Other Offices</a> </div> <div class="col-sm-6"> <div class="pull-right" style="text-align:right"> <strong>Incident Response Assistance and Non-NVD Related<br>Technical Cyber Security Questions:</strong> <br> US-CERT Security Operations Center <br> Email: <a href="https://web.archive.org/web/20231005173120/mailto:soc@us-cert.gov">soc@us-cert.gov</a> <br> Phone: 1-888-282-0870 </div> </div> </div> <div class="row"> <nav title="Footer Navigation" role="navigation" class="row footer-bottom-links-container">  <p> <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/oism/site-privacy">Site Privacy</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/oism/accessibility">Accessibility</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/privacy">Privacy Program</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/oism/copyrights">Copyrights</a> | <a href="https://web.archive.org/web/20231005173120/https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/foia">FOIA</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/environmental-policy-statement">Environmental Policy</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a> | <a href="https://web.archive.org/web/20231005173120/https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a> | <a href="https://web.archive.org/web/20231005173120/https://www.commerce.gov/">Commerce.gov</a> | <a href="https://web.archive.org/web/20231005173120/https://www.science.gov/">Science.gov</a> | <a href="https://web.archive.org/web/20231005173120/https://www.usa.gov/">USA.gov</a> </p> </nav> </div> </div> </footer> </body> </html>

CINXE.COM

NVD - News