CVE (Common Vulnerabilities and Exposures) is a format to describe publicly known information security vulnerabilities and exposures. Using this format, new CVE IDs will be created, assigned, and referenced in content on an as-needed basis without a version change.

SCAP 1.0 and 1.2 policies are compliant with CVE. Tell me more

See Statement of CVE Implementation