Class: AffectedProduct
Information about the set of products and services affected by a vulnerability. At least one of (vendor + product) or (collectionURL + packageName) is required, and at least one of versions or defaultStatus is required.
URI: cve:AffectedProduct
classDiagram
class AffectedProduct
click AffectedProduct href "../AffectedProduct/"
Product <|-- AffectedProduct
click Product href "../Product/"
AffectedProduct : collection_url
AffectedProduct : cpes
AffectedProduct : default_status
AffectedProduct --> "0..1" VersionStatus : default_status
click VersionStatus href "../VersionStatus/"
AffectedProduct : modules
AffectedProduct : name
AffectedProduct : package_name
AffectedProduct : package_url
AffectedProduct : platforms
AffectedProduct : program_files
AffectedProduct : program_routines
AffectedProduct --> "*" ProgramRoutine : program_routines
click ProgramRoutine href "../ProgramRoutine/"
AffectedProduct : repo
AffectedProduct : vendor
AffectedProduct : version
AffectedProduct : versions
AffectedProduct --> "*" VersionEntry : versions
click VersionEntry href "../VersionEntry/"
Inheritance
- Product
- AffectedProduct
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| collection_url | 0..1 Uri |
URL identifying a package collection (determines the meaning of packageName) | direct |
| package_name | 0..1 String |
Name or identifier of the affected software package as used in the package co... | direct |
| cpes | * CpeNameType |
Affected products defined by CPE (Common Platform Enumeration) names in eithe... | direct |
| modules | * String |
A list of the affected components, features, modules, sub-components, sub-pro... | direct |
| program_files | * String |
A list of the affected source code files | direct |
| program_routines | * ProgramRoutine |
A list of the affected source code functions, methods, subroutines, or proced... | direct |
| repo | 0..1 Uri |
The URL of the source code repository, for informational purposes and/or to r... | direct |
| default_status | 0..1 VersionStatus |
The default status for versions not otherwise listed in the versions list | direct |
| versions | * VersionEntry |
Set of product versions or version ranges related to the vulnerability | direct |
| package_url | 0..1 Uri |
A Package URL (PURL), a unified URL specification for identifying packages ho... | direct |
| vendor | 0..1 String |
Name of the vendor or organization responsible for the product | Product |
| name | 0..1 String |
Name of the entity (product, weakness, reference, etc | Product |
| version | 0..1 String |
Version string of the affected product | Product |
| platforms | * String |
Platforms or operating environments affected | Product |
Expressions & Logic
#### All Of The class must satisfy all of: - AnonymousClassExpression({ 'any_of': [AnonymousClassExpression({ 'slot_conditions': {'vendor': SlotDefinition({'name': 'vendor', 'required': True}), 'name': SlotDefinition({'name': 'name', 'required': True})} }), AnonymousClassExpression({ 'slot_conditions': {'collection_url': SlotDefinition({'name': 'collection_url', 'required': True}), 'package_name': SlotDefinition({'name': 'package_name', 'required': True})} })] }) - AnonymousClassExpression({ 'any_of': [AnonymousClassExpression({ 'slot_conditions': {'versions': SlotDefinition({'name': 'versions', 'required': True})} }), AnonymousClassExpression({ 'slot_conditions': {'default_status': SlotDefinition({'name': 'default_status', 'required': True})} })] })Usages
| used by | used in | type | used |
|---|---|---|---|
| CnaPublishedContainer | affected | range | AffectedProduct |
| AdpContainer | affected | range | AffectedProduct |
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/cve
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | cve:AffectedProduct |
| native | cve:AffectedProduct |
| related | kev_catalog:KevEntry |
LinkML Source
Direct
name: AffectedProduct
description: Information about the set of products and services affected by a vulnerability.
At least one of (vendor + product) or (collectionURL + packageName) is required,
and at least one of versions or defaultStatus is required.
from_schema: https://w3id.org/lmodel/cve
related_mappings:
- kev_catalog:KevEntry
is_a: Product
slots:
- collection_url
- package_name
- cpes
- modules
- program_files
- program_routines
- repo
- default_status
- versions
- package_url
all_of:
- any_of:
- slot_conditions:
vendor:
name: vendor
required: true
name:
name: name
required: true
- slot_conditions:
collection_url:
name: collection_url
required: true
package_name:
name: package_name
required: true
- any_of:
- slot_conditions:
versions:
name: versions
required: true
- slot_conditions:
default_status:
name: default_status
required: true
Induced
name: AffectedProduct
description: Information about the set of products and services affected by a vulnerability.
