Updated
Jul 10, 2021, 12:19:55 AM
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"def_configurations": {
"description": "Defines the set of product configurations for a NVD applicability statement.",
"properties": {
"CVE_data_version": {
"type": "string"
},
"nodes": {
"items": {
"$ref": "#/definitions/def_node"
},
"type": "array"
}
},
"required": [
"CVE_data_version"
]
},
"def_cpe_match": {
"description": "CPE match string or range",
"properties": {
"cpe22Uri": {
"type": "string"
},
"cpe23Uri": {
"type": "string"
},
"cpe_name": {
"items": {
"$ref": "#/definitions/def_cpe_name"
},
"type": "array"
},
"versionEndExcluding": {
"type": "string"
},
"versionEndIncluding": {
"type": "string"
},
"versionStartExcluding": {
"type": "string"
},
"versionStartIncluding": {
"type": "string"
},
"vulnerable": {
"type": "boolean"
}
},
"required": [
"vulnerable",
"cpe23Uri"
],
"type": "object"
},
"def_cpe_name": {
"description": "CPE name",
"properties": {
"cpe22Uri": {
"type": "string"
},
"cpe23Uri": {
"type": "string"
},
"lastModifiedDate": {
"type": "string"
}
},
"required": [
"cpe23Uri"
],
"type": "object"
},
"def_cve_item": {
"description": "Defines a vulnerability in the NVD data feed.",
"properties": {
"configurations": {
"$ref": "#/definitions/def_configurations"
},
"cve": {
"$ref": "CVE_JSON_4.0_min_1.1_beta.schema"
},
"impact": {
"$ref": "#/definitions/def_impact"
},
"lastModifiedDate": {
"type": "string"
},
"publishedDate": {
"type": "string"
}
},
"required": [
"cve"
]
},
"def_impact": {
"description": "Impact scores for a vulnerability as found on NVD.",
"properties": {
"baseMetricV2": {
"description": "CVSS V2.0 score.",
"properties": {
"acInsufInfo": {
"type": "boolean"
},
"cvssV2": {
"$ref": "cvss-v2.0_beta.json"
},
"exploitabilityScore": {
"$ref": "#/definitions/def_subscore"
},
"impactScore": {
"$ref": "#/definitions/def_subscore"
},
"obtainAllPrivilege": {
"type": "boolean"
},
"obtainOtherPrivilege": {
"type": "boolean"
},
"obtainUserPrivilege": {
"type": "boolean"
},
"severity": {
"type": "string"
},
"userInteractionRequired": {
"type": "boolean"
}
},
"type": "object"
},
"baseMetricV3": {
"description": "CVSS V3.x score.",
"properties": {
"cvssV3": {
"$ref": "cvss-v3.x_beta.json"
},
"exploitabilityScore": {
"$ref": "#/definitions/def_subscore"
},
"impactScore": {
"$ref": "#/definitions/def_subscore"
}
},
"type": "object"
}
},
"type": "object"
},
"def_node": {
"description": "Defines a node or sub-node in an NVD applicability statement.",
"properties": {
"children": {
"items": {
"$ref": "#/definitions/def_node"
},
"type": "array"
},
"cpe_match": {
"items": {
"$ref": "#/definitions/def_cpe_match"
},
"type": "array"
},
"negate": {
"type": "boolean"
},
"operator": {
"type": "string"
}
}
},
"def_subscore": {
"description": "CVSS subscore.",
"maximum": 10,
"minimum": 0,
"type": "number"
}
},
"id": "https://scap.nist.gov/schema/nvd/feed/1.1/nvd_cve_feed_json_1.1_beta.schema",
"properties": {
"CVE_Items": {
"description": "NVD feed array of CVE",
"items": {
"$ref": "#/definitions/def_cve_item"
},
"type": "array"
},
"CVE_data_format": {
"type": "string"
},
"CVE_data_numberOfCVEs": {
"description": "NVD adds number of CVE in this feed",
"type": "string"
},
"CVE_data_timestamp": {
"description": "NVD adds feed date timestamp",
"type": "string"
},
"CVE_data_type": {
"type": "string"
},
"CVE_data_version": {
"type": "string"
}
},
"required": [
"CVE_data_type",
"CVE_data_format",
"CVE_data_version",
"CVE_Items"
],
"title": "JSON Schema for NVD Vulnerability Data Feed version 1.1",
"type": "object"
}