Class: CVERecord
Official CVE Record corresponding to a CVE ID. Represents either a Published or Rejected record in the CVE™ Program. The dataType field is always CVE_RECORD. Use cveMetadata.state to distinguish Published from Rejected records.
URI: cve:CVERecord
classDiagram
class CVERecord
click CVERecord href "../CVERecord/"
Vulnerability <|-- CVERecord
click Vulnerability href "../Vulnerability/"
CVERecord : containers
CVERecord --> "1" Containers : containers
click Containers href "../Containers/"
CVERecord : cve_id
CVERecord : cve_metadata
CVERecord --> "1" CveMetadata : cve_metadata
click CveMetadata href "../CveMetadata/"
CVERecord : data_type
CVERecord --> "0..1" DataType : data_type
click DataType href "../DataType/"
CVERecord : data_version
CVERecord : description
CVERecord : impact
CVERecord --> "0..1" Impact : impact
click Impact href "../Impact/"
CVERecord : last_modified_date
CVERecord : products
CVERecord --> "*" Product : products
click Product href "../Product/"
CVERecord : published_date
CVERecord : references
CVERecord --> "*" Reference : references
click Reference href "../Reference/"
CVERecord : status
CVERecord --> "0..1" VulnerabilityStatus : status
click VulnerabilityStatus href "../VulnerabilityStatus/"
CVERecord : title
CVERecord : weaknesses
CVERecord --> "*" Weakness : weaknesses
click Weakness href "../Weakness/"
Inheritance
- Vulnerability
- CVERecord
Class Properties
| Property | Value |
|---|---|
| Tree Root | Yes |
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| data_type | 0..1 DataType |
Indicates the type of information represented in the JSON instance | direct |
| data_version | 0..1 String |
The version of the CVE schema used for validating this record | direct |
| cve_metadata | 1 CveMetadataRejected or CveMetadata or CveMetadataPublished |
Metadata about the CVE ID | direct |
| containers | 1 Containers |
A set of containers (CNA and optionally ADP) holding vulnerability informatio... | direct |
| cve_id | 0..1 recommended CveId |
The CVE identifier assigned by a CVE Numbering Authority (CNA) | Vulnerability |
| title | 0..1 String |
Short human-readable title or name for this entity | Vulnerability |
| description | 0..1 recommended String |
Narrative description of the vulnerability | Vulnerability |
| published_date | 0..1 Datetime |
Date and time the vulnerability was first published | Vulnerability |
| last_modified_date | 0..1 Datetime |
Date and time the vulnerability record was last modified | Vulnerability |
| products | * Product |
Products affected by this vulnerability | Vulnerability |
| weaknesses | * Weakness |
Weakness classifications (e | Vulnerability |
| references | * Reference |
External references such as advisories and articles | Vulnerability |
| impact | 0..1 Impact |
Impact and severity assessment for this vulnerability | Vulnerability |
| status | 0..1 VulnerabilityStatus |
Current lifecycle state of the vulnerability record | Vulnerability |
In Subsets
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/cve
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | cve:CVERecord |
| native | cve:CVERecord |
| exact | WIKIDATA:Q631425 |
| related | kev_catalog:KevEntry |
| close | nvd:NVDEntry |
LinkML Source
Direct
name: CVERecord
description: Official CVE Record corresponding to a CVE ID. Represents either a Published
or Rejected record in the CVE™ Program. The dataType field is always CVE_RECORD.
Use cveMetadata.state to distinguish Published from Rejected records.
in_subset:
- cve_record
from_schema: https://w3id.org/lmodel/cve
exact_mappings:
- WIKIDATA:Q631425
close_mappings:
- nvd:NVDEntry
related_mappings:
- kev_catalog:KevEntry
is_a: Vulnerability
slots:
- data_type
- data_version
- cve_metadata
- containers
slot_usage:
cve_id:
name: cve_id
identifier: false
required: false
cve_metadata:
name: cve_metadata
required: true
containers:
name: containers
required: true
tree_root: true
Induced
name: CVERecord
description: Official CVE Record corresponding to a CVE ID. Represents either a Published
or Rejected record in the CVE™ Program. The dataType field is always CVE_RECORD.
