Skip to content

Subset: Core

Cross-program vulnerability metadata

URI: Core

Identifier and Mapping Information

Schema Source

Classes in subset

Class Description
Configuration Logical grouping of CPE match expressions
Impact Assessment of the vulnerability's impact and severity
Product Software or hardware entity affected by the vulnerability
Reference External reference such as an advisory or article
Vulnerability Abstract base representation of a security vulnerability
Weakness Weakness classification from CWE or a similar taxonomy

Slots from Vulnerability also in core

Name Cardinality and Range Description
description 1
String		 Narrative description of the vulnerability
impact 0..1
Impact		 Impact and severity assessment for this vulnerability
last_modified_date 0..1
Datetime		 Date and time the vulnerability record was last modified
products *
Product		 Products affected by this vulnerability
published_date 0..1
Datetime		 Date and time the vulnerability was first published
references *
Reference		 External references such as advisories and articles
status 0..1
VulnerabilityStatus		 Current lifecycle state of the vulnerability record
weaknesses *
Weakness		 Weakness classifications (e

Slots from Weakness also in core

Name Cardinality and Range Description
description 0..1
String		 Narrative description of the vulnerability

Slots in subset

Slot Description
description Narrative description of the vulnerability
impact Impact and severity assessment for this vulnerability
last_modified_date Date and time the vulnerability record was last modified
products Products affected by this vulnerability
published_date Date and time the vulnerability was first published
references External references such as advisories and articles
status Current lifecycle state of the vulnerability record
weaknesses Weakness classifications (e