Skip to content

CVE JSON Record Format v5.0.0 Release Candidate 1

Pre-release
Pre-release

Choose a tag to compare

View all tags
@chandanbn chandanbn released this 11 May 18:23
v5.0.0-rc1
9f82345
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Some important changes since version 4 include:

  • Authorized data publishers (ADPs) can contribute information about CVEs in addition to the CNAs.
  • Ability to tag the CVE records and URL references.
  • Ability to supply CVSS scores or other metrics associated with a CVE.
  • Ability to map to other taxonomies like ATT&CK identifiers.
  • Support for rich-text markup formatted CVE descriptions and media.
  • Ability to record CVE information related to products with improved granularity.
  • Improved or simplified specification of fields that were not fully defined in the version 4 schema.
Assets 2
Loading