VULDEF: The VULnerability Data publication and Exchange Format data model
The members of JVNRSS Feasibility Study Team:
- Masato Terada (IPA, JPCERT/CC)
- JVN Working Group (JPCERT/CC, IPA)
- Latest Version:http://jvndb.jvn.jp/en/schema/vuldef.html
Comments should be directed to the
JVN Working Group.
Copyright c 2007-2009 by the Authors.
- 1. Overview
- 2. XML Schema
- 3. Syntax
- 3.1 <VULDEF-Document>
- 3.1.1 <Vulinfo>
- 3.1.1.1 <VulinfoID>
- 3.1.1.2 <VulinfoGID>
- 3.1.1.3 <VulinfoData>
- 3.1.1.3.1 <VulinfoDescription>
- 3.1.1.3.1.1 <Overview>
- 3.1.1.3.1.2 <Detail>
- 3.1.1.3.1.3 <Cwe>
- 3.1.1.3.2 <Affected>
- 3.1.1.3.2.1 <AffectedItem>
- 3.1.1.3.2.1.1 <ProductName>
- 3.1.1.3.2.1.2 <VersionNumber>
- 3.1.1.3.2.1.3 <BuildNumber>
- 3.1.1.3.2.1.3.1 <RangeBegin>
- 3.1.1.3.2.1.3.2 <RangeEnd>
- 3.1.1.3.3 <Impact>
- 3.1.1.3.3.1 <Cvss>
- 3.1.1.3.3.1.1 <Severity>
- 3.1.1.3.3.1.2 <Score>
- 3.1.1.3.3.1.3 <Vector>
- 3.1.1.3.3.1.4 <Temp>
- 3.1.1.3.3.1.5 <Env>
- 3.1.1.3.3.2 <ImpactItem>
- 3.1.1.3.4 <Solution>
- 3.1.1.3.4.1 <SolutionItem>
- 3.1.1.3.5 <Exploit>
- 3.1.1.3.5.1 <ExploitItem>
- 3.1.1.3.6 <Related>
- 3.1.1.3.6.1 <RelatedItem>
- 3.1.1.3.7 <Credit>
- 3.1.1.3.7.1 <CreditItem>
- 3.1.1.3.8 <Contact>
- 3.1.1.3.8.1 <ContactItem>
- 3.1.1.3.9 <History>
- 3.1.1.3.9.1 <HistoryItem>
- 3.1.1.3.9.1.1 <HistoryNo>
- 3.1.1.3.10 <AdditionalData>
- 3.1.1.3.10.1 <JvnHandlingDataset>
- 3.1.1.3.10.1.1 <HandlingServer>
- 3.1.1.3.10.1.1.1 <VN>
- 3.1.1.3.10.1.1.2 <URLPublished>
- 3.1.1.3.10.1.2 <HandlingClient>
- 3.1.1.3.10.1.2.1 <MessageType>
- 3.1.1.3.10.1.2.2 <DTRequest>
- 3.1.1.3.10.2 <JvnDataset>
- 4. Examples
- 5. Resources
- 6. Acknowledgements
namespace="http://jvn.jp/vuldef/"
schemaLocation="http://jvndb.jvn.jp/schema/vuldef_2.0.xsd"
Class:
VULDEF-Document
|-
vuldef:Vulinfo
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<VULDEF-Document
version="%version"
xml:lang="%xml:lang"
> </VULDEF-Document> |
|
Attribute: |
|
Description: |
%version
|
Type: xs:string Use: required Fixed: 2.0
|
|
%xml:lang
|
|
|
|
Class:
Vulinfo
|-
vuldef:VulinfoID
(
)
|-
vuldef:VulinfoGID
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:VulinfoData
(
MinOccurs: 1
MaxOccurs: 1
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<Vulinfo
restriction="%restriction"
> </Vulinfo> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional Default: private
|
|
|
Class:
VulinfoID
Syntax:
Type:
xs:string
Class:
VulinfoGID
Syntax:
<VulinfoGID> </VulinfoGID> |
|
Type:
xs:string
Class:
VulinfoData
|-
vuldef:Title
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:VulinfoDescription
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Affected
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Impact
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Solution
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Exploit
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Related
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Credit
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Contact
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:History
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DateFirstPublished
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DateLastUpdated
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DatePublic
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<VulinfoData
restriction="%restriction"
severity="%severity"
publication="%publication"
> </VulinfoData> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%severity
|
Type: vuldef:severityEnum Use: optional
|
|
%publication
|
Type: vuldef:publicationEnum Use: optional
|
|
|
Class:
VulinfoDescription
|-
vuldef:Overview
(
)
|-
vuldef:Detail
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:Cwe
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<VulinfoDescription
restriction="%restriction"
exploitrange="%exploitrange"
vulnerabilitytype="%vulnerabilitytype"
vuldef:historyno="%vuldef:historyno"
> </VulinfoDescription> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%exploitrange
|
Type: vuldef:exploitrangeEnum Use: optional
|
|
%vulnerabilitytype
|
Type: vuldef:vulnerabilitytypeEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
Overview
Syntax:
<Overview
restriction="%restriction"
vuldef:historyno="%vuldef:historyno"
> </Overview> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Type:
xs:string
Class:
Detail
Syntax:
<Detail
restriction="%restriction"
vuldef:historyno="%vuldef:historyno"
> </Detail> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Type:
xs:string
Class:
Cwe
|-
vuldef:RelatedItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Cwe
restriction="%restriction"
vuldef:historyno="%vuldef:historyno"
> </Cwe> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
Affected
|-
vuldef:AffectedItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Affected
restriction="%restriction"
> </Affected> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
AffectedItem
|-
vuldef:Name
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:ProductName
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:VersionNumber
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:BuildNumber
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:Description
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<AffectedItem
restriction="%restriction"
affectedstatus="%affectedstatus"
vuldef:historyno="%vuldef:historyno"
> </AffectedItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%affectedstatus
|
Type: vuldef:affectedstatusEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
ProductName
Syntax:
<ProductName
restriction="%restriction"
> </ProductName> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Type:
xs:string
Class:
VersionNumber
Syntax:
<VersionNumber
restriction="%restriction"
operator="%operator"
> </VersionNumber> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%operator
|
Type: vuldef:operatorEnum Use: optional
|
|
|
Class:
BuildNumber
Syntax:
<BuildNumber
restriction="%restriction"
operator="%operator"
> </BuildNumber> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%operator
|
Type: vuldef:operatorEnum Use: optional
|
|
|
Class:
RangeBegin
Syntax:
<RangeBegin
operator="%operator"
> </RangeBegin> |
|
Attribute: |
|
Description: |
%operator
|
Type: vuldef:operatorEnum Use: optional
|
|
|
Type:
xs:string
Class:
RangeEnd
Syntax:
<RangeEnd
operator="%operator"
> </RangeEnd> |
|
Attribute: |
|
Description: |
%operator
|
Type: vuldef:operatorEnum Use: optional
|
|
|
Type:
xs:string
Class:
Impact
|-
vuldef:Cvss
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:ImpactItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Impact
restriction="%restriction"
> </Impact> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
Cvss
|-
vuldef:Severity
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Score
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Vector
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Temp
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Env
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<Cvss
version="%version"
restriction="%restriction"
> </Cvss> |
|
Attribute: |
|
Description: |
%version
|
Type: xs:string Use: required
|
|
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
Severity
Syntax:
<Severity
restriction="%restriction"
> </Severity> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Type:
vuldef:CVSSSeverity
Class:
Score
Syntax:
<Score
restriction="%restriction"
> </Score> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Type:
vuldef:zeroToTen
Class:
Vector
Syntax:
<Vector
restriction="%restriction"
> </Vector> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Type:
vuldef:CVSSVectorPattern
Class:
Temp
Syntax:
<Temp
restriction="%restriction"
> </Temp> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Type:
vuldef:CVSSTempPattern
Class:
Env
Syntax:
<Env
restriction="%restriction"
> </Env> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Type:
vuldef:CVSSEnvPattern
Class:
ImpactItem
|-
vuldef:Description
(
MinOccurs: 1
MaxOccurs: unbounded
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<ImpactItem
restriction="%restriction"
severity="%severity"
impacttype="%impacttype"
vuldef:historyno="%vuldef:historyno"
> </ImpactItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%severity
|
Type: vuldef:severityEnum Use: optional
|
|
%impacttype
|
Type: vuldef:impacttypeEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
Solution
|-
vuldef:SolutionItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Solution
restriction="%restriction"
> </Solution> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
SolutionItem
|-
vuldef:Description
(
MinOccurs: 1
MaxOccurs: unbounded
)
|-
vuldef:URL
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<SolutionItem
restriction="%restriction"
solutiontype="%solutiontype"
vuldef:historyno="%vuldef:historyno"
> </SolutionItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%solutiontype
|
Type: vuldef:solutiontypeEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
Exploit
|-
vuldef:ExploitItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Exploit
restriction="%restriction"
> </Exploit> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
