oss-sec mailing list archives
Re: EU Vulnerability Database
From: Solar Designer <solar () openwall com>
Date: Wed, 14 May 2025 03:10:45 +0200
On Tue, May 13, 2025 at 07:43:37PM +0100, Graeme Fowler wrote:
EUVD is in beta testing - given all the shenanigans with MITRE and CVE, it might be worth checking out. https://euvd.enisa.europa.eu/about
To make this more useful in list archives, here's what the above web page says at this time:
As per the NIS2 Directive, ENISA is mandated to develop and maintain the European vulnerability database. Access to reliable and timely information about vulnerabilities affecting Information and Communication Technology (ICT) products and services contributes to an enhanced cybersecurity risk management. Sources of publicly available information about vulnerabilities are an important tool for users of these services, competent authorities, and the broader cybersecurity community. ENISA has established a European Vulnerability Database (EUVD) where entities, regardless of whether they fall within the scope of the NIS2 Directive, and their suppliers of network and information systems, as well as competent authorities, most notably CSIRTs, can voluntarily disclose and register publicly known vulnerabilities to allow users to take appropriate mitigating measures. In line with Coordinated Vulnerability Disclosure practices, which aim at providing improved transparency regarding the publication process, the EUVD is eventually used to publicly disclose the vulnerability information. To avoid efforts duplication and to support complementarity, ENISA closely cooperates with MITRE and European as well as non-European operators of the Common Vulnerabilities and Exposures (CVE) system. In this context, ENISA offers vulnerability registry services after its onboarding as a CVE Numbering Authority (CNA), with a focus on vulnerabilities in IT products discovered by or reported to European CSIRTs for coordinated disclosure. Following its official launch, ENISA will continue engaging with its stakeholders to further develop and improve the EUVD service catalogue.
This is the entirety of content specific to the /about page (the rest of content at that URL is header and footer common with other pages). Alexander
Current thread:
- EU Vulnerability Database Graeme Fowler (May 13)
- Re: EU Vulnerability Database Stuart Henderson (May 13)
- Re: EU Vulnerability Database Stuart Henderson (May 13)
- Re: EU Vulnerability Database Rolf Reintjes (May 13)
- Re: EU Vulnerability Database gmane.io (May 14)
- Re: EU Vulnerability Database Solar Designer (May 13)
- Re: EU Vulnerability Database Stuart Henderson (May 13)