We Speak CVE
A free podcast about cybersecurity, vulnerability management, and the CVE Program.
We Speak CVE
CVE Record Disputes Explained
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
In this episode of the “We Speak CVE” podcast, CVE Program Project Lead Alec Summers chats with Yves Younan of Cisco, Alex Kreilein of Qualys, Pedro Sampaio of Red Hat, and Anthony Singleton of the MITRE Top-Level Root, about the CVE Record dispute process.
Topics include how the dispute policy came to exist and the two types of CVE Record disputes; a walk-through of the process for disputing a CVE Record, including what steps to take and what to expect; why some disputes persist indefinitely; whether all CVE Record disputes need to be resolved; why some disputes remaining visible to the downstream consumer is healthy; an overview of how the CVE Record Dispute Policy was created and how it continues to updated over time; how the CVE Program continuously seeks community input on the dispute process; and more.
Resources mentioned in the podcast include: