From 1c0e3c9cec49e77453f7cf6a551ff5630994a315 Mon Sep 17 00:00:00 2001 From: ccoffin Date: Wed, 8 May 2024 13:34:43 -0500 Subject: [PATCH] copied 5.0 schema files from master branch to the 5.1.0 archive --- ...1_schema.json => CVE_JSON_5.0_schema.json} | 93 +- ...bundled.json => CVE_JSON_5.0_bundled.json} | 689 +---- .../v5.0/docs/CVE_JSON_adpContainer.json | 2560 ----------------- .../docs/CVE_JSON_cnaPublishedContainer.json | 2560 ----------------- .../docs/CVE_JSON_cnaRejectedContainer.json | 2560 ----------------- .../docs/cnaContainer-advanced-example.json | 17 +- .../v5.0/docs/cnaContainer-basic-example.json | 3 - .../docs/cnaContainer-rejected-example.json | 14 - .../docs/full-record-advanced-example.json | 608 ++-- .../v5.0/docs/full-record-basic-example.json | 100 +- schema/archive/v5.0/docs/index.html | 10 +- schema/archive/v5.0/docs/mindmap.html | 2 +- .../archive/v5.0/imports/cvss/cvss-v2.0.json | 3 +- .../archive/v5.0/imports/cvss/cvss-v3.0.json | 3 +- .../archive/v5.0/imports/cvss/cvss-v3.1.json | 3 +- .../archive/v5.0/imports/cvss/cvss-v4.0.json | 400 --- .../v5.0/support/Node_Validator/build.js | 2 +- .../Node_Validator/dist/cve5validator.js | 2 +- schema/archive/v5.0/support/docs/docs.sh | 4 +- .../v5.0/support/qualityReport/README.md | 8 - .../v5.0/support/qualityReport/report.js | 306 -- .../support/schema2markmap/schema-bundle.js | 53 +- schema/archive/v5.0/support/tests/README.md | 13 - 23 files changed, 447 insertions(+), 9566 deletions(-) rename schema/archive/v5.0/{CVE_JSON_5.1_schema.json => CVE_JSON_5.0_schema.json} (94%) rename schema/archive/v5.0/docs/{CVE_JSON_bundled.json => CVE_JSON_5.0_bundled.json} (76%) delete mode 100644 schema/archive/v5.0/docs/CVE_JSON_adpContainer.json delete mode 100644 schema/archive/v5.0/docs/CVE_JSON_cnaPublishedContainer.json delete mode 100644 schema/archive/v5.0/docs/CVE_JSON_cnaRejectedContainer.json delete mode 100644 schema/archive/v5.0/docs/cnaContainer-rejected-example.json delete mode 100644 schema/archive/v5.0/imports/cvss/cvss-v4.0.json delete mode 100644 schema/archive/v5.0/support/qualityReport/README.md delete mode 100644 schema/archive/v5.0/support/qualityReport/report.js delete mode 100644 schema/archive/v5.0/support/tests/README.md diff --git a/schema/archive/v5.0/CVE_JSON_5.1_schema.json b/schema/archive/v5.0/CVE_JSON_5.0_schema.json similarity index 94% rename from schema/archive/v5.0/CVE_JSON_5.1_schema.json rename to schema/archive/v5.0/CVE_JSON_5.0_schema.json index c831772dce7..5b520bcf5eb 100644 --- a/schema/archive/v5.0/CVE_JSON_5.1_schema.json +++ b/schema/archive/v5.0/CVE_JSON_5.0_schema.json @@ -1,6 +1,7 @@ { "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_bundled.json", + "$id": "https://cve.org/cve/record/v5_00/", + "type": "object", "title": "CVE JSON record format", "description": "cve-schema specifies the CVE JSON record format. This is the blueprint for a rich set of JSON data that can be submitted by CVE Numbering Authorities (CNAs) and Authorized Data Publishers (ADPs) to describe a CVE Record. Some examples of CVE Record data include CVE ID number, affected product(s), affected version(s), and public references. While those specific items are required when assigning a CVE, there are many other optional data in the schema that can be used to enrich CVE Records for community benefit. Learn more about the CVE program at [the official website](https://cve.mitre.org). This CVE JSON record format is defined using JSON Schema. Learn more about JSON Schema [here](https://json-schema.org/).", "definitions": { @@ -46,8 +47,7 @@ ] } } - }, - "additionalProperties": false + } }, "cveId": { "type": "string", @@ -76,7 +76,7 @@ "timestamp": { "type": "string", "format": "date-time", - "description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM'. If timezone offset is not given, GMT (+00:00) is assumed.", + "description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ssZZZZ'. If timezone offset is not given, GMT (0000) is assumed.", "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$" }, "version": { @@ -247,8 +247,7 @@ "minLength": 1, "maxLength": 4096 } - }, - "additionalProperties": false + } } }, "platforms": { @@ -286,13 +285,10 @@ }, { "required": ["version", "status", "versionType"], - "maxProperties": 3 - }, - { - "required": ["version", "status", "versionType", "lessThan"] - }, - { - "required": ["version", "status", "versionType", "lessThanOrEqual"] + "oneOf": [ + {"required": ["lessThan"]}, + {"required": ["lessThanOrEqual"]} + ] } ], "properties": { @@ -335,7 +331,6 @@ "type": "object", "description": "The start of a single status change during the range.", "required": ["at", "status"], - "additionalProperties": false, "properties": { "at": { "description": "The version at which a status change occurs.", @@ -348,8 +343,7 @@ } } } - }, - "additionalProperties": false + } } } } @@ -362,10 +356,9 @@ ] }, "dataVersion": { - "description": "The version of the CVE schema used for validating this record. Used to support multiple versions of this format.", + "description": "The version of the schema being used. Used to support multiple versions of this format.", "type": "string", - "pattern": "^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$", - "default": "5.1.0" + "enum": ["5.0"] }, "cveMetadataPublished": { "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", @@ -485,8 +478,7 @@ "description": "Timestamp to be set by the system of record at time of submission. If dateUpdated is provided to the system of record it will be replaced by the current timestamp at the time of submission." } }, - "required": ["orgId"], - "additionalProperties": false + "required": ["orgId"] }, "cnaPublishedContainer": { "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a published CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA. The CNA container must include the required information defined in the CVE Rules, which includes a product, version, problem type, prose description, and a reference.", @@ -564,7 +556,6 @@ "patternProperties": { "^x_[^.]*$": {} }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", "additionalProperties": false }, "cnaRejectedContainer": { @@ -595,7 +586,6 @@ "patternProperties": { "^x_[^.]*$": {} }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", "additionalProperties": false }, "adpContainer": { @@ -668,7 +658,6 @@ "patternProperties": { "^x_[^.]*$": {} }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", "additionalProperties": false }, "affected": { @@ -727,8 +716,7 @@ "required": [ "type", "value" - ], - "additionalProperties": false + ] } } }, @@ -742,8 +730,7 @@ "type": "object", "description": "A description with lang set to an English language (en, en_US, en_UK, and so on).", "properties": {"lang": {"$ref": "#/definitions/englishLanguage"}}, - "required": ["lang"], - "$comment": "Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description." + "required": ["lang"] }, "descriptions": { "type": "array", @@ -794,14 +781,12 @@ "maxLength": 128 }, "references": {"$ref": "#/definitions/references"} - }, - "additionalProperties": false + } }, "minItems": 1, "uniqueItems": true } - }, - "additionalProperties": false + } }, "minItems": 1, "uniqueItems": true @@ -835,8 +820,7 @@ "description": "Prose description of the impact scenario. At a minimum provide the description given by CAPEC.", "$ref": "#/definitions/descriptions" } - }, - "additionalProperties": false + } } }, "metrics": { @@ -846,11 +830,8 @@ "uniqueItems": true, "items": { "type": "object", - "description": "This is impact type information (e.g. a text description, CVSSv2, CVSSv3, CVSSV4, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.", + "description": "This is impact type information (e.g. a text description, CVSSv2, CVSSv3, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.", "anyOf": [ - { - "required": ["cvssV4_0"] - }, { "required": ["cvssV3_1"] }, @@ -891,11 +872,9 @@ "required": [ "lang", "value" - ], - "additionalProperties": false + ] } }, - "cvssV4_0": {"$ref": "file:imports/cvss/cvss-v4.0.json"}, "cvssV3_1": {"$ref": "file:imports/cvss/cvss-v3.1.json"}, "cvssV3_0": {"$ref": "file:imports/cvss/cvss-v3.0.json"}, "cvssV2_0": {"$ref": "file:imports/cvss/cvss-v2.0.json"}, @@ -915,15 +894,12 @@ }, "content": { "type": "object", - "$comment": "additionalProperties are allowed here, since this construct supports arbitrary JSON.", "description": "JSON object not covered by another metrics format.", "minProperties": 1 } - }, - "additionalProperties": false + } } - }, - "additionalProperties": false + } } }, "configurations": { @@ -976,7 +952,7 @@ ], "properties": { "time": { - "description": "Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM - if the timezone offset is not given, GMT (+00:00) is assumed.", + "description": "Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ssZZZZ - if the timezone offset is not given, GMT (0000) is assumed.", "$ref": "#/definitions/timestamp" }, "lang": { @@ -989,8 +965,7 @@ "minLength": 1, "maxLength": 4096 } - }, - "additionalProperties": false + } } }, "credits": { @@ -1032,7 +1007,6 @@ ] } }, - "additionalProperties": false, "required": [ "lang", "value" @@ -1062,7 +1036,7 @@ "uniqueItems": true, "items": { "type": "object", - "description": "A taxonomy mapping object identifies the taxonomy by a name and version (eg., ATT&CK v13.1, CVSS 3.1, CWE 4.12) along with a list of relations relevant to this CVE.", + "description": "", "required": [ "taxonomyName", "taxonomyRelations" @@ -1070,7 +1044,7 @@ "properties": { "taxonomyName": { "type": "string", - "description": "The name of the taxonomy, eg., ATT&CK, D3FEND, CWE, CVSS", + "description": "The name of the taxonomy.", "minLength": 1, "maxLength": 128 }, @@ -1082,12 +1056,12 @@ }, "taxonomyRelations": { "type": "array", - "description": "List of relationships to the taxonomy for the vulnerability.", + "description": "", "minItems": 1, "uniqueItems": true, "items": { "type": "object", - "description": "A relationship between the taxonomy and the CVE or two taxonomy items.", + "description": "List of relationships to the taxonomy for the vulnerability. Relationships can be between the taxonomy and the CVE or two taxonomy items.", "required": [ "taxonomyId", "relationshipName", @@ -1112,20 +1086,17 @@ "minLength": 1, "maxLength": 2048 } - }, - "additionalProperties": false + } } } - }, - "additionalProperties": false + } } }, "tagExtension": { "type": "string", "minLength": 2, "maxLength": 128, - "pattern": "^x_.*$", - "$comment": "These values are not used as JSON property names, so there is not a need to work-around property naming limitations in some common implementations." + "pattern": "^x_.