-
Notifications
You must be signed in to change notification settings - Fork 70
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1190 from CVEProject/5.1-schema-test
- Loading branch information
Showing
38 changed files
with
5,855 additions
and
3,926 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -98,9 +98,6 @@ | |
"name": { | ||
"type": "string" | ||
}, | ||
"refsource": { | ||
"type": "string" | ||
}, | ||
"url": { | ||
"type": "string" | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2,300 changes: 2,300 additions & 0 deletions
2,300
src/middleware/schemas/5.1_published_cna_container.json
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,188 @@ | ||
{ | ||
"definitions": { | ||
"uuidType": { | ||
"description": "A version 4 (random) universally unique identifier (UUID) as defined by [RFC 4122](https://tools.ietf.org/html/rfc4122#section-4.1.3).", | ||
"type": "string", | ||
"pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" | ||
}, | ||
"cveId": { | ||
"type": "string", | ||
"pattern": "^CVE-[0-9]{4}-[0-9]{4,19}$" | ||
}, | ||
"orgId": { | ||
"description": "A UUID for an organization participating in the CVE program. This UUID can be used to lookup the organization record in the user registry service.", | ||
"$ref": "#/definitions/uuidType" | ||
}, | ||
"shortName": { | ||
"description": "A 2-32 character name that can be used to complement an organization's UUID.", | ||
"type": "string", | ||
"minLength": 2, | ||
"maxLength": 32 | ||
}, | ||
"timestamp": { | ||
"type": "string", | ||
"format": "date-time", | ||
"description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM'. If timezone offset is not given, GMT (+00:00) is assumed.", | ||
"pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$" | ||
}, | ||
"providerMetadata": { | ||
"type": "object", | ||
"description": "Details related to the information container provider (CNA or ADP).", | ||
"properties": { | ||
"orgId": { | ||
"$ref": "#/definitions/orgId", | ||
"description": "The container provider's organizational UUID." | ||
}, | ||
"shortName": { | ||
"$ref": "#/definitions/shortName", | ||
"description": "The container provider's organizational short name." | ||
}, | ||
"dateUpdated": { | ||
"$ref": "#/definitions/timestamp", | ||
"description": "Timestamp to be set by the system of record at time of submission. If dateUpdated is provided to the system of record it will be replaced by the current timestamp at the time of submission." | ||
} | ||
}, | ||
"required": [ | ||
"orgId" | ||
], | ||
"additionalProperties": false | ||
}, | ||
"description": { | ||
"type": "object", | ||
"description": "Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.", | ||
"properties": { | ||
"lang": { | ||
"$ref": "#/definitions/language" | ||
}, | ||
"value": { | ||
"type": "string", | ||
"description": "Plain text description.", | ||
"minLength": 1, | ||
"maxLength": 4096 | ||
}, | ||
"supportingMedia": { | ||
"type": "array", | ||
"title": "Supporting media", | ||
"description": "Supporting media data for the description such as markdown, diagrams, .. (optional). Similar to RFC 2397 each media object has three main parts: media type, media data value, and an optional boolean flag to indicate if the media data is base64 encoded.", | ||
"uniqueItems": true, | ||
"minItems": 1, | ||
"items": { | ||
"type": "object", | ||
"properties": { | ||
"type": { | ||
"type": "string", | ||
"title": "Media type", | ||
"minLength": 1, | ||
"maxLength": 256, | ||
"description": "RFC2046 compliant IANA Media type for eg., text/markdown, text/html.", | ||
"examples": [ | ||
"text/markdown", | ||
"text/html", | ||
"image/png", | ||
"image/svg", | ||
"audio/mp3" | ||
] | ||
}, | ||
"base64": { | ||
"type": "boolean", | ||
"title": "Encoding", | ||
"description": "If true then the value field contains the media data encoded in base64. If false then the value field contains the UTF-8 media content.", | ||
"default": false | ||
}, | ||
"value": { | ||
"type": "string", | ||
"description": "Supporting media content, up to 16K. If base64 is true, this field stores base64 encoded data.", | ||
"minLength": 1, | ||
"maxLength": 16384 | ||
} | ||
}, | ||
"required": [ | ||
"type", | ||
"value" | ||
], | ||
"additionalProperties": false | ||
} | ||
} | ||
}, | ||
"required": [ | ||
"lang", | ||
"value" | ||
], | ||
"additionalProperties": false | ||
}, | ||
"englishLanguageDescription": { | ||
"type": "object", | ||
"description": "A description with lang set to an English language (en, en_US, en_UK, and so on).", | ||
"properties": { | ||
"lang": { | ||
"$ref": "#/definitions/englishLanguage" | ||
} | ||
}, | ||
"required": [ | ||
"lang" | ||
], | ||
"$comment": "Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description." | ||
}, | ||
"descriptions": { | ||
"type": "array", | ||
"description": "A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].", | ||
"minItems": 1, | ||
"uniqueItems": true, | ||
"items": { | ||
"$ref": "#/definitions/description" | ||
}, | ||
"contains": { | ||
"$ref": "#/definitions/englishLanguageDescription" | ||
} | ||
}, | ||
"language": { | ||
"type": "string", | ||
"description": "BCP 47 language code, language-region.", | ||
"default": "en", | ||
"pattern": "^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" | ||
}, | ||
"englishLanguage": { | ||
"type": "string", | ||
"description": "BCP 47 language code, language-region, required to be English.", | ||
"pattern": "^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" | ||
} | ||
}, | ||
"properties": { | ||
"cnaContainer": { | ||
"description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a rejected CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA.", | ||
"type": "object", | ||
"properties": { | ||
"providerMetadata": { | ||
"$ref": "#/definitions/providerMetadata" | ||
}, | ||
"rejectedReasons": { | ||
"description": "Reasons for rejecting this CVE Record.", | ||
"$ref": "#/definitions/descriptions" | ||
}, | ||
"replacedBy": { | ||
"type": "array", | ||
"description": "Contains an array of CVE IDs that this CVE ID was rejected in favor of because this CVE ID was assigned to the vulnerabilities.", | ||
"minItems": 1, | ||
"uniqueItems": true, | ||
"items": { | ||
"$ref": "#/definitions/cveId" | ||
} | ||
} | ||
}, | ||
"required": [ | ||
"rejectedReasons" | ||
], | ||
"patternProperties": { | ||
"^x_[^.]*$": {} | ||
}, | ||
"additionalProperties": false | ||
} | ||
}, | ||
"required": [ | ||
"cnaContainer" | ||
], | ||
"$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", | ||
"additionalProperties": false, | ||
"$schema": "http://json-schema.org/draft-07/schema#", | ||
"title": "rejected_cna_container_bundled" | ||
} |
Oops, something went wrong.