Each OVAL vulnerability definition is based primarily on Common Vulnerabilities and Exposures (CVE), a dictionary-type list of standardized names for vulnerabilities and other information related to security exposures.
Acronym for Open Vulnerability and Assessment Language. OVAL is an XML-based language that provides a standard for how to check for the presence of vulnerabilities and configuration issues on computer systems. OVAL standardizes the three main steps of the process: collecting system characteristics and configuration information from systems for testing; testing the systems for the presence of specific vulnerabilities, configuration issues, and/or patches; and presenting the results of the tests.
