Advisory
A public record describing a security issue, publication notice, or relevant coordination status after release review.
Glossary
Advisory terms.
This glossary defines common publication terms used on the public root. Procedural detail belongs on the documentation site.
- Public Site
- pclsecurity.com
- Documentation
- docs.pclsecurity.com
- Tools API
- tools.pclsecurity.com
- Processing
- Local browser tools
Use
Definitions here are written for advisory readers, vendors, and non-specialist reviewers. They do not replace formal standards or vendor-specific policy.
Affected Product
The product, service, component, or version range described by the public record.
CVE
A public identifier assigned through the Common Vulnerabilities and Exposures program when applicable.
CWE
A Common Weakness Enumeration category used to describe the type of weakness at a higher level.
CVSS
A scoring vector that describes technical severity characteristics. PCL severity may also consider scope, confidence, and operational constraints.
TLP:CLEAR
Information that may be shared publicly when release review has approved the content for broad distribution.
Embargoed
A record or evidence set that is not public and must remain outside generated public output until release approval.
Mitigation
A change that reduces exposure or impact. It may be temporary or compensating rather than a full fix.
Remediation
A corrective action intended to address the underlying issue, such as a patch, configuration change, or version upgrade.
Exploit Code
Executable or procedural material that could enable unauthorized reproduction. Public advisories avoid including weaponizable detail.
Disclosure Status
A concise statement of where the record sits in public coordination or publication.
Canonical Record
The stable public URL for the advisory or notice.