forked from CERTCC/SSVC
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDecision_Point_Value_Selection-1-0-1.schema.json
More file actions
85 lines (85 loc) · 2.74 KB
/
Decision_Point_Value_Selection-1-0-1.schema.json
File metadata and controls
85 lines (85 loc) · 2.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json",
"$defs": {
"id": {
"type": "string",
"description": "Identifier for a vulnerability could be CVE, CERT/CC VU#, OSV id, Bugtraq, GHSA etc.",
"examples": ["CVE-1900-1234","VU#11111","GHSA-11a1-22b2-33c3"],
"minLength": 1
},
"role": {
"type": "string",
"description": "Roles to define SSVC Stakeholders https://certcc.github.io/SSVC/topics/enumerating_stakeholders/",
"examples": ["Supplier","Deployer","Coordinator"],
"minLength": 1
},
"timestamp" : {
"description": "Date and time according to RFC 3339, section 5.6.",
"type": "string",
"pattern": "^(?:[1-9]\\d{3}-[01]\\d-[0-3]\\d[Tt][0-2]\\d:[0-5]\\d:[0-5]\\d(?:\\.\\d+)?(?:[Zz]|[+-][0-2]\\d:[0-5]\\d))$"
},
"SsvcdecisionpointselectionSchema": {
"description": "A down-selection of SSVC Decision Points that represent an evaluation at a specific time of a Vulnerability",
"properties": {
"name": {
"$ref": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point-1-0-1.schema.json#/$defs/decision_point/properties/name"
},
"namespace": {
"$ref": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point-1-0-1.schema.json#/$defs/decision_point/properties/namespace"
},
"values": {
"description": "Evaluated values of the Decision Point",
"title": "values",
"type": "array",
"minItems": 1,
"items": {
"$ref": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point-1-0-1.schema.json#/$defs/decision_point_value/properties/name"
}
},
"version": {
"$ref": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point-1-0-1.schema.json#/$defs/decision_point/properties/version"
}
},
"type": "object",
"required": [
"name",
"namespace",
"values",
"version"
],
"additionalProperties": false
}
},
"properties": {
"id": {
"$ref": "#/$defs/id"
},
"role": {
"$ref": "#/$defs/role"
},
"schemaVersion": {
"$ref": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point-1-0-1.schema.json#/$defs/schemaVersion"
},
"timestamp": {
"$ref": "#/$defs/timestamp"
},
"selections": {
"description" : "An array of Decision Points and their Values that were down-selected or evaluated ",
"title": "selections",
"type": "array",
"minItems": 1,
"items": {
"$ref": "#/$defs/SsvcdecisionpointselectionSchema"
}
}
},
"type": "object",
"required": [
"selections",
"id",
"timestamp",
"schemaVersion"
],
"additionalProperties": false
}