Class: AffectedPackage
The Affected Package object describes details about a software package
identified as affected by a vulnerability/vulnerabilities.
URI: ocsf:AffectedPackage
classDiagram
class AffectedPackage
click AffectedPackage href "../AffectedPackage/"
Package <|-- AffectedPackage
click Package href "../Package/"
AffectedPackage : architecture
AffectedPackage : cpe_name
AffectedPackage : epoch
AffectedPackage : fixed_in_version
AffectedPackage : hash
AffectedPackage --> "0..1" Fingerprint : hash
click Fingerprint href "../Fingerprint/"
AffectedPackage : license
AffectedPackage : license_url
AffectedPackage : name
AffectedPackage : package_manager
AffectedPackage : package_manager_url
AffectedPackage : path
AffectedPackage : purl
AffectedPackage : release
AffectedPackage : remediation
AffectedPackage --> "0..1" Remediation : remediation
click Remediation href "../Remediation/"
AffectedPackage : src_url
AffectedPackage : type
AffectedPackage : type_id
AffectedPackage --> "0..1 _recommended_" PackageTypeIdEnum : type_id
click PackageTypeIdEnum href "../PackageTypeIdEnum/"
AffectedPackage : uid
AffectedPackage : vendor_name
AffectedPackage : version
Inheritance
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| fixed_in_version | 0..1 String |
The software package version in which a reported vulnerability was | direct |
| path | 0..1 String |
The installation path of the affected package | direct |
| remediation | 0..1 Remediation |
Describes the recommended remediation steps to address identified issue(s) | direct |
| architecture | 0..1 recommended String |
Architecture is a shorthand name describing the type of computer hardware the | Package |
| cpe_name | 0..1 String |
The Common Platform Enumeration (CPE) name as described by (<a target='_blank... | Package |
| epoch | 0..1 Integer |
The software package epoch | Package |
| hash | 0..1 Fingerprint |
Cryptographic hash to identify the binary instance of a software component | Package |
| license | 0..1 String |
The software license applied to this package | Package |
| license_url | 0..1 UrlT |
The URL pointing to the license applied on package or software | Package |
| name | 1 String |
The software package name | Package |
| package_manager | 0..1 String |
The software packager manager utilized to manage a package on a system, e | Package |
| package_manager_url | 0..1 UrlT |
The URL of the package or library at the package manager, or the specific URL | Package |
| purl | 0..1 String |
A purl is a URL string used to identify and locate a software package in a | Package |
| release | 0..1 String |
Release is the number of times a version of the software has been packaged | Package |
| src_url | 0..1 UrlT |
The link to the specific library or package such as within GitHub</code... |
Package |
| type | 0..1 String |
The type of software package, normalized to the caption of the | Package |
| type_id | 0..1 recommended PackageTypeIdEnum |
The type of software package | Package |
| uid | 0..1 String |
A unique identifier for the package or library reported by the source tool | Package |
| vendor_name | 0..1 String |
The name of the vendor who published the software package | Package |
| version | 1 String |
The software package version | Package |
Usages
| used by | used in | type | used |
|---|---|---|---|
| Vulnerability | affected_packages | range | AffectedPackage |
In Subsets
Aliases
- Affected Software Package
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:AffectedPackage |
| native | ocsf:AffectedPackage |
| exact | cve:AffectedProduct |
| close | nvd:CPEMatch, core:Product |
LinkML Source
Direct
name: AffectedPackage
description: 'The Affected Package object describes details about a software package
identified as affected by a vulnerability/vulnerabilities.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Affected Software Package
exact_mappings:
- cve:AffectedProduct
close_mappings:
- nvd:CPEMatch
- core:Product
is_a: Package
slots:
- fixed_in_version
- path
- remediation
slot_usage:
path:
name: path
description: The installation path of the affected package.