Use cveMetadata.state to distinguish Published from Rejected records.
in_subset:
- cve_record
from_schema: https://w3id.org/lmodel/cve
exact_mappings:
- WIKIDATA:Q631425
close_mappings:
- nvd:NVDEntry
related_mappings:
- kev_catalog:KevEntry
is_a: Vulnerability
slot_usage:
cve_id:
name: cve_id
identifier: false
required: false
cve_metadata:
name: cve_metadata
required: true
containers:
name: containers
required: true
attributes:
data_type:
name: data_type
description: Indicates the type of information represented in the JSON instance.
in_subset:
- cve_record
from_schema: https://w3id.org/lmodel/cve
aliases:
- dataType
rank: 1000
ifabsent: DataType(CVE_RECORD)
alias: data_type
owner: CVERecord
domain_of:
- CVERecord
range: DataType
data_version:
name: data_version
description: The version of the CVE schema used for validating this record. Supports
multiple versions of the format (e.g., '5.2.0').
in_subset:
- cve_record
from_schema: https://w3id.org/lmodel/cve
aliases:
- dataVersion
rank: 1000
ifabsent: string(5.2.0)
alias: data_version
owner: CVERecord
domain_of:
- CVERecord
range: string
pattern: ^5\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))?$
cve_metadata:
name: cve_metadata
description: Metadata about the CVE ID. A Published record uses CveMetadataPublished;
a Rejected record uses CveMetadataRejected.
in_subset:
- cve_record
from_schema: https://w3id.org/lmodel/cve
aliases:
- cveMetadata
rank: 1000
alias: cve_metadata
owner: CVERecord
domain_of:
- CVERecord
range: CveMetadata
required: true
inlined: true
any_of:
- range: CveMetadataPublished
- range: CveMetadataRejected
containers:
name: containers
description: A set of containers (CNA and optionally ADP) holding vulnerability
information related to the CVE ID.
in_subset:
- cve_record
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: containers
owner: CVERecord
domain_of:
- CVERecord
range: Containers
required: true
inlined: true
cve_id:
name: cve_id
description: 'The CVE identifier assigned by a CVE Numbering Authority (CNA).
Format: CVE-YYYY-NNNNN.'
in_subset:
- metadata
from_schema: https://w3id.org/lmodel/cve
aliases:
- cveId
exact_mappings:
- schema:identifier
rank: 1000
slot_uri: dct:identifier
identifier: false
alias: cve_id
owner: CVERecord
domain_of:
- Vulnerability
range: CveId
required: false
recommended: true
title:
name: title
description: Short human-readable title or name for this entity.
in_subset:
- metadata
from_schema: https://w3id.org/lmodel/cve
exact_mappings:
- schema:name
close_mappings:
- kev_catalog:vulnerability_name
rank: 1000
slot_uri: dct:title
alias: title
owner: CVERecord
domain_of:
- CnaPublishedContainer
- AdpContainer
- Vulnerability
range: string
description:
name: description
description: Narrative description of the vulnerability.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
exact_mappings:
- schema:description
close_mappings:
- kev_catalog:short_description
rank: 1000
slot_uri: dct:description
alias: description
owner: CVERecord
domain_of:
- Vulnerability
- Weakness
range: string
recommended: true
published_date:
name: published_date
description: Date and time the vulnerability was first published.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
related_mappings:
- kev_catalog:date_added
rank: 1000
slot_uri: dct:created
alias: published_date
owner: CVERecord
domain_of:
- Vulnerability
range: datetime
last_modified_date:
name: last_modified_date
description: Date and time the vulnerability record was last modified.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
rank: 1000
slot_uri: dct:modified
alias: last_modified_date
owner: CVERecord
domain_of:
- Vulnerability
range: datetime
products:
name: products
description: Products affected by this vulnerability.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: products
owner: CVERecord
domain_of:
- Vulnerability
range: Product
multivalued: true
inlined: true
inlined_as_list: true
weaknesses:
name: weaknesses
description: Weakness classifications (e.g. CWE) associated with this vulnerability.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
related_mappings:
- cwe:Weakness
rank: 1000
alias: weaknesses
owner: CVERecord
domain_of:
- Vulnerability
range: Weakness
multivalued: true
inlined: true
inlined_as_list: true
references:
name: references
description: External references such as advisories and articles.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: references
owner: CVERecord
domain_of:
- Vulnerability
range: Reference
multivalued: true
inlined: true
inlined_as_list: true
impact:
name: impact
description: Impact and severity assessment for this vulnerability.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
rank: 1000
alias: impact
owner: CVERecord
domain_of:
- Vulnerability
range: Impact
status:
name: status
description: Current lifecycle state of the vulnerability record.
in_subset:
- core
from_schema: https://w3id.org/lmodel/cve
close_mappings:
- nvd:NVDWorkflowStatus
rank: 1000
alias: status
owner: CVERecord
domain_of:
- Vulnerability
range: VulnerabilityStatus
tree_root: true