Regarding the new CVE prefix

Skip to first unread message

Tom Levy

Jun 10, 2021, 3:53:57 AM6/10/21
to osv-discuss
Hello, I have noticed that today there was a new batch of OSV entries that contained the new prefix "CVE".
Can you please clarify how you extract the information regarding this prefix?
Is that some sort of commit crawler which go through linux.git and find potential vulnerabilities?
Also, the unique ID number which attached to every OSV entry with the CSV prefix has some sort of meaning? is that a RESERVED CVE or just a unique number you using to distinct the entries, and doesn't have any sort of connection to actual CVEs.

Thanks, Tom.


Jun 30, 2021, 10:25:22 PM6/30/21
to osv-discuss
Hi Tom,

Sorry for the very delayed reply -- I missed this message.

This data is from the DWF project:, which has since moved to and switched to using IDs with "UVI-" prefixes. 

Reply all
Reply to author
0 new messages