Induced
name: AffectedPackage
description: 'The Affected Package object describes details about a software package
identified as affected by a vulnerability/vulnerabilities.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Affected Software Package
exact_mappings:
- cve:AffectedProduct
close_mappings:
- nvd:CPEMatch
- core:Product
is_a: Package
slot_usage:
path:
name: path
description: The installation path of the affected package.
attributes:
fixed_in_version:
name: fixed_in_version
description: 'The software package version in which a reported vulnerability was
patched/fixed.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Fixed In Version
rank: 1000
alias: fixed_in_version
owner: AffectedPackage
domain_of:
- AffectedPackage
range: string
path:
name: path
description: The installation path of the affected package.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Path
rank: 1000
alias: path
owner: AffectedPackage
domain_of:
- Url
- AffectedPackage
- File
- HttpCookie
- Image
- Kernel
- Malware
- ProcessEntity
- Product
- RegKey
- RegValue
range: string
remediation:
name: remediation
description: Describes the recommended remediation steps to address identified
issue(s).
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Remediation Guidance
rank: 1000
alias: remediation
owner: AffectedPackage
domain_of:
- Vulnerability
- AffectedCode
- AffectedPackage
- CisBenchmarkResult
- FindingObject
- ApplicationSecurityPostureFinding
- ComplianceFinding
- DetectionFinding
- IamAnalysisFinding
- RemediationActivity
range: Remediation
architecture:
name: architecture
description: 'Architecture is a shorthand name describing the type of computer
hardware the
packaged software is meant to run on.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Architecture
rank: 1000
alias: architecture
owner: AffectedPackage
domain_of:
- Package
range: string
recommended: true
cpe_name:
name: cpe_name
description: 'The Common Platform Enumeration (CPE) name as described by (<a target=''_blank''
href=''https://nvd.nist.gov/products/cpe''>NIST</a>) For example:
<code>cpe:/a:apple:safari:16.2</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- The product CPE identifier
rank: 1000
alias: cpe_name
owner: AffectedPackage
domain_of:
- Os
- Package
- Product
range: string
epoch:
name: epoch
description: 'The software package epoch. Epoch is a way to define weighted dependencies
based on version numbers.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Epoch
rank: 1000
alias: epoch
owner: AffectedPackage
domain_of:
- Package
range: integer
hash:
name: hash
description: 'Cryptographic hash to identify the binary instance of a software
component.
This can include any component such file, package, or library.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Hash
rank: 1000
alias: hash
owner: AffectedPackage
domain_of:
- Package
- SoftwareComponent
- Container
range: Fingerprint
license:
name: license
description: The software license applied to this package.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Software License
rank: 1000
alias: license
owner: AffectedPackage
domain_of:
- Package
- SoftwareComponent
range: string
license_url:
name: license_url
description: 'The URL pointing to the license applied on package or software.
This is
typically a <code>LICENSE.md</code> file within a repository.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Software License URL
rank: 1000
alias: license_url
owner: AffectedPackage
domain_of:
- Package
range: UrlT
name:
name: name
description: The software package name.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Name
rank: 1000
alias: name
owner: AffectedPackage
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- Parameter
- PrivilegeInfo
- San
- Scim
- Script
- ServicePrivilegeAnalysis
- SoftwareComponent
- Sso
- StartupItem
- ThreatActor
- Token
- Entity
- Resource
- Account
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- AutonomousSystem
- Campaign
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- ClassifierDetails
- Container
- D3fTactic
- D3fTechnique
- Database
- Databucket
- DomainContact
- Edge
- Endpoint
- Enrichment
- EnvironmentVariable
- Evidences
- Extension
- Feature
- File
- Graph
- Group
- HttpCookie
- HttpHeader
- Idp
- Image
- Job
- Kernel
- KeyValueObject
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metric
- Mitigation
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- ResourceDetails
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- FtpActivity
- RegValue
- WinResource
- WinService
- PrefetchQuery
range: string
required: true
package_manager:
name: package_manager
description: 'The software packager manager utilized to manage a package on a
system, e.g.
