Vulnerability Details

vulnerability

The vulnerability is an unintended characteristic of a computing component or system configuration that multiplies the risk of an adverse event or a loss occurring either due to accidental exposure, deliberate attack, or conflict with new system components.

Attributes

CaptionNameTypeDescription
Security AdvisoryadvisoryAdvisory[]Detail about the security advisory, that is used to publicly disclose cybersecurity vulnerabilities by a vendor.
Affected Codeaffected_codeAffected Code[]List of Affected Code objects that describe details about code blocks identified as vulnerable.
Affected Software Packagesaffected_packagesAffected Software Package[]List of software packages identified as affected by a vulnerability/vulnerabilities.
CategorycategoryStringThe category of a vulnerability or weakness, as reported by the source tool, such as Container Security or Open Source Security.
CVEcveCVE[]Describes the Common Vulnerabilities and Exposures (CVE) details related to the vulnerability.
CWEcweCWE[]Describes the Common Weakness Enumeration (CWE) details related to the vulnerability.
Dependency Chaindependency_chainStringInformation about the chain of dependencies related to the issue as reported by an Application Security or Vulnerability Management tool. E.g., serverless-offline -> @serverless/utils -> memoizee -> es5-ext.
DescriptiondescStringThe description of the vulnerability.
Exploit Last Seen Timeexploit_last_seen_timeTimestampThe time when the exploit was most recently observed.
Exploit URLexploit_ref_urlURL StringEntity:URL_STRING

The URL of the exploit code or Proof-of-Concept (PoC).
Exploit Requirementexploit_requirementStringThe requirement description related to any constraints around exploit execution.
Exploit Typeexploit_typeStringThe categorization or type of Exploit. E.g., Network or Physical.
First Seenfirst_seen_timeTimestampThe time when the vulnerability was first observed.
Fix Availabilityfix_availableBooleanIndicates if a fix is available for the reported vulnerability.

🚧 WARNING: DEPRECATED

Fix Availability has been deprecated since 1.1.0. Use the is_fix_available attribute instead.

Fix Coveragefix_coverageStringThe fix coverage, normalized to the caption of the fix_coverage_id value.
Fix Coverage IDfix_coverage_idIntegerThe normalized identifier for fix coverage, applicable to this vulnerability. Typically useful, when there are multiple affected packages but only a subset have available fixes.
  • 1: Complete (COMPLETE)
  • 2: Partial (PARTIAL)
  • 3: None (NONE)
  • 0: Unknown (UNKNOWN)
  • 99: Other (OTHER)
Exploit Availabilityis_exploit_availableBooleanIndicates if an exploit or a PoC (proof-of-concept) is available for the reported vulnerability.
Fix Availabilityis_fix_availableBooleanIndicates if a fix is available for the reported vulnerability.
Knowledgebase Articleskb_article_listKB Article[]A list of KB articles or patches related to an endpoint. A KB Article contains metadata that describes the patch or an update.

🚧 WARNING: DEPRECATED

Knowledgebase Articles has been deprecated since 1.4.0. Use advisory attribute instead.

Knowledgebase Articleskb_articlesString[]The KB article/s related to the entity. A KB Article contains metadata that describes the patch or an update.

🚧 WARNING: DEPRECATED

Knowledgebase Articles has been deprecated since 1.1.0. Use the kb_article_list attribute instead.

Last Seenlast_seen_timeTimestampThe time when the vulnerability was most recently observed.
Software PackagespackagesSoftware Package[]List of vulnerable packages as identified by the security product

🚧 WARNING: DEPRECATED

Software Packages has been deprecated since 1.1.0. Use the affected_packages attribute instead.

Raw Dataraw_dataJSONGroup:context

The event data as received from the event source.
Record IDrecord_idStringGroup:primary

Unique identifier for the object
ReferencesreferencesString[]A list of reference URLs with additional information about the vulnerability.
Remediation GuidanceremediationRemediation[]The remediation recommendations on how to mitigate the identified vulnerability.
SeverityseverityStringThe vendor assigned severity of the vulnerability.
TitletitleStringA title or a brief phrase summarizing the discovered vulnerability.
UnmappedunmappedUnmapped[]Data from the source that was not mapped into the schema.
Vendor Namevendor_nameStringThe name of the vendor that identified the vulnerability.

Relationships

Vulnerability Details shown in context

Inbound Relationships

These objects and events reference Vulnerability Details in their attributes:

Outbound Relationships

Vulnerability Details references the following objects and events in its attributes:

This page describes qdm-1.5.1+ocsf-1.6.0