1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 High-level requirements
7 Accuracy
8 Documentation
9 CVE
date usage
10 Different styles of CVE name support
11 Revocation of CVE compatibility
12 Review authority
Annex A – Type-specific requirements
Annex B – Media requirements
Annex C – Media requirements
Bibliography