ExploitItem
|-
vuldef:Description
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:URL
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<ExploitItem
restriction="%restriction"
exploittype="%exploittype"
vuldef:historyno="%vuldef:historyno"
> </ExploitItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%exploittype
|
Type: vuldef:exploittypeEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
Related
|-
vuldef:RelatedItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Related
restriction="%restriction"
> </Related> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
RelatedItem
|-
vuldef:Name
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:VulinfoID
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Title
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:URL
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Description
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:AdditionalData
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<RelatedItem
restriction="%restriction"
origin="%origin"
type="%type"
vuldef:historyno="%vuldef:historyno"
> </RelatedItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%origin
|
Type: vuldef:originEnum Use: optional
|
|
%type
|
Type: vuldef:relatedtypeEnum Use: required
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
Credit
|-
vuldef:CreditItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Credit
restriction="%restriction"
> </Credit> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
CreditItem
|-
vuldef:Name
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Description
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<CreditItem
restriction="%restriction"
vuldef:historyno="%vuldef:historyno"
> </CreditItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
Contact
|-
vuldef:ContactItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<Contact
restriction="%restriction"
> </Contact> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
ContactItem
|-
vuldef:Name
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Description
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:Email
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:Telephone
(
MinOccurs: 0
MaxOccurs: unbounded
)
|-
vuldef:Fax
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:TimeZone
(
MinOccurs: 0
MaxOccurs: 1
)
Syntax:
<ContactItem
restriction="%restriction"
contacttype="%contacttype"
vuldef:historyno="%vuldef:historyno"
> </ContactItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
%contacttype
|
Type: vuldef:contacttypeEnum Use: optional
|
|
%vuldef:historyno
|
Use: optional
|
|
|
Class:
History
|-
vuldef:HistoryItem
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<History
restriction="%restriction"
> </History> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
HistoryItem
|-
vuldef:HistoryNo
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DateTime
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Description
(
MinOccurs: 1
MaxOccurs: unbounded
)
Syntax:
<HistoryItem
restriction="%restriction"
> </HistoryItem> |
|
Attribute: |
|
Description: |
%restriction
|
Type: vuldef:restrictionEnum Use: optional
|
|
|
Class:
HistoryNo
Syntax:
Type:
xs:string
Class:
AdditionalData
|-
vuldef:JvnHandlingDataset
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:JvnDataset
(
MinOccurs: 0
MaxOccurs: 1
)
Syntax:
<AdditionalData> </AdditionalData> |
|
Class:
JvnHandlingDataset
|-
vuldef:HandlingServer
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:HandlingClient
(
MinOccurs: 0
MaxOccurs: 1
)
Syntax:
<JvnHandlingDataset> </JvnHandlingDataset> |
|
Class:
HandlingServer
|-
vuldef:VN
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:URLPublished
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DatePublished
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:Keyword
(
MinOccurs: 0
MaxOccurs: 1
)
|-
MessageType
(
MinOccurs: 0
MaxOccurs: 1
)
Syntax:
<HandlingServer> </HandlingServer> |
|
Class:
VN
|-
vuldef:ID
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
Class:
URLPublished
|-
vuldef:URL
(
MinOccurs: 0
MaxOccurs: unbounded
)
Syntax:
<URLPublished> </URLPublished> |
|
Class:
HandlingClient
|-
MessageType
(
MinOccurs: 0
MaxOccurs: 1
)
|-
DTRequest
(
MinOccurs: 0
MaxOccurs: 1
)
Syntax:
<HandlingClient> </HandlingClient> |
|
Class:
JvnDataset
|-
vuldef:History
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DateFirstPublished
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DateLastUpdated
(
MinOccurs: 0
MaxOccurs: 1
)
|-
vuldef:DateReceived
(
MinOccurs: 0
MaxOccurs: 1
)
Syntax:
<JvnDataset> </JvnDataset> |
|