CVE: Common Vulnerabilities and Exposures
A CVE (common vulnerabilities and exposures) refers to a vulnerability that is publicly known and available in the CVE List. Vulnerabilities are marked with a severity score (CVSS).
Azul Vulnerability Detection records information about each JVM instance. When a new CVE is discovered, you can look back over recorded information to see where the vulnerable component is used and/or present.
CVEs affect Java applications in two ways:
CVEs in the Java runtime, which can be addressed by upgrading your instance of the Core/Prime JVM. This is most often done by a system or application administrator.
CVEs in Java libraries, which can be addressed by upgrading the library within the application. This is most often done by an application developer.