*$" }, "cnaTags": { "type": "array", @@ -1164,7 +1135,6 @@ { "title": "Published", "description": "When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published.", - "type": "object", "properties": { "dataType": { "$ref": "#/definitions/dataType" @@ -1202,7 +1172,6 @@ { "title": "Rejected", "description": "If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.", - "type": "object", "properties": { "dataType": { "$ref": "#/definitions/dataType" diff --git a/schema/archive/v5.0/docs/CVE_JSON_bundled.json b/schema/archive/v5.0/docs/CVE_JSON_5.0_bundled.json similarity index 76% rename from schema/archive/v5.0/docs/CVE_JSON_bundled.json rename to schema/archive/v5.0/docs/CVE_JSON_5.0_bundled.json index 22d3677ec80..4cf417a3ece 100644 --- a/schema/archive/v5.0/docs/CVE_JSON_bundled.json +++ b/schema/archive/v5.0/docs/CVE_JSON_5.0_bundled.json @@ -1,6 +1,7 @@ { "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_bundled.json", + "$id": "https://cve.org/cve/record/v5_00/", + "type": "object", "title": "CVE JSON record format", "description": "cve-schema specifies the CVE JSON record format. This is the blueprint for a rich set of JSON data that can be submitted by CVE Numbering Authorities (CNAs) and Authorized Data Publishers (ADPs) to describe a CVE Record. Some examples of CVE Record data include CVE ID number, affected product(s), affected version(s), and public references. While those specific items are required when assigning a CVE, there are many other optional data in the schema that can be used to enrich CVE Records for community benefit. Learn more about the CVE program at [the official website](https://cve.mitre.org). This CVE JSON record format is defined using JSON Schema. Learn more about JSON Schema [here](https://json-schema.org/).", "definitions": { @@ -72,8 +73,7 @@ ] } } - }, - "additionalProperties": false + } }, "cveId": { "type": "string", @@ -102,7 +102,7 @@ "timestamp": { "type": "string", "format": "date-time", - "description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM'. If timezone offset is not given, GMT (+00:00) is assumed.", + "description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ssZZZZ'. If timezone offset is not given, GMT (0000) is assumed.", "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$" }, "version": { @@ -295,8 +295,7 @@ "minLength": 1, "maxLength": 4096 } - }, - "additionalProperties": false + } } }, "platforms": { @@ -354,22 +353,17 @@ "status", "versionType" ], - "maxProperties": 3 - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThan" - ] - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThanOrEqual" + "oneOf": [ + { + "required": [ + "lessThan" + ] + }, + { + "required": [ + "lessThanOrEqual" + ] + } ] } ], @@ -416,7 +410,6 @@ "at", "status" ], - "additionalProperties": false, "properties": { "at": { "description": "The version at which a status change occurs.", @@ -429,8 +422,7 @@ } } } - }, - "additionalProperties": false + } } } } @@ -443,10 +435,11 @@ ] }, "dataVersion": { - "description": "The version of the CVE schema used for validating this record. Used to support multiple versions of this format.", + "description": "The version of the schema being used. Used to support multiple versions of this format.", "type": "string", - "pattern": "^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$", - "default": "5.1.0" + "enum": [ + "5.0" + ] }, "cveMetadataPublished": { "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", @@ -571,8 +564,7 @@ }, "required": [ "orgId" - ], - "additionalProperties": false + ] }, "cnaPublishedContainer": { "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a published CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA. The CNA container must include the required information defined in the CVE Rules, which includes a product, version, problem type, prose description, and a reference.", @@ -650,7 +642,6 @@ "patternProperties": { "^x_[^.]*$": {} }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", "additionalProperties": false }, "cnaRejectedContainer": { @@ -681,7 +672,6 @@ "patternProperties": { "^x_[^.]*$": {} }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", "additionalProperties": false }, "adpContainer": { @@ -754,7 +744,6 @@ "patternProperties": { "^x_[^.]*$": {} }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", "additionalProperties": false }, "affected": { @@ -817,8 +806,7 @@ "required": [ "type", "value" - ], - "additionalProperties": false + ] } } }, @@ -838,8 +826,7 @@ }, "required": [ "lang" - ], - "$comment": "Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description." + ] }, "descriptions": { "type": "array", @@ -896,14 +883,12 @@ "references": { "$ref": "#/definitions/references" } - }, - "additionalProperties": false + } }, "minItems": 1, "uniqueItems": true } - }, - "additionalProperties": false + } }, "minItems": 1, "uniqueItems": true @@ -941,8 +926,7 @@ "description": "Prose description of the impact scenario. At a minimum provide the description given by CAPEC.", "$ref": "#/definitions/descriptions" } - }, - "additionalProperties": false + } } }, "metrics": { @@ -952,13 +936,8 @@ "uniqueItems": true, "items": { "type": "object", - "description": "This is impact type information (e.g. a text description, CVSSv2, CVSSv3, CVSSV4, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.", + "description": "This is impact type information (e.g. a text description, CVSSv2, CVSSv3, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.", "anyOf": [ - { - "required": [ - "cvssV4_0" - ] - }, { "required": [ "cvssV3_1" @@ -1009,576 +988,9 @@ "required": [ "lang", "value" - ], - "additionalProperties": false + ] } }, - "cvssV4_0": { - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 4.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT" - ] - }, - "modifiedAttackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedVulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "subCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedSubCType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "modifiedSubIaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "SAFETY", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "exploitMaturityType": { - "type": "string", - "enum": [ - "UNREPORTED", - "PROOF_OF_CONCEPT", - "ATTACKED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "safetyType": { - "type": "string", - "enum": [ - "NEGLIGIBLE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "automatableType": { - "type": "string", - "enum": [ - "NO", - "YES", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "recoveryType": { - "type": "string", - "enum": [ - "AUTOMATIC", - "USER", - "IRRECOVERABLE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "valueDensityType": { - "type": "string", - "enum": [ - "DIFFUSE", - "CONCENTRATED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnerabilityResponseEffortType": { - "type": "string", - "enum": [ - "LOW", - "MODERATE", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "providerUrgencyType": { - "type": "string", - "enum": [ - "CLEAR", - "GREEN", - "AMBER", - "RED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10, - "multipleOf": 0.1 - }, - "noneScoreType": { - "type": "number", - "minimum": 0, - "maximum": 0 - }, - "lowScoreType": { - "type": "number", - "minimum": 0.1, - "maximum": 3.9, - "multipleOf": 0.1 - }, - "mediumScoreType": { - "type": "number", - "minimum": 4, - "maximum": 6.9, - "multipleOf": 0.1 - }, - "highScoreType": { - "type": "number", - "minimum": 7, - "maximum": 8.9, - "multipleOf": 0.1 - }, - "criticalScoreType": { - "type": "number", - "minimum": 9, - "maximum": 10, - "multipleOf": 0.1 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - }, - "noneSeverityType": { - "const": "NONE" - }, - "lowSeverityType": { - "const": "LOW" - }, - "mediumSeverityType": { - "const": "MEDIUM" - }, - "highSeverityType": { - "const": "HIGH" - }, - "criticalSeverityType": { - "const": "CRITICAL" - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "4.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType" - }, - "attackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType" - }, - "vulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "subConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "exploitMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType" - }, - "modifiedAttackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType" - }, - "modifiedVulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedSubConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType" - }, - "modifiedSubIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "modifiedSubAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "Safety": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType" - }, - "Automatable": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType" - }, - "Recovery": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType" - }, - "valueDensity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType" - }, - "vulnerabilityResponseEffort": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType" - }, - "providerUrgency": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType" - } - }, - "allOf": [ - { - "anyOf": [ - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - } - ], - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, "cvssV3_1": { "$schema": "http://json-schema.org/draft-07/schema#", "title": "JSON Schema for Common Vulnerability Scoring System version 3.1", @@ -1838,8 +1250,7 @@ "vectorString", "baseScore", "baseSeverity" - ], - "additionalProperties": false + ] }, "cvssV3_0": { "$schema": "http://json-schema.org/draft-04/schema#", @@ -2100,8 +1511,7 @@ "vectorString", "baseScore", "baseSeverity" - ], - "additionalProperties": false + ] }, "cvssV2_0": { "$schema": "http://json-schema.org/draft-04/schema#", @@ -2273,8 +1683,7 @@ "version", "vectorString", "baseScore" - ], - "additionalProperties": false + ] }, "other": { "type": "object", @@ -2292,15 +1701,12 @@ }, "content": { "type": "object", - "$comment": "additionalProperties are allowed here, since this construct supports arbitrary JSON.", "description": "JSON object not covered by another metrics format.", "minProperties": 1 } - }, - "additionalProperties": false + } } - }, - "additionalProperties": false + } } }, "configurations": { @@ -2353,7 +1759,7 @@ ], "properties": { "time": { - "description": "Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM - if the timezone offset is not given, GMT (+00:00) is assumed.", + "description": "Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ssZZZZ - if the timezone offset is not given, GMT (0000) is assumed.", "$ref": "#/definitions/timestamp" }, "lang": { @@ -2366,8 +1772,7 @@ "minLength": 1, "maxLength": 4096 } - }, - "additionalProperties": false + } } }, "credits": { @@ -2409,7 +1814,6 @@ ] } }, - "additionalProperties": false, "required": [ "lang", "value" @@ -2439,7 +1843,7 @@ "uniqueItems": true, "items": { "type": "object", - "description": "A taxonomy mapping object identifies the taxonomy by a name and version (eg., ATT&CK v13.1, CVSS 3.1, CWE 4.12) along with a list of relations relevant to this CVE.", + "description": "", "required": [ "taxonomyName", "taxonomyRelations" @@ -2447,7 +1851,7 @@ "properties": { "taxonomyName": { "type": "string", - "description": "The name of the taxonomy, eg., ATT&CK, D3FEND, CWE, CVSS", + "description": "The name of the taxonomy.", "minLength": 1, "maxLength": 128 }, @@ -2459,12 +1863,12 @@ }, "taxonomyRelations": { "type": "array", - "description": "List of relationships to the taxonomy for the vulnerability.", + "description": "", "minItems": 1, "uniqueItems": true, "items": { "type": "object", - "description": "A relationship between the taxonomy and the CVE or two taxonomy items.", + "description": "List of relationships to the taxonomy for the vulnerability. Relationships can be between the taxonomy and the CVE or two taxonomy items.", "required": [ "taxonomyId", "relationshipName", @@ -2489,20 +1893,17 @@ "minLength": 1, "maxLength": 2048 } - }, - "additionalProperties": false + } } } - }, - "additionalProperties": false + } } }, "tagExtension": { "type": "string", "minLength": 2, "maxLength": 128, - "pattern": "^x_.*$", - "$comment": "These values are not used as JSON property names, so there is not a need to work-around property naming limitations in some common implementations." + "pattern": "^x_.*$" }, "cnaTags": { "type": "array", @@ -2555,7 +1956,6 @@ { "title": "Published", "description": "When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published.", - "type": "object", "properties": { "dataType": { "$ref": "#/definitions/dataType" @@ -2599,7 +1999,6 @@ { "title": "Rejected", "description": "If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.", - "type": "object", "properties": { "dataType": { "$ref": "#/definitions/dataType" @@ -2633,4 +2032,4 @@ "additionalProperties": false } ] -} \ No newline at end of file +} diff --git a/schema/archive/v5.0/docs/CVE_JSON_adpContainer.json b/schema/archive/v5.0/docs/CVE_JSON_adpContainer.json deleted file mode 100644 index 02aaa11a960..00000000000 --- a/schema/archive/v5.0/docs/CVE_JSON_adpContainer.json +++ /dev/null @@ -1,2560 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_adpContainer.json", - "title": "CVE JSON adpContainer sub schema", - "description": "CVE JSON adpContainer format", - "definitions": { - "uriType": { - "description": "A universal resource identifier (URI), according to [RFC 3986](https://tools.ietf.org/html/rfc3986).", - "type": "string", - "format": "uri", - "minLength": 1, - "maxLength": 2048 - }, - "uuidType": { - "description": "A version 4 (random) universally unique identifier (UUID) as defined by [RFC 4122](https://tools.ietf.org/html/rfc4122#section-4.1.3).", - "type": "string", - "pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" - }, - "reference": { - "type": "object", - "required": [ - "url" - ], - "properties": { - "url": { - "description": "The uniform resource locator (URL), according to [RFC 3986](https://tools.ietf.org/html/rfc3986#section-1.1.3), that can be used to retrieve the referenced resource.", - "$ref": "#/definitions/uriType" - }, - "name": { - "description": "User created name for the reference, often the title of the page.", - "type": "string", - "maxLength": 512, - "minLength": 1 - }, - "tags": { - "description": "An array of one or more tags that describe the resource referenced by 'url'.", - "type": "array", - "minItems": 1, - "uniqueItems": true, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/reference/", - "type": "string", - "description": "broken-link: The reference link is returning a 404 error, or the site is no longer online.\n\ncustomer-entitlement: Similar to Privileges Required, but specific to references that require non-public/paid access for customers of the particular vendor.\n\nexploit: Reference contains an in-depth/detailed description of steps to exploit a vulnerability OR the reference contains any legitimate Proof of Concept (PoC) code or exploit kit.\n\ngovernment-resource: All reference links that are from a government agency or organization should be given the Government Resource tag.\n\nissue-tracking: The reference is a post from a bug tracking tool such as MantisBT, Bugzilla, JIRA, Github Issues, etc...\n\nmailing-list: The reference is from a mailing list -- often specific to a product or vendor.\n\nmitigation: The reference contains information on steps to mitigate against the vulnerability in the event a patch can't be applied or is unavailable or for EOL product situations.\n\nnot-applicable: The reference link is not applicable to the vulnerability and was likely associated by MITRE accidentally (should be used sparingly).\n\npatch: The reference contains an update to the software that fixes the vulnerability.\n\npermissions-required: The reference link provided is blocked by a logon page. If credentials are required to see any information this tag must be applied.\n\nmedia-coverage: The reference is from a media outlet such as a newspaper, magazine, social media, or weblog. This tag is not intended to apply to any individual's personal social media account. It is strictly intended for public media entities.\n\nproduct: A reference appropriate for describing a product for the purpose of CPE or SWID.\n\nrelated: A reference that is for a related (but not the same) vulnerability.\n\nrelease-notes: The reference is in the format of a vendor or open source project's release notes or change log.\n\nsignature: The reference contains a method to detect or prevent the presence or exploitation of the vulnerability.\n\ntechnical-description: The reference contains in-depth technical information about a vulnerability and its exploitation process, typically in the form of a presentation or whitepaper.\n\nthird-party-advisory: Advisory is from an organization that is not the vulnerable product's vendor/publisher/maintainer.\n\nvendor-advisory: Advisory is from the vendor/publisher/maintainer of the product or the parent organization.\n\nvdb-entry: VDBs are loosely defined as sites that provide information about this vulnerability, such as advisories, with identifiers. Included VDBs are free to access, substantially public, and have broad scope and coverage (not limited to a single vendor or research organization). See: https://www.first.org/global/sigs/vrdx/vdb-catalog", - "enum": [ - "broken-link", - "customer-entitlement", - "exploit", - "government-resource", - "issue-tracking", - "mailing-list", - "mitigation", - "not-applicable", - "patch", - "permissions-required", - "media-coverage", - "product", - "related", - "release-notes", - "signature", - "technical-description", - "third-party-advisory", - "vendor-advisory", - "vdb-entry" - ] - } - ] - } - } - }, - "additionalProperties": false - }, - "cveId": { - "type": "string", - "pattern": "^CVE-[0-9]{4}-[0-9]{4,19}$" - }, - "orgId": { - "description": "A UUID for an organization participating in the CVE program. This UUID can be used to lookup the organization record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "userId": { - "description": "A UUID for a user participating in the CVE program. This UUID can be used to lookup the user record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "shortName": { - "description": "A 2-32 character name that can be used to complement an organization's UUID.", - "type": "string", - "minLength": 2, - "maxLength": 32 - }, - "datestamp": { - "description": "Date/time format based on RFC3339 and ISO ISO8601.", - "type": "string", - "format": "date", - "pattern": "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))$" - }, - "timestamp": { - "type": "string", - "format": "date-time", - "description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM'. If timezone offset is not given, GMT (+00:00) is assumed.", - "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$" - }, - "version": { - "description": "A single version of a product, as expressed in its own version numbering scheme.", - "type": "string", - "minLength": 1, - "maxLength": 1024 - }, - "status": { - "description": "The vulnerability status of a given version or range of versions of a product. The statuses 'affected' and 'unaffected' indicate that the version is affected or unaffected by the vulnerability. The status 'unknown' indicates that it is unknown or unspecified whether the given version is affected. There can be many reasons for an 'unknown' status, including that an investigation has not been undertaken or that a vendor has not disclosed the status.", - "type": "string", - "enum": [ - "affected", - "unaffected", - "unknown" - ] - }, - "product": { - "type": "object", - "description": "Provides information about the set of products and services affected by this vulnerability.", - "allOf": [ - { - "anyOf": [ - { - "required": [ - "vendor", - "product" - ] - }, - { - "required": [ - "collectionURL", - "packageName" - ] - } - ] - }, - { - "anyOf": [ - { - "required": [ - "versions" - ] - }, - { - "required": [ - "defaultStatus" - ] - } - ] - } - ], - "properties": { - "vendor": { - "type": "string", - "description": "Name of the organization, project, community, individual, or user that created or maintains this product or hosted service. Can be 'N/A' if none of those apply. When collectionURL and packageName are used, this field may optionally represent the user or account within the package collection associated with the package.", - "minLength": 1, - "maxLength": 512 - }, - "product": { - "type": "string", - "description": "Name of the affected product.", - "minLength": 1, - "maxLength": 2048 - }, - "collectionURL": { - "description": "URL identifying a package collection (determines the meaning of packageName).", - "$ref": "#/definitions/uriType", - "examples": [ - "https://access.redhat.com/downloads/content/package-browser", - "https://addons.mozilla.org", - "https://addons.thunderbird.net", - "https://anaconda.org/anaconda/repo", - "https://app.vagrantup.com/boxes/search", - "https://apps.apple.com", - "https://archlinux.org/packages", - "https://atmospherejs.meteor.com", - "https://atom.io/packages", - "https://bitbucket.org", - "https://bower.io", - "https://brew.sh/", - "https://chocolatey.org/packages", - "https://chrome.google.com/webstore", - "https://clojars.org", - "https://cocoapods.org", - "https://code.dlang.org", - "https://conan.io/center", - "https://cpan.org/modules", - "https://cran.r-project.org", - "https://crates.io", - "https://ctan.org/pkg", - "https://drupal.org", - "https://exchange.adobe.com", - "https://forge.puppet.com/modules", - "https://github.com", - "https://gitlab.com/explore", - "https://golang.org/pkg", - "https://guix.gnu.org/packages", - "https://hackage.haskell.org", - "https://helm.sh", - "https://hub.docker.com", - "https://juliahub.com", - "https://lib.haxe.org", - "https://luarocks.org", - "https://marketplace.visualstudio.com", - "https://melpa.org", - "https://microsoft.com/en-us/store/apps", - "https://nimble.directory", - "https://nuget.org/packages", - "https://opam.ocaml.org/packages", - "https://openwrt.org/packages/index", - "https://package.elm-lang.org", - "https://packagecontrol.io", - "https://packages.debian.org", - "https://packages.gentoo.org", - "https://packagist.org", - "https://pear.php.net/packages.php", - "https://pecl.php.net", - "https://platformio.org/lib", - "https://play.google.com/store", - "https://plugins.gradle.org", - "https://projects.eclipse.org", - "https://pub.dev", - "https://pypi.python.org", - "https://registry.npmjs.org", - "https://registry.terraform.io", - "https://repo.hex.pm", - "https://repo.maven.apache.org/maven2", - "https://rubygems.org", - "https://search.nixos.org/packages", - "https://sourceforge.net", - "https://wordpress.org/plugins" - ] - }, - "packageName": { - "type": "string", - "description": "Name