OVAL (Open Vulnerability Assessment Language) is a XML-based language used for communicating the details of vulnerabilities, patches, security configuration settings, and other machine states in a machine-readable form.
SCAP 1.0 policies are compliant with OVAL Version 5.3. Tell me more
SCAP 1.2 policies are compliant with OVAL Version 5.10. Tell me more
See Statement of OVAL Implementation