Add licenses/tos as suggested by #22

2025-06-19 17:31:42 +00:00 · 2025-03-10 11:46:24 +01:00 · 2025-03-10 11:46:24 +01:00 · 339e6c8947
commit 339e6c8947
parent 99ebb1a8e8
2 changed files with 104 additions and 0 deletions
--- a/LICENSES/cve-tou.md
+++ b/LICENSES/cve-tou.md
@ -0,0 +1,31 @@
 # Terms of Use
 ## License
 **Submissions:** For all materials you submit to the Common Vulnerabilities and
 Exposures (CVE®), you hereby grant to The MITRE Corporation (MITRE) and all CVE
 Numbering Authorities (CNAs) a perpetual, worldwide, non-exclusive, no-charge,
 royalty-free, irrevocable copyright license to reproduce, prepare derivative
 works of, publicly display, publicly perform, sublicense, and distribute such
 materials and derivative works. Unless required by applicable law or agreed to
 in writing, you provide such materials on an "AS IS" BASIS, WITHOUT WARRANTIES
 OR CONDITIONS OF ANY KIND, either express or implied, including, without
 limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT,
 MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.
 **CVE Usage:** MITRE hereby grants you a perpetual, worldwide, non-exclusive,
 no-charge, royalty-free, irrevocable copyright license to reproduce, prepare
 derivative works of, publicly display, publicly perform, sublicense, and
 distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for
 such purposes is authorized provided that you reproduce MITRE's copyright
 designation and this license in any such copy.
 ## Disclaimers
 ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN PROVIDED BY MITRE ARE
 PROVIDED ON AN "AS IS" BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
 REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF
 TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
 INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 
--- a/LICENSES/nvd-tou.md
+++ b/LICENSES/nvd-tou.md
@ -0,0 +1,73 @@
 # Terms of Use
 The National Vulnerability Database (NVD) was created by the National Institute
 of Standards and Technology (NIST) and is being made available as a public
 service. The NVD offers some of its public data in machine-readable format via
 an Application Programming Interface ("API"). This service is offered subject
 to this Terms of Use and NIST Website Policies (collectively, the "Terms of Use"
 or "TOU"). 
 ## Use
 The NVD API is intended to be used to develop a service or services to search,
 display, analyze, retrieve, view and otherwise "get" information from NVD data.
 Examples of specific use cases are described in the guidance on the NVD’s
 website. Enterprise scale development that uses the NVD should consult this
 guidance.
 ## Attribution
 Services which utilize or access the NVD API are asked to display the following
 notice prominently within the application: "This product uses the NVD API but is
 not endorsed or certified by the NVD."
 You may use the NVD name in order to identify the source of API content subject
 to these rules. You may not use the NVD name, to imply endorsement of any
 product, service, or entity, not-for-profit, commercial or otherwise.
 ## Modification or False Representation of Content
 If you modify the content accessed through the API, you may not attribute the
 source as the NVD.
 ## Use Limitations
 Your use of the API may be subject to certain limitations on access, calls, or
 use as set forth within these Agreements or otherwise provided by the NVD. If
 the NVD’s administrators believe that you have attempted to exceed or circumvent
 these limits, or misuse access to this system, your ability to access the API
 and/or the NVD may be temporarily or permanently blocked. The NVD may monitor
 your use of the API to improve the service or to ensure access limitations are
 not exceeded.
 Without an API key, you may make a number of queries equal to the public rate
 limits posted at nvd.nist.gov/developers. More than the public rate limit
 requires that you register for an API key. The key will become part of your data
 request. Keys should not be used by, or shared with, individuals or organizations
 other than the original requestor.
 Queries from a business or organization having multiple requestors might employ
 a proxy service or firewall. This may make all of the users of that business or
 organization to appear to have the same IP address. If multiple employees were
 making queries, the rate limits are for the user’s proxy server/firewall, not
 the individual user.
 A unique API key is suggested for any mobile or web application that makes a
 number of requests based on dynamically changing information. Rate limits may be
 reached by the total number of requests from all instances when the application
 queries the NVD API, even if multiple users access your application through
 different IP addresses.
 ## Disclaimer of Warranties
 The API is provided "as is" and on an "as-available" basis. The NVD hereby
 disclaim all warranties of any kind, express or implied, including without
 limitation the warranties of merchantability, fitness for a particular purpose,
 and non-infringement. The NVD makes no warranty that the API will be error free
 or that access thereto will be continuous or uninterrupted.
 ## No Waiver
 The NVD’s failure to exercise or enforce any right or provision of these Terms
 of Use shall not constitute waiver of such right or provision.