or identifier of the affected software package as used in the package collection.", - "minLength": 1, - "maxLength": 2048 - }, - "cpes": { - "type": "array", - "description": "Affected products defined by CPE. This is an array of CPE values (vulnerable and not), we use an array so that we can make multiple statements about the same version and they are separate (if we used a JSON object we'd essentially be keying on the CPE name and they would have to overlap). Also, this allows things like cveDataVersion or cveDescription to be applied directly to the product entry. This also allows more complex statements such as \"Product X between versions 10.2 and 10.8\" to be put in a machine-readable format. As well since multiple statements can be used multiple branches of the same product can be defined here.", - "uniqueItems": true, - "items": { - "title": "CPE Name", - "type": "string", - "description": "Common Platform Enumeration (CPE) Name in either 2.2 or 2.3 format", - "pattern": "([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})", - "minLength": 1, - "maxLength": 2048 - } - }, - "modules": { - "type": "array", - "description": "A list of the affected components, features, modules, sub-components, sub-products, APIs, commands, utilities, programs, or functionalities (optional).", - "uniqueItems": true, - "items": { - "type": "string", - "description": "Name of the affected component, feature, module, sub-component, sub-product, API, command, utility, program, or functionality (optional).", - "minLength": 1, - "maxLength": 4096 - } - }, - "programFiles": { - "type": "array", - "description": "A list of the affected source code files (optional).", - "uniqueItems": true, - "items": { - "description": "Name or path or location of the affected source code file.", - "type": "string", - "minLength": 1, - "maxLength": 1024 - } - }, - "programRoutines": { - "type": "array", - "description": "A list of the affected source code functions, methods, subroutines, or procedures (optional).", - "uniqueItems": true, - "items": { - "type": "object", - "description": "An object describing program routine.", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "description": "Name of the affected source code file, function, method, subroutine, or procedure.", - "minLength": 1, - "maxLength": 4096 - } - }, - "additionalProperties": false - } - }, - "platforms": { - "title": "Platforms", - "description": "List of specific platforms if the vulnerability is only relevant in the context of these platforms (optional). Platforms may include execution environments, operating systems, virtualization technologies, hardware models, or computing architectures. The lack of this field or an empty array implies that the other fields are applicable to all relevant platforms.", - "type": "array", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "string", - "examples": [ - "iOS", - "Android", - "Windows", - "macOS", - "x86", - "ARM", - "64 bit", - "Big Endian", - "iPad", - "Chromebook", - "Docker", - "Model T" - ], - "maxLength": 1024 - } - }, - "repo": { - "description": "The URL of the source code repository, for informational purposes and/or to resolve git hash version ranges.", - "$ref": "#/definitions/uriType" - }, - "defaultStatus": { - "description": "The default status for versions that are not otherwise listed in the versions list. If not specified, defaultStatus defaults to 'unknown'. Versions or defaultStatus may be omitted, but not both.", - "$ref": "#/definitions/status" - }, - "versions": { - "type": "array", - "description": "Set of product versions or version ranges related to the vulnerability. The versions satisfy the CNA Rules [8.1.2 requirement](https://cve.mitre.org/cve/cna/rules.html#section_8-1_cve_entry_information_requirements). Versions or defaultStatus may be omitted, but not both.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A single version or a range of versions, with vulnerability status.\n\nAn entry with only 'version' and 'status' indicates the status of a single version.\n\nOtherwise, an entry describes a range; it must include the 'versionType' property, to define the version numbering semantics in use, and 'limit', to indicate the non-inclusive upper limit of the range. The object describes the status for versions V such that 'version' <= V and V < 'limit', using the <= and < semantics defined for the specific kind of 'versionType'. Status changes within the range can be specified by an optional 'changes' list.\n\nThe algorithm to decide the status specified for a version V is:\n\n\tfor entry in product.versions {\n\t\tif entry.lessThan is not present and entry.lessThanOrEqual is not present and v == entry.version {\n\t\t\treturn entry.status\n\t\t}\n\t\tif (entry.lessThan is present and entry.version <= v and v < entry.lessThan) or\n\t\t (entry.lessThanOrEqual is present and entry.version <= v and v <= entry.lessThanOrEqual) { // <= and < defined by entry.versionType\n\t\t\tstatus = entry.status\n\t\t\tfor change in entry.changes {\n\t\t\t\tif change.at <= v {\n\t\t\t\t\tstatus = change.status\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn status\n\t\t}\n\t}\n\treturn product.defaultStatus\n\n.", - "oneOf": [ - { - "required": [ - "version", - "status" - ], - "maxProperties": 2 - }, - { - "required": [ - "version", - "status", - "versionType" - ], - "maxProperties": 3 - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThan" - ] - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThanOrEqual" - ] - } - ], - "properties": { - "version": { - "description": "The single version being described, or the version at the start of the range. By convention, typically 0 denotes the earliest possible version.", - "$ref": "#/definitions/version" - }, - "status": { - "description": "The vulnerability status for the version or range of versions. For a range, the status may be refined by the 'changes' list.", - "$ref": "#/definitions/status" - }, - "versionType": { - "type": "string", - "description": "The version numbering system used for specifying the range. This defines the exact semantics of the comparison (less-than) operation on versions, which is required to understand the range itself. 'Custom' indicates that the version type is unspecified and should be avoided whenever possible. It is included primarily for use in conversion of older data files.", - "minLength": 1, - "maxLength": 128, - "examples": [ - "custom", - "git", - "maven", - "python", - "rpm", - "semver" - ] - }, - "lessThan": { - "description": "The non-inclusive upper limit of the range. This is the least version NOT in the range. The usual version syntax is expanded to allow a pattern to end in an asterisk `(*)`, indicating an arbitrarily large number in the version ordering. For example, `{version: 1.0 lessThan: 1.*}` would describe the entire 1.X branch for most range kinds, and `{version: 2.0, lessThan: *}` describes all versions starting at 2.0, including 3.0, 5.1, and so on. Only one of lessThan and lessThanOrEqual should be specified.", - "$ref": "#/definitions/version" - }, - "lessThanOrEqual": { - "description": "The inclusive upper limit of the range. This is the greatest version contained in the range. Only one of lessThan and lessThanOrEqual should be specified. For example, `{version: 1.0, lessThanOrEqual: 1.3}` covers all versions from 1.0 up to and including 1.3.", - "$ref": "#/definitions/version" - }, - "changes": { - "type": "array", - "description": "A list of status changes that take place during the range. The array should be sorted in increasing order by the 'at' field, according to the versionType, but clients must re-sort the list themselves rather than assume it is sorted.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "The start of a single status change during the range.", - "required": [ - "at", - "status" - ], - "additionalProperties": false, - "properties": { - "at": { - "description": "The version at which a status change occurs.", - "$ref": "#/definitions/version" - }, - "status": { - "description": "The new status in the range starting at the given version.", - "$ref": "#/definitions/status" - } - } - } - } - }, - "additionalProperties": false - } - } - } - }, - "dataType": { - "description": "Indicates the type of information represented in the JSON instance.", - "type": "string", - "enum": [ - "CVE_RECORD" - ] - }, - "dataVersion": { - "description": "The version of the CVE schema used for validating this record. Used to support multiple versions of this format.", - "type": "string", - "pattern": "^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$", - "default": "5.1.0" - }, - "cveMetadataPublished": { - "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", - "type": "object", - "required": [ - "cveId", - "assignerOrgId", - "state" - ], - "properties": { - "cveId": { - "description": "The CVE identifier that this record pertains to.", - "$ref": "#/definitions/cveId" - }, - "assignerOrgId": { - "$ref": "#/definitions/orgId", - "description": "The UUID for the organization to which the CVE ID was originally assigned. This UUID can be used to lookup the organization record in the user registry service." - }, - "assignerShortName": { - "$ref": "#/definitions/shortName", - "description": "The short name for the organization to which the CVE ID was originally assigned." - }, - "requesterUserId": { - "$ref": "#/definitions/userId", - "description": "The user that requested the CVE identifier." - }, - "dateUpdated": { - "description": "The date/time the record was last updated.", - "$ref": "#/definitions/timestamp" - }, - "serial": { - "type": "integer", - "minimum": 1, - "description": "The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition." - }, - "dateReserved": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE." - }, - "datePublished": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE Record was first published in the CVE List." - }, - "state": { - "description": "State of CVE - PUBLISHED, REJECTED.", - "type": "string", - "enum": [ - "PUBLISHED" - ] - } - }, - "additionalProperties": false - }, - "cveMetadataRejected": { - "type": "object", - "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", - "required": [ - "cveId", - "assignerOrgId", - "state" - ], - "properties": { - "cveId": { - "description": "The CVE identifier that this record pertains