Updated on 2025-06-05 GMT+08:00

Glossary

Open source

Open source refers to opening the source code, source data, and source assets of a technology or product of a certain area, covering the culture, industry, law, and technology.

Open source software

Open source software refers to a computer program in which the source code is available to the general public for direct access, copy, modification, and re-release under the terms of an open source license.

Open source component

Open source components are the smallest identifiable software entities in open source software systems that do not contain other components. The component information can be obtained from public websites and distributed separately. Open source components have version numbers during development and can be assembled.

Open source license

Open source licenses are the rights granted by copyright holders that allow users to learn, modify, and distribute open source software to any person or for any purpose.

Software composition analysis (SCA)

A technology that identifies, manages, and traces software by analyzing the information and features contained in the software.

Portable Executable (PE)

A standard format of executable files in Windows.

Executable and Linkable Format (ELF)

A standard file format for executable files, target files, shared link libraries, and core dumps in Unix or Linux.

Android application package (APK)

An application package file format used by Android to distribute and install mobile applications and middleware.

HarmonyOS application package (HAP)

An application package file format used by HarmonyOS to distribute and install mobile applications and middleware.

Common Vulnerabilities and Exposures (CVE)

A database related to information security. It collects various information security vulnerabilities and numbers them for public reference.

Common Vulnerability Scoring System (CVSS)

A free and open industry standard for assessing the severity of computer system vulnerabilities and helping responders to determine the urgency and importance of required responses. There are CVSS 2.0, 3.0, and 3.1.

Firmware

A type of software embedded in a hardware device.

National Vulnerability Database (NVD)

National Vulnerability Database

China National Vulnerability Database (CNVD)

China National Vulnerability Database

China National Vulnerability Database of Information Security (CNNVD)

China National Vulnerability Database of Information Security

Component dependency

Other components that must be loaded to ensure the correct running of the component.