From 69343896203334baef346e9a2f650e9b6e86058a Mon Sep 17 00:00:00 2001 From: cjbzl Date: Tue, 12 Aug 2025 06:20:06 +0000 Subject: [PATCH] =?UTF-8?q?=E5=88=A0=E9=99=A4=E5=BA=8F=E5=8F=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: cjbzl --- .../security/cve-ease/cve-ease-design-overview.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/en/server/security/cve-ease/cve-ease-design-overview.md b/docs/en/server/security/cve-ease/cve-ease-design-overview.md index 52bc28b..2bc8307 100644 --- a/docs/en/server/security/cve-ease/cve-ease-design-overview.md +++ b/docs/en/server/security/cve-ease/cve-ease-design-overview.md @@ -1,10 +1,10 @@ # CVE-ease Design Overview -## 1. Overview +## Overview Common Vulnerabilities and Exposures (CVEs) plays a vital role in ensuring system security and stability, making effective handling and management of CVE data essential. To address this, the CVE-ease vulnerability management system was developed, enabling real-time acquisition, management, and reporting of vulnerability information. -## 2. Key Features +## Key Features CVE-ease provides the following core functionalities: @@ -14,19 +14,19 @@ CVE-ease provides the following core functionalities: - Real-time tracking of CVE status - Immediate broadcasting of CVE updates -## 3. Module Functions +## Module Functions ![](./figures/CVE-ease_desigin_table.png) -### 3.1 CVE Acquisition +### CVE Acquisition During operation, CVE-ease periodically scrapes CVE information from disclosure websites. Before scraping, the system scans the CVE database to create an index of existing CVE IDs and verify connectivity with CVE platforms. The process begins by retrieving the IDs of the latest disclosed CVEs, followed by fetching detailed descriptions based on these IDs. If the data is successfully retrieved, the process concludes. Otherwise, the system retries until successful. -### 3.2 CVE Information Organization and Storage +### CVE Information Organization and Storage Scraped CVE data is structured and stored in a database according to predefined formats, with feature values calculated. If a scraped CVE ID is not present in the database, it is added directly. If the ID exists, the system compares feature values and updates the entry if discrepancies are found. -### 3.3 Viewing Historical and Real-Time CVE Information +### Viewing Historical and Real-Time CVE Information Users can query specific CVE details through the interactive interface. By default, the system displays the 10 most recent CVEs. Users can customize queries to retrieve historical CVE data based on criteria such as CVE score or year. -- Gitee