to.", - "$ref": "#/definitions/cveId" - }, - "assignerOrgId": { - "$ref": "#/definitions/orgId", - "description": "The UUID for the organization to which the CVE ID was originally assigned." - }, - "assignerShortName": { - "$ref": "#/definitions/shortName", - "description": "The short name for the organization to which the CVE ID was originally assigned." - }, - "serial": { - "type": "integer", - "minimum": 1, - "description": "The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition." - }, - "dateUpdated": { - "description": "The date/time the record was last updated.", - "$ref": "#/definitions/timestamp" - }, - "datePublished": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE Record was first published in the CVE List." - }, - "dateRejected": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE ID was rejected." - }, - "state": { - "type": "string", - "description": "State of CVE - PUBLISHED, REJECTED.", - "enum": [ - "REJECTED" - ] - }, - "dateReserved": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE." - } - }, - "additionalProperties": false - }, - "providerMetadata": { - "type": "object", - "description": "Details related to the information container provider (CNA or ADP).", - "properties": { - "orgId": { - "$ref": "#/definitions/orgId", - "description": "The container provider's organizational UUID." - }, - "shortName": { - "$ref": "#/definitions/shortName", - "description": "The container provider's organizational short name." - }, - "dateUpdated": { - "$ref": "#/definitions/timestamp", - "description": "Timestamp to be set by the system of record at time of submission. If dateUpdated is provided to the system of record it will be replaced by the current timestamp at the time of submission." - } - }, - "required": [ - "orgId" - ], - "additionalProperties": false - }, - "cnaPublishedContainer": { - "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a published CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA. The CNA container must include the required information defined in the CVE Rules, which includes a product, version, problem type, prose description, and a reference.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "dateAssigned": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was associated with a vulnerability by a CNA." - }, - "datePublic": { - "$ref": "#/definitions/timestamp", - "description": "If known, the date/time the vulnerability was disclosed publicly." - }, - "title": { - "type": "string", - "description": "A title, headline, or a brief phrase summarizing the CVE record. Eg., Buffer overflow in Example Soft.", - "minLength": 1, - "maxLength": 256 - }, - "descriptions": { - "$ref": "#/definitions/descriptions" - }, - "affected": { - "$ref": "#/definitions/affected" - }, - "problemTypes": { - "$ref": "#/definitions/problemTypes" - }, - "references": { - "$ref": "#/definitions/references" - }, - "impacts": { - "$ref": "#/definitions/impacts" - }, - "metrics": { - "$ref": "#/definitions/metrics" - }, - "configurations": { - "$ref": "#/definitions/configurations" - }, - "workarounds": { - "$ref": "#/definitions/workarounds" - }, - "solutions": { - "$ref": "#/definitions/solutions" - }, - "exploits": { - "$ref": "#/definitions/exploits" - }, - "timeline": { - "$ref": "#/definitions/timeline" - }, - "credits": { - "$ref": "#/definitions/credits" - }, - "source": { - "$ref": "#/definitions/source" - }, - "tags": { - "$ref": "#/definitions/cnaTags" - }, - "taxonomyMappings": { - "$ref": "#/definitions/taxonomyMappings" - } - }, - "required": [ - "providerMetadata", - "descriptions", - "affected", - "references" - ], - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "cnaRejectedContainer": { - "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a rejected CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "rejectedReasons": { - "description": "Reasons for rejecting this CVE Record.", - "$ref": "#/definitions/descriptions" - }, - "replacedBy": { - "type": "array", - "description": "Contains an array of CVE IDs that this CVE ID was rejected in favor of because this CVE ID was assigned to the vulnerabilities.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/cveId" - } - } - }, - "required": [ - "providerMetadata", - "rejectedReasons" - ], - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "adpContainer": { - "description": "An object containing the vulnerability information provided by an Authorized Data Publisher (ADP). Since multiple ADPs can provide information for a CVE ID, an ADP container must indicate which ADP is the source of the information in the object.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "datePublic": { - "$ref": "#/definitions/timestamp", - "description": "If known, the date/time the vulnerability was disclosed publicly." - }, - "title": { - "type": "string", - "description": "A title, headline, or a brief phrase summarizing the information in an ADP container.", - "minLength": 1, - "maxLength": 256 - }, - "descriptions": { - "$ref": "#/definitions/descriptions" - }, - "affected": { - "$ref": "#/definitions/affected" - }, - "problemTypes": { - "$ref": "#/definitions/problemTypes" - }, - "references": { - "$ref": "#/definitions/references" - }, - "impacts": { - "$ref": "#/definitions/impacts" - }, - "metrics": { - "$ref": "#/definitions/metrics" - }, - "configurations": { - "$ref": "#/definitions/configurations" - }, - "workarounds": { - "$ref": "#/definitions/workarounds" - }, - "solutions": { - "$ref": "#/definitions/solutions" - }, - "exploits": { - "$ref": "#/definitions/exploits" - }, - "timeline": { - "$ref": "#/definitions/timeline" - }, - "credits": { - "$ref": "#/definitions/credits" - }, - "source": { - "$ref": "#/definitions/source" - }, - "tags": { - "$ref": "#/definitions/adpTags" - }, - "taxonomyMappings": { - "$ref": "#/definitions/taxonomyMappings" - } - }, - "required": [ - "providerMetadata" - ], - "minProperties": 2, - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "affected": { - "type": "array", - "description": "List of affected products.", - "minItems": 1, - "items": { - "$ref": "#/definitions/product" - } - }, - "description": { - "type": "object", - "description": "Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.", - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "description": "Plain text description.", - "minLength": 1, - "maxLength": 4096 - }, - "supportingMedia": { - "type": "array", - "title": "Supporting media", - "description": "Supporting media data for the description such as markdown, diagrams, .. (optional). Similar to RFC 2397 each media object has three main parts: media type, media data value, and an optional boolean flag to indicate if the media data is base64 encoded.", - "uniqueItems": true, - "minItems": 1, - "items": { - "type": "object", - "properties": { - "type": { - "type": "string", - "title": "Media type", - "minLength": 1, - "maxLength": 256, - "description": "RFC2046 compliant IANA Media type for eg., text/markdown, text/html.", - "examples": [ - "text/markdown", - "text/html", - "image/png", - "image/svg", - "audio/mp3" - ] - }, - "base64": { - "type": "boolean", - "title": "Encoding", - "description": "If true then the value field contains the media data encoded in base64. If false then the value field contains the UTF-8 media content.", - "default": false - }, - "value": { - "type": "string", - "description": "Supporting media content, up to 16K. If base64 is true, this field stores base64 encoded data.", - "minLength": 1, - "maxLength": 16384 - } - }, - "required": [ - "type", - "value" - ], - "additionalProperties": false - } - } - }, - "required": [ - "lang", - "value" - ], - "additionalProperties": false - }, - "englishLanguageDescription": { - "type": "object", - "description": "A description with lang set to an English language (en, en_US, en_UK, and so on).", - "properties": { - "lang": { - "$ref": "#/definitions/englishLanguage" - } - }, - "required": [ - "lang" - ], - "$comment": "Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description." - }, - "descriptions": { - "type": "array", - "description": "A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - }, - "contains": { - "$ref": "#/definitions/englishLanguageDescription" - } - }, - "problemTypes": { - "type": "array", - "description": "This is problem type information (e.g. CWE identifier). Must contain: At least one entry, can be text, OWASP, CWE, please note that while only one is required you can use more than one (or indeed all three) as long as they are correct). (CNA requirement: [PROBLEMTYPE]).", - "items": { - "type": "object", - "required": [ - "descriptions" - ], - "properties": { - "descriptions": { - "type": "array", - "items": { - "type": "object", - "required": [ - "lang", - "description" - ], - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "description": { - "type": "string", - "description": "Text description of problemType, or title from CWE or OWASP.", - "minLength": 1, - "maxLength": 4096 - }, - "cweId": { - "type": "string", - "description": "CWE ID of the CWE that best describes this problemType entry.", - "minLength": 5, - "maxLength": 9, - "pattern": "^CWE-[1-9][0-9]*$" - }, - "type": { - "type": "string", - "description": "Problemtype source, text, OWASP, CWE, etc.,", - "minLength": 1, - "maxLength": 128 - }, - "references": { - "$ref": "#/definitions/references" - } - }, - "additionalProperties": false - }, - "minItems": 1, - "uniqueItems": true - } - }, - "additionalProperties": false - }, - "minItems": 1, - "uniqueItems": true - }, - "references": { - "type": "array", - "description": "This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are \"dangerous\").", - "items": { - "$ref": "#/definitions/reference" - }, - "minItems": 1, - "maxItems": 512, - "uniqueItems": true - }, - "impacts": { - "type": "array", - "description": "Collection of impacts of this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "This is impact type information (e.g. a text description.", - "required": [ - "descriptions" - ], - "properties": { - "capecId": { - "type": "string", - "description": "CAPEC ID that best relates to this impact.", - "minLength": 7, - "maxLength": 11, - "pattern": "^CAPEC-[1-9][0-9]{0,4}$" - }, - "descriptions": { - "description": "Prose description of the impact scenario. At a minimum provide the description given by CAPEC.", - "$ref": "#/definitions/descriptions" - } - }, - "additionalProperties": false - } - }, - "metrics": { - "type": "array", - "description": "Collection of impact scores with attribution.