Table of Contents generated with DocToc
tools/cve-org/Capability: contract:cve-authority
Kind: implementation
Vendor: CVE.org
CVE.org publication client. Submits CVE records via the CVE.org REST API; consumed by security-cve-allocate once a CVE has been allocated via the ASF Vulnogram path. See tool.md for the protocol detail and cve.org field mapping.
curl + jq one-liner (see tool.md).curl and jq.cveawg.mitre.org (CVE Services API v2) and www.cve.org (the HTML record); optionally nvd.nist.gov for the alternative public registry.Adopters select this backend with <project-config>/project.md → cve_authority.tool: cve-org-direct when they operate directly against CVE Services rather than an ASF Vulnogram tenant. The adopter-facing field vocabulary is documented in projects/_template/cve-allocation-config.md and projects/_template/security-intake-config.md.