At least one of (vendor + product) or (collectionURL + packageName) is required,
and at least one of versions or defaultStatus is required.
from_schema: https://w3id.org/lmodel/cve
related_mappings:
- kev_catalog:KevEntry
is_a: Product
attributes:
collection_url:
name: collection_url
description: URL identifying a package collection (determines the meaning of packageName).
from_schema: https://w3id.org/lmodel/cve
aliases:
- collectionURL
rank: 1000
alias: collection_url
owner: AffectedProduct
domain_of:
- AffectedProduct
range: uri
package_name:
name: package_name
description: Name or identifier of the affected software package as used in the
package collection.
from_schema: https://w3id.org/lmodel/cve
aliases:
- packageName
rank: 1000
alias: package_name
owner: AffectedProduct
domain_of:
- AffectedProduct
range: string
cpes:
name: cpes
description: Affected products defined by CPE (Common Platform Enumeration) names
in either 2.2 or 2.3 format.
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: cpes
owner: AffectedProduct
domain_of:
- AffectedProduct
range: CpeNameType
multivalued: true
modules:
name: modules
description: A list of the affected components, features, modules, sub-components,
sub-products, APIs, commands, utilities, programs, or functionalities.
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: modules
owner: AffectedProduct
domain_of:
- AffectedProduct
range: string
multivalued: true
program_files:
name: program_files
description: A list of the affected source code files.
from_schema: https://w3id.org/lmodel/cve
aliases:
- programFiles
rank: 1000
alias: program_files
owner: AffectedProduct
domain_of:
- AffectedProduct
range: string
multivalued: true
program_routines:
name: program_routines
description: A list of the affected source code functions, methods, subroutines,
or procedures.
from_schema: https://w3id.org/lmodel/cve
aliases:
- programRoutines
rank: 1000
alias: program_routines
owner: AffectedProduct
domain_of:
- AffectedProduct
range: ProgramRoutine
multivalued: true
inlined: true
inlined_as_list: true
repo:
name: repo
description: The URL of the source code repository, for informational purposes
and/or to resolve git hash version ranges.
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: repo
owner: AffectedProduct
domain_of:
- AffectedProduct
range: uri
default_status:
name: default_status
description: The default status for versions not otherwise listed in the versions
list. Defaults to 'unknown' if not specified. Versions or defaultStatus may
be omitted, but not both.
from_schema: https://w3id.org/lmodel/cve
aliases:
- defaultStatus
rank: 1000
alias: default_status
owner: AffectedProduct
domain_of:
- AffectedProduct
range: VersionStatus
versions:
name: versions
description: Set of product versions or version ranges related to the vulnerability.
Versions or defaultStatus may be omitted, but not both.
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: versions
owner: AffectedProduct
domain_of:
- AffectedProduct
range: VersionEntry
multivalued: true
inlined: true
inlined_as_list: true
package_url:
name: package_url
description: A Package URL (PURL), a unified URL specification for identifying
packages hosted by known package hosts. The Package URL MUST NOT include a version.
from_schema: https://w3id.org/lmodel/cve
aliases:
- packageURL
rank: 1000
alias: package_url
owner: AffectedProduct
domain_of:
- AffectedProduct
range: uri
vendor:
name: vendor
description: Name of the vendor or organization responsible for the product.
from_schema: https://w3id.org/lmodel/cve
rank: 1000
slot_uri: schema:name
alias: vendor
owner: AffectedProduct
domain_of:
- Product
range: string
name:
name: name
description: Name of the entity (product, weakness, reference, etc.).
from_schema: https://w3id.org/lmodel/cve
aliases:
- label
- product
rank: 1000
slot_uri: rdfs:label
alias: name
owner: AffectedProduct
domain_of:
- Product
- Reference
- Weakness
range: string
version:
name: version
description: Version string of the affected product.
from_schema: https://w3id.org/lmodel/cve
rank: 1000
slot_uri: schema:version
alias: version
owner: AffectedProduct
domain_of:
- Product
range: string
platforms:
name: platforms
description: Platforms or operating environments affected.
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: platforms
owner: AffectedProduct
domain_of:
- Product
range: string
multivalued: true
all_of:
- any_of:
- slot_conditions:
vendor:
name: vendor
required: true
name:
name: name
required: true
- slot_conditions:
collection_url:
name: collection_url
required: true
package_name:
name: package_name
required: true
- any_of:
- slot_conditions:
versions:
name: versions
required: true
- slot_conditions:
default_status:
name: default_status
required: true