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "This is impact type information (e.g. a text description, CVSSv2, CVSSv3, CVSSV4, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.", - "anyOf": [ - { - "required": [ - "cvssV4_0" - ] - }, - { - "required": [ - "cvssV3_1" - ] - }, - { - "required": [ - "cvssV3_0" - ] - }, - { - "required": [ - "cvssV2_0" - ] - }, - { - "required": [ - "other" - ] - } - ], - "properties": { - "format": { - "type": "string", - "description": "Name of the scoring format. This provides a bit of future proofing. Additional properties are not prohibited, so this will support the inclusion of proprietary formats. It also provides an easy future conversion mechanism when future score formats become part of the schema. example: cvssV44, format = 'cvssV44', other = cvssV4_4 JSON object. In the future, the other properties can be converted to score properties when they become part of the schema.", - "minLength": 1, - "maxLength": 64 - }, - "scenarios": { - "type": "array", - "description": "Description of the scenarios this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "default": "GENERAL", - "description": "Description of the scenario this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.", - "minLength": 1, - "maxLength": 4096 - } - }, - "required": [ - "lang", - "value" - ], - "additionalProperties": false - } - }, - "cvssV4_0": { - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 4.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT" - ] - }, - "modifiedAttackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedVulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "subCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedSubCType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "modifiedSubIaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "SAFETY", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "exploitMaturityType": { - "type": "string", - "enum": [ - "UNREPORTED", - "PROOF_OF_CONCEPT", - "ATTACKED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "safetyType": { - "type": "string", - "enum": [ - "NEGLIGIBLE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "automatableType": { - "type": "string", - "enum": [ - "NO", - "YES", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "recoveryType": { - "type": "string", - "enum": [ - "AUTOMATIC", - "USER", - "IRRECOVERABLE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "valueDensityType": { - "type": "string", - "enum": [ - "DIFFUSE", - "CONCENTRATED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnerabilityResponseEffortType": { - "type": "string", - "enum": [ - "LOW", - "MODERATE", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "providerUrgencyType": { - "type": "string", - "enum": [ - "CLEAR", - "GREEN", - "AMBER", - "RED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10, - "multipleOf": 0.1 - }, - "noneScoreType": { - "type": "number", - "minimum": 0, - "maximum": 0 - }, - "lowScoreType": { - "type": "number", - "minimum": 0.1, - "maximum": 3.9, - "multipleOf": 0.1 - }, - "mediumScoreType": { - "type": "number", - "minimum": 4, - "maximum": 6.9, - "multipleOf": 0.1 - }, - "highScoreType": { - "type": "number", - "minimum": 7, - "maximum": 8.9, - "multipleOf": 0.1 - }, - "criticalScoreType": { - "type": "number", - "minimum": 9, - "maximum": 10, - "multipleOf": 0.1 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - }, - "noneSeverityType": { - "const": "NONE" - }, - "lowSeverityType": { - "const": "LOW" - }, - "mediumSeverityType": { - "const": "MEDIUM" - }, - "highSeverityType": { - "const": "HIGH" - }, - "criticalSeverityType": { - "const": "CRITICAL" - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "4.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType" - }, - "attackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType" - }, - "vulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "subConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "exploitMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType" - }, - "modifiedAttackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType" - }, - "modifiedVulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedSubConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType" - }, - "modifiedSubIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "modifiedSubAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "Safety": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType" - }, - "Automatable": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType" - }, - "Recovery": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType" - }, - "valueDensity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType" - }, - "vulnerabilityResponseEffort": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType" - }, - "providerUrgency": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType" - } - }, - "allOf": [ - { - "anyOf": [ - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - } - ], - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV3_1": { - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.1", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ] - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED", - "NOT_DEFINED" - ] - }, - "scopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED" - ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED", - "NOT_DEFINED" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "confidenceType": { - "type": "string", - "enum": [ - "UNKNOWN", - "REASONABLE", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "3.1" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType" - }, - "scope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - }, - "exploitCodeMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "temporalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType" - }, - "modifiedScope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType" - }, - "modifiedConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "modifiedIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "modifiedAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV3_0": { - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ] - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED", - "NOT_DEFINED" - ] - }, - "scopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED" - ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED", - "NOT_DEFINED" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "confidenceType": { - "type": "string", - "enum": [ - "UNKNOWN", - "REASONABLE", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "3.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType" - }, - "scope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - }, - "exploitCodeMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "temporalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType" - }, - "modifiedScope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType" - }, - "modifiedConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "modifiedIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "modifiedAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV2_0": { - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 2.0", - "type": "object", - "definitions": { - "accessVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL" - ] - }, - "accessComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "MEDIUM", - "LOW" - ] - }, - "authenticationType": { - "type": "string", - "enum": [ - "MULTIPLE", - "SINGLE", - "NONE" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "PARTIAL", - "COMPLETE" - ] - }, - "exploitabilityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "reportConfidenceType": { - "type": "string", - "enum": [ - "UNCONFIRMED", - "UNCORROBORATED", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "collateralDamagePotentialType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "LOW_MEDIUM", - "MEDIUM_HIGH", - "HIGH", - "NOT_DEFINED" - ] - }, - "targetDistributionType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "2.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$" - }, - "accessVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType" - }, - "accessComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType" - }, - "authentication": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - }, - "exploitability": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - }, - "collateralDamagePotential": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType" - }, - "targetDistribution": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore" - ], - "additionalProperties": false - }, - "other": { - "type": "object", - "description": "A non-standard impact description, may be prose or JSON block.", - "required": [ - "type", - "content" - ], - "properties": { - "type": { - "description": "Name of the non-standard impact metrics format used.", - "type": "string", - "minLength": 1, - "maxLength": 128 - }, - "content": { - "type": "object", - "$comment": "additionalProperties are allowed here, since this construct supports arbitrary JSON.", - "description": "JSON object not covered by another metrics format.", - "minProperties": 1 - } - }, - "additionalProperties": false - } - }, - "additionalProperties": false - } - }, - "configurations": { - "type": "array", - "description": "Configurations required for exploiting this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "workarounds": { - "type": "array", - "description": "Workarounds and mitigations for this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "solutions": { - "type": "array", - "description": "Information about solutions or remediations available for this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "exploits": { - "type": "array", - "description": "Information about exploits of the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "timeline": { - "type": "array", - "description": "This is timeline information for significant events about this vulnerability or changes to the CVE Record.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "required": [ - "time", - "lang", - "value" - ], - "properties": { - "time": { - "description": "Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM - if the timezone offset is not given, GMT (+00:00) is assumed.", - "$ref": "#/definitions/timestamp" - }, - "lang": { - "description": "The language used in the description of the event. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.", - "$ref": "#/definitions/language" - }, - "value": { - "description": "A summary of the event.", - "type": "string", - "minLength": 1, - "maxLength": 4096 - } - }, - "additionalProperties": false - } - }, - "credits": { - "type": "array", - "description": "Statements acknowledging specific people, organizations, or tools recognizing the work done in researching, discovering, remediating or helping with activities related to this CVE.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "properties": { - "lang": { - "description": "The language used when describing the credits. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.", - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "minLength": 1, - "maxLength": 4096 - }, - "user": { - "description": "UUID of the user being credited if present in the CVE User Registry (optional). This UUID can be used to lookup the user record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "type": { - "type": "string", - "description": "Type or role of the entity being credited (optional). finder: identifies the vulnerability.