CVE Program Technical Workshop 2025 – Day 01, Session 06
Session Speaker: Andrew Lilley Brinker
Summary: Learn how to identify software in CVE Records with CPEs and Package URLs (purls), including when to use each identifier type, what their strengths and weaknesses are, and how to use them effectively in CVE Records.
https://github.com/package-url/
https://www.cve.org/Resources/Roles/Cnas/CPEinCVERecordsGuide.pdf
https://www.cve.org/AllResources/CveServices#CveRecordFormat
