# How do I read a CPE string?

#### CPE format

CPE follows this format: `cpe:<cpe_version>:<part>:<vendor>:<product>:<version>:<update>:<edition>:<language>:<sw_edition>:<target_sw>:<target_hw>:<other>`

* `cpe_version`: This is the version of the CPE definition. As of this writing, the latest CPE definition version is 2.3.
* `part`: This can be one of three values: a for Applications, h for Hardware, o for Operating systems. It is sometimes referred to as type.
* `vendor`: This identifies the person or organization that manufactured or created this dependency component.
* `product`: This is the name of the system/package/component.
* `version`: This is the version of the system/package/component.
* `update`: This shows any update or service pack information, also known as minor versions.
* `edition`: This describes the build of the system/package/component beyond version.
* `sw_edition` (2.3 only): This indicates the language of the system/package/component, such as en-us for US English.
* `target_sw` (2.3 only): This indicates the language of the system/package/component, such as en-us for US English.
* `target_hw` (2.3 only): This indicates the language of the system/package/component, such as en-us for US English.
* other (2.3 only): This indicates the language of the system/package/component, such as en-us for US English.

#### What does a wildcard in a CPE string mean?&#x20;

Anything that is a wildcard (\*) means that no particular value was provided for that section, so it will encompass any applicable value in that section.

**Examples**

***Application:***\
If the URI is `cpe:/a:microsoft:office:2007:sp2:professional` then the CPE string is:\
`cpe:2.3:a:microsoft:office:2007:sp2:-:*:professional:*:*:*`

***Operating system:***\
If the URI is\
`cpe:/o:microsoft:windows_7:-:sp1:x64` then the CPE string is:\
`cpe:2.3:o:microsoft:windows_7:-:sp1:-:*:*:*:x64:*`

***Hardware (not supported in an SBOM):***\
If the URI is `cpe:/h:3com:3c13612` then the CPE string is:\
`cpe:2.3:h:3com:3c13612:-:*:*:*:*:*:*:*`

***What does a wildcard indicate?***\
Anything that is a wildcard (\*) means that no particular value was provided for that section, so it will encompass any applicable value in that section.

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://helm.docs.medcrypt.com/terminology/what-is-cpe/how-do-i-read-a-cpe-string.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.