\nreporter: notifies the vendor of the vulnerability to a CNA.\nanalyst: validates the vulnerability to ensure accuracy or severity.\ncoordinator: facilitates the coordinated response process.\nremediation developer: prepares a code change or other remediation plans.\nremediation reviewer: reviews vulnerability remediation plans or code changes for effectiveness and completeness.\nremediation verifier: tests and verifies the vulnerability or its remediation.\ntool: names of tools used in vulnerability discovery or identification.\nsponsor: supports the vulnerability identification or remediation activities.", - "default": "finder", - "enum": [ - "finder", - "reporter", - "analyst", - "coordinator", - "remediation developer", - "remediation reviewer", - "remediation verifier", - "tool", - "sponsor", - "other" - ] - } - }, - "additionalProperties": false, - "required": [ - "lang", - "value" - ] - } - }, - "source": { - "type": "object", - "description": "This is the source information (who discovered it, who researched it, etc.) and optionally a chain of CNA information (e.g. the originating CNA and subsequent parent CNAs who have processed it before it arrives at the MITRE root).\n Must contain: IF this is in the root level it MUST contain a CNA_chain entry, IF this source entry is NOT in the root (e.g. it is part of a vendor statement) then it must contain at least one type of data entry.", - "minProperties": 1 - }, - "language": { - "type": "string", - "description": "BCP 47 language code, language-region.", - "default": "en", - "pattern": "^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" - }, - "englishLanguage": { - "type": "string", - "description": "BCP 47 language code, language-region, required to be English.", - "pattern": "^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" - }, - "taxonomyMappings": { - "type": "array", - "description": "List of taxonomy items related to the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A taxonomy mapping object identifies the taxonomy by a name and version (eg., ATT&CK v13.1, CVSS 3.1, CWE 4.12) along with a list of relations relevant to this CVE.", - "required": [ - "taxonomyName", - "taxonomyRelations" - ], - "properties": { - "taxonomyName": { - "type": "string", - "description": "The name of the taxonomy, eg., ATT&CK, D3FEND, CWE, CVSS", - "minLength": 1, - "maxLength": 128 - }, - "taxonomyVersion": { - "type": "string", - "description": "The version of taxonomy the identifiers come from.", - "minLength": 1, - "maxLength": 128 - }, - "taxonomyRelations": { - "type": "array", - "description": "List of relationships to the taxonomy for the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A relationship between the taxonomy and the CVE or two taxonomy items.", - "required": [ - "taxonomyId", - "relationshipName", - "relationshipValue" - ], - "properties": { - "taxonomyId": { - "type": "string", - "description": "Identifier of the item in the taxonomy. Used as the subject of the relationship.", - "minLength": 1, - "maxLength": 2048 - }, - "relationshipName": { - "type": "string", - "description": "A description of the relationship.", - "minLength": 1, - "maxLength": 128 - }, - "relationshipValue": { - "type": "string", - "description": "The target of the relationship. Can be the CVE ID or another taxonomy identifier.", - "minLength": 1, - "maxLength": 2048 - } - }, - "additionalProperties": false - } - } - }, - "additionalProperties": false - } - }, - "tagExtension": { - "type": "string", - "minLength": 2, - "maxLength": 128, - "pattern": "^x_.*$", - "$comment": "These values are not used as JSON property names, so there is not a need to work-around property naming limitations in some common implementations." - }, - "cnaTags": { - "type": "array", - "description": "Tags provided by a CNA describing the CVE Record.", - "uniqueItems": true, - "minItems": 1, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/cna/", - "type": "string", - "description": "exclusively-hosted-service: All known software and/or hardware affected by this CVE Record is known to exist only in the affected hosted service. If the vulnerability affects both hosted and on-prem software and/or hardware, then the tag should not be used.\n\nunsupported-when-assigned: Used by the assigning CNA to indicate that when a request for a CVE assignment was received, the product was already end-of-life (EOL) or a product or specific version was deemed not to be supported by the vendor. This tag should only be applied to a CVE Record when all affected products or version lines referenced in the CVE-Record are EOL.\n\ndisputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.", - "enum": [ - "unsupported-when-assigned", - "exclusively-hosted-service", - "disputed" - ] - } - ] - } - }, - "adpTags": { - "type": "array", - "description": "Tags provided by an ADP describing the CVE Record.", - "uniqueItems": true, - "minItems": 1, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/adp/", - "type": "string", - "description": "disputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.", - "enum": [ - "disputed" - ] - } - ] - } - } - }, - "properties": { - "adpContainer": { - "$ref": "#/definitions/adpContainer" - } - }, - "additionalProperties": false -} \ No newline at end of file diff --git a/schema/archive/v5.0/docs/CVE_JSON_cnaPublishedContainer.json b/schema/archive/v5.0/docs/CVE_JSON_cnaPublishedContainer.json deleted file mode 100644 index f15ea197b00..00000000000 --- a/schema/archive/v5.0/docs/CVE_JSON_cnaPublishedContainer.json +++ /dev/null @@ -1,2560 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_cnaPublishedContainer.json", - "title": "CVE JSON cnaPublishedContainer sub schema", - "description": "CVE JSON cnaPublishedContainer format", - "definitions": { - "uriType": { - "description": "A universal resource identifier (URI), according to [RFC 3986](https://tools.ietf.org/html/rfc3986).", - "type": "string", - "format": "uri", - "minLength": 1, - "maxLength": 2048 - }, - "uuidType": { - "description": "A version 4 (random) universally unique identifier (UUID) as defined by [RFC 4122](https://tools.ietf.org/html/rfc4122#section-4.1.3).", - "type": "string", - "pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" - }, - "reference": { - "type": "object", - "required": [ - "url" - ], - "properties": { - "url": { - "description": "The uniform resource locator (URL), according to [RFC 3986](https://tools.ietf.org/html/rfc3986#section-1.1.3), that can be used to retrieve the referenced resource.", - "$ref": "#/definitions/uriType" - }, - "name": { - "description": "User created name for the reference, often the title of the page.", - "type": "string", - "maxLength": 512, - "minLength": 1 - }, - "tags": { - "description": "An array of one or more tags that describe the resource referenced by 'url'.", - "type": "array", - "minItems": 1, - "uniqueItems": true, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/reference/", - "type": "string", - "description": "broken-link: The reference link is returning a 404 error, or the site is no longer online.\n\ncustomer-entitlement: Similar to Privileges Required, but specific to references that require non-public/paid access for customers of the particular vendor.\n\nexploit: Reference contains an in-depth/detailed description of steps to exploit a vulnerability OR the reference contains any legitimate Proof of Concept (PoC) code or exploit kit.\n\ngovernment-resource: All reference links that are from a government agency or organization should be given the Government Resource tag.\n\nissue-tracking: The reference is a post from a bug tracking tool such as MantisBT, Bugzilla, JIRA, Github Issues, etc...\n\nmailing-list: The reference is from a mailing list -- often specific to a product or vendor.\n\nmitigation: The reference contains information on steps to mitigate against the vulnerability in the event a patch can't be applied or is unavailable or for EOL product situations.\n\nnot-applicable: The reference link is not applicable to the vulnerability and was likely associated by MITRE accidentally (should be used sparingly).\n\npatch: The reference contains an update to the software that fixes the vulnerability.\n\npermissions-required: The reference link provided is blocked by a logon page. If credentials are required to see any information this tag must be applied.\n\nmedia-coverage: The reference is from a media outlet such as a newspaper, magazine, social media, or weblog. This tag is not intended to apply to any individual's personal social media account. It is strictly intended for public media entities.\n\nproduct: A reference appropriate for describing a product for the purpose of CPE or SWID.\n\nrelated: A reference that is for a related (but not the same) vulnerability.\n\nrelease-notes: The reference is in the format of a vendor or open source project's release notes or change log.\n\nsignature: The reference contains a method to detect or prevent the presence or exploitation of the vulnerability.\n\ntechnical-description: The reference contains in-depth technical information about a vulnerability and its exploitation process, typically in the form of a presentation or whitepaper.\n\nthird-party-advisory: Advisory is from an organization that is not the vulnerable product's vendor/publisher/maintainer.\n\nvendor-advisory: Advisory is from the vendor/publisher/maintainer of the product or the parent organization.