npm, yum, dpkg etc.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Package Manager
rank: 1000
alias: package_manager
owner: AffectedPackage
domain_of:
- Package
range: string
package_manager_url:
name: package_manager_url
description: 'The URL of the package or library at the package manager, or the
specific URL
or URI of an internal package manager link such as <code>AWS
CodeArtifact</code> or <code>Artifactory</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Package Manager URL
rank: 1000
alias: package_manager_url
owner: AffectedPackage
domain_of:
- Package
range: UrlT
purl:
name: purl
description: 'A purl is a URL string used to identify and locate a software package
in a
mostly universal and uniform way across programming languages, package
managers, packaging conventions, tools, APIs and databases.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Package URL
rank: 1000
alias: purl
owner: AffectedPackage
domain_of:
- Package
- SoftwareComponent
range: string
release:
name: release
description: Release is the number of times a version of the software has been
packaged.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Software Release Details
rank: 1000
alias: release
owner: AffectedPackage
domain_of:
- Package
range: string
src_url:
name: src_url
description: 'The link to the specific library or package such as within <code>GitHub</code>,
this is different from the link to the package manager where the library or
package is hosted.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Source URL
rank: 1000
alias: src_url
owner: AffectedPackage
domain_of:
- Osint
- Package
- Ticket
- Advisory
- Cvss
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Enrichment
- FindingObject
- FindingInfo
- KbArticle
- Mitigation
- SubTechnique
- Tactic
- Technique
- IncidentProfile
- IncidentFinding
range: UrlT
type:
name: type
description: 'The type of software package, normalized to the caption of the
<code>type_id</code> value. In the case of ''Other'', it is defined by the
source.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type
rank: 1000
alias: type
owner: AffectedPackage
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- ProgrammaticCredential
- RelatedEvent
- San
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Dns
- Resource
- Account
- Agent
- Analytic
- ApplicationObject
- AuthenticationToken
- ClassifierDetails
- Cve
- Database
- Databucket
- DiscoveryDetails
- DnsAnswer
- DomainContact
- EncryptionDetails
- Endpoint
- Enrichment
- File
- Graph
- Group
- Ja4Fingerprint
- Kernel
- ManagedEntity
- Metadata
- Module
- NetworkEndpoint
- NetworkInterface
- Node
- PeripheralDevice
- Policy
- Rule
- Scan
- Trait
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- WebResource
- Device
- DatastoreActivity
- FtpActivity
- RegValue
- WinResource
range: string
type_id:
name: type_id
annotations:
sibling:
tag: sibling
value: type
description: The type of software package.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type ID
rank: 1000
alias: type_id
owner: AffectedPackage
domain_of:
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Account
- Agent
- Analytic
- AuthenticationToken
- Database
- Databucket
- DomainContact
- Endpoint
- File
- Ja4Fingerprint
- Kernel
- ManagedEntity
- NetworkEndpoint
- NetworkInterface
- PeripheralDevice
- Scan
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- Device
- DatastoreActivity
- RegValue
- WinResource
range: PackageTypeIdEnum
recommended: true
uid:
name: uid
description: 'A unique identifier for the package or library reported by the source
tool.
E.g., the <code>libId</code> within the <code>sbom</code> field of an OX
Security Issue or the SPDX <code>components.*.bom-ref</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: AffectedPackage
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
vendor_name:
name: vendor_name
description: The name of the vendor who published the software package.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Vendor Name
rank: 1000
alias: vendor_name
owner: AffectedPackage
domain_of:
- Osint
- Package
- Scim
- Sso
- Vulnerability
- Agent
- Cvss
- DeviceHwInfo
- GpuInfo
- PeripheralDevice
- Product
- Device
range: string
version:
name: version
description: The software package version.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Version
rank: 1000
alias: version
owner: AffectedPackage
domain_of:
- Os
- Package
- RpcInterface
- Sbom
- Scim
- SoftwareComponent
- Tls
- Agent
- AiModel
- Analytic
- Api
- ApplicationObject
- Attack
- Certificate
- Check
- CisControl
- CisCsc
- Cvss
- D3fend
- Databucket
- Epss
- Extension
- Feature
- File
- HttpRequest
- Logger
- ManagedEntity
- Metadata
- Policy
- Product
- ResourceDetails
- Rule
- Service
- NtpActivity
range: string
required: true