JFrog · Schema

CatalogVulnerability

ArtifactoryCI/CDContainer RegistryDevOpsMLOpsPackage ManagementSecuritySoftware Supply Chain

Properties

Name Type Description
cve string CVE identifier
severity string
cvss_v3_score number
summary string
is_transitive boolean Whether this is a transitive vulnerability from a dependency
fixed_versions array
published string
jfrog_research_severity string JFrog Security Research team severity assessment
jfrog_research_summary string JFrog Security Research enrichment summary
View JSON Schema on GitHub

JSON Schema

jfrog-catalogvulnerability-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/CatalogVulnerability",
  "title": "CatalogVulnerability",
  "type": "object",
  "properties": {
    "cve": {
      "type": "string",
      "description": "CVE identifier"
    },
    "severity": {
      "type": "string",
      "enum": [
        "Low",
        "Medium",
        "High",
        "Critical"
      ]
    },
    "cvss_v3_score": {
      "type": "number"
    },
    "summary": {
      "type": "string"
    },
    "is_transitive": {
      "type": "boolean",
      "description": "Whether this is a transitive vulnerability from a dependency"
    },
    "fixed_versions": {
      "type": "array",
      "items": {
        "type": "string"
      }
    },
    "published": {
      "type": "string",
      "format": "date-time"
    },
    "jfrog_research_severity": {
      "type": "string",
      "description": "JFrog Security Research team severity assessment"
    },
    "jfrog_research_summary": {
      "type": "string",
      "description": "JFrog Security Research enrichment summary"
    }
  }
}