CYCLONEDX
/
GETTING STARTED
/
CAPABILITIES
/
BOV
Share vulnerability data between systems and sources of vulnerability intelligence
CycloneDX BOMs may consist solely of vulnerabilities, thus can be used to share vulnerability data between systems and sources of vulnerability intelligence. Complex vulnerability data can be represented including:
CycloneDX is also an ideal advisory format, thus providing a common standard and tool chain for BOM and advisory information. A BOV which additionally contains the analysis of the vulnerability along with a metadata reference to the component itself provides the details necessary for full-featured advisory use cases.