\n\nvdb-entry: VDBs are loosely defined as sites that provide information about this vulnerability, such as advisories, with identifiers. Included VDBs are free to access, substantially public, and have broad scope and coverage (not limited to a single vendor or research organization). See: https://www.first.org/global/sigs/vrdx/vdb-catalog", - "enum": [ - "broken-link", - "customer-entitlement", - "exploit", - "government-resource", - "issue-tracking", - "mailing-list", - "mitigation", - "not-applicable", - "patch", - "permissions-required", - "media-coverage", - "product", - "related", - "release-notes", - "signature", - "technical-description", - "third-party-advisory", - "vendor-advisory", - "vdb-entry" - ] - } - ] - } - } - }, - "additionalProperties": false - }, - "cveId": { - "type": "string", - "pattern": "^CVE-[0-9]{4}-[0-9]{4,19}$" - }, - "orgId": { - "description": "A UUID for an organization participating in the CVE program. This UUID can be used to lookup the organization record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "userId": { - "description": "A UUID for a user participating in the CVE program. This UUID can be used to lookup the user record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "shortName": { - "description": "A 2-32 character name that can be used to complement an organization's UUID.", - "type": "string", - "minLength": 2, - "maxLength": 32 - }, - "datestamp": { - "description": "Date/time format based on RFC3339 and ISO ISO8601.", - "type": "string", - "format": "date", - "pattern": "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))$" - }, - "timestamp": { - "type": "string", - "format": "date-time", - "description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM'. If timezone offset is not given, GMT (+00:00) is assumed.", - "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$" - }, - "version": { - "description": "A single version of a product, as expressed in its own version numbering scheme.", - "type": "string", - "minLength": 1, - "maxLength": 1024 - }, - "status": { - "description": "The vulnerability status of a given version or range of versions of a product. The statuses 'affected' and 'unaffected' indicate that the version is affected or unaffected by the vulnerability. The status 'unknown' indicates that it is unknown or unspecified whether the given version is affected. There can be many reasons for an 'unknown' status, including that an investigation has not been undertaken or that a vendor has not disclosed the status.", - "type": "string", - "enum": [ - "affected", - "unaffected", - "unknown" - ] - }, - "product": { - "type": "object", - "description": "Provides information about the set of products and services affected by this vulnerability.", - "allOf": [ - { - "anyOf": [ - { - "required": [ - "vendor", - "product" - ] - }, - { - "required": [ - "collectionURL", - "packageName" - ] - } - ] - }, - { - "anyOf": [ - { - "required": [ - "versions" - ] - }, - { - "required": [ - "defaultStatus" - ] - } - ] - } - ], - "properties": { - "vendor": { - "type": "string", - "description": "Name of the organization, project, community, individual, or user that created or maintains this product or hosted service. Can be 'N/A' if none of those apply. When collectionURL and packageName are used, this field may optionally represent the user or account within the package collection associated with the package.", - "minLength": 1, - "maxLength": 512 - }, - "product": { - "type": "string", - "description": "Name of the affected product.", - "minLength": 1, - "maxLength": 2048 - }, - "collectionURL": { - "description": "URL identifying a package collection (determines the meaning of packageName).", - "$ref": "#/definitions/uriType", - "examples": [ - "https://access.redhat.com/downloads/content/package-browser", - "https://addons.mozilla.org", - "https://addons.thunderbird.net", - "https://anaconda.org/anaconda/repo", - "https://app.vagrantup.com/boxes/search", - "https://apps.apple.com", - "https://archlinux.org/packages", - "https://atmospherejs.meteor.com", - "https://atom.io/packages", - "https://bitbucket.org", - "https://bower.io", - "https://brew.sh/", - "https://chocolatey.org/packages", - "https://chrome.google.com/webstore", - "https://clojars.org", - "https://cocoapods.org", - "https://code.dlang.org", - "https://conan.io/center", - "https://cpan.org/modules", - "https://cran.r-project.org", - "https://crates.io", - "https://ctan.org/pkg", - "https://drupal.org", - "https://exchange.adobe.com", - "https://forge.puppet.com/modules", - "https://github.com", - "https://gitlab.com/explore", - "https://golang.org/pkg", - "https://guix.gnu.org/packages", - "https://hackage.haskell.org", - "https://helm.sh", - "https://hub.docker.com", - "https://juliahub.com", - "https://lib.haxe.org", - "https://luarocks.org", - "https://marketplace.visualstudio.com", - "https://melpa.org", - "https://microsoft.com/en-us/store/apps", - "https://nimble.directory", - "https://nuget.org/packages", - "https://opam.ocaml.org/packages", - "https://openwrt.org/packages/index", - "https://package.elm-lang.org", - "https://packagecontrol.io", - "https://packages.debian.org", - "https://packages.gentoo.org", - "https://packagist.org", - "https://pear.php.net/packages.php", - "https://pecl.php.net", - "https://platformio.org/lib", - "https://play.google.com/store", - "https://plugins.gradle.org", - "https://projects.eclipse.org", - "https://pub.dev", - "https://pypi.python.org", - "https://registry.npmjs.org", - "https://registry.terraform.io", - "https://repo.hex.pm", - "https://repo.maven.apache.org/maven2", - "https://rubygems.org", - "https://search.nixos.org/packages", - "https://sourceforge.net", - "https://wordpress.org/plugins" - ] - }, - "packageName": { - "type": "string", - "description": "Name or identifier of the affected software package as used in the package collection.", - "minLength": 1, - "maxLength": 2048 - }, - "cpes": { - "type": "array", - "description": "Affected products defined by CPE. This is an array of CPE values (vulnerable and not), we use an array so that we can make multiple statements about the same version and they are separate (if we used a JSON object we'd essentially be keying on the CPE name and they would have to overlap). Also, this allows things like cveDataVersion or cveDescription to be applied directly to the product entry. This also allows more complex statements such as \"Product X between versions 10.2 and 10.8\" to be put in a machine-readable format. As well since multiple statements can be used multiple branches of the same product can be defined here.", - "uniqueItems": true, - "items": { - "title": "CPE Name", - "type": "string", - "description": "Common Platform Enumeration (CPE) Name in either 2.2 or 2.3 format", - "pattern": "([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})", - "minLength": 1, - "maxLength": 2048 - } - }, - "modules": { - "type": "array", - "description": "A list of the affected components, features, modules, sub-components, sub-products, APIs, commands, utilities, programs, or functionalities (optional).", - "uniqueItems": true, - "items": { - "type": "string", - "description": "Name of the affected component, feature, module, sub-component, sub-product, API, command, utility, program, or functionality (optional).", - "minLength": 1, - "maxLength": 4096 - } - }, - "programFiles": { - "type": "array", - "description": "A list of the affected source code files (optional).", - "uniqueItems": true, - "items": { - "description": "Name or path or location of the affected source code file.", - "type": "string", - "minLength": 1, - "maxLength": 1024 - } - }, - "programRoutines": { - "type": "array", - "description": "A list of the affected source code functions, methods, subroutines, or procedures (optional).", - "uniqueItems": true, - "items": { - "type": "object", - "description": "An object describing program routine.", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "description": "Name of the affected source code file, function, method, subroutine, or procedure.", - "minLength": 1, - "maxLength": 4096 - } - }, - "additionalProperties": false - } - }, - "platforms": { - "title": "Platforms", - "description": "List of specific platforms if the vulnerability is only relevant in the context of these platforms (optional). Platforms may include execution environments, operating systems, virtualization technologies, hardware models, or computing architectures. The lack of this field or an empty array implies that the other fields are applicable to all relevant platforms.", - "type": "array", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "string", - "examples": [ - "iOS", - "Android", - "Windows", - "macOS", - "x86", - "ARM", - "64 bit", - "Big Endian", - "iPad", - "Chromebook", - "Docker", - "Model T" - ], - "maxLength": 1024 - } - }, - "repo": { - "description": "The URL of the source code repository, for informational purposes and/or to resolve git hash version ranges.", - "$ref": "#/definitions/uriType" - }, - "defaultStatus": { - "description": "The default status for versions that are not otherwise listed in the versions list. If not specified, defaultStatus defaults to 'unknown'. Versions or defaultStatus may be omitted, but not both.", - "$ref": "#/definitions/status" - }, - "versions": { - "type": "array", - "description": "Set of product versions or version ranges related to the vulnerability. The versions satisfy the CNA Rules [8.1.2 requirement](https://cve.mitre.org/cve/cna/rules.html#section_8-1_cve_entry_information_requirements). Versions or defaultStatus may be omitted, but not both.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A single version or a range of versions, with vulnerability status.\n\nAn entry with only 'version' and 'status' indicates the status of a single version.\n\nOtherwise, an entry describes a range; it must include the 'versionType' property, to define the version numbering semantics in use, and 'limit', to indicate the non-inclusive upper limit of the range. The object describes the status for versions V such that 'version' <= V and V < 'limit', using the <= and < semantics defined for the specific kind of 'versionType'. Status changes within the range can be specified by an optional 'changes' list.\n\nThe algorithm to decide the status specified for a version V is:\n\n\tfor entry in product.versions {\n\t\tif entry.lessThan is not present and entry.lessThanOrEqual is not present and v == entry.version {\n\t\t\treturn entry.status\n\t\t}\n\t\tif (entry.lessThan is present and entry.version <= v and v < entry.lessThan) or\n\t\t (entry.lessThanOrEqual is present and entry.version <= v and v <= entry.lessThanOrEqual) { // <= and < defined by entry.versionType\n\t\t\tstatus = entry.status\n\t\t\tfor change in entry.changes {\n\t\t\t\tif change.at <= v {\n\t\t\t\t\tstatus = change.status\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn status\n\t\t}\n\t}\n\treturn product.defaultStatus\n\n.", - "oneOf": [ - { - "required": [ - "version", - "status" - ], - "maxProperties": 2 - }, - { - "required": [ - "version", - "status", - "versionType" - ], - "maxProperties": 3 - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThan" - ] - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThanOrEqual" - ] - } - ], - "properties": { - "version": { - "description": "The single version being described, or the version at the start of the range. By convention, typically 0 denotes the earliest possible version.", - "$ref": "#/definitions/version" - }, - "status": { - "description": "The vulnerability status for the version or range of versions. For a range, the status may be refined by the 'changes' list.", - "$ref": "#/definitions/status" - }, - "versionType": { - "type": "string", - "description": "The version numbering system used for specifying the range. This defines the exact semantics of the comparison (less-than) operation on versions, which is required to understand the range itself. 'Custom' indicates that the version type is unspecified and should be avoided whenever possible. It is included primarily for use in conversion of older data files.", - "minLength": 1, - "maxLength": 128, - "examples": [ - "custom", - "git", - "maven", - "python", - "rpm", - "semver" - ] - }, - "lessThan": { - "description": "The non-inclusive upper limit of the range. This is the least version NOT in the range. The usual version syntax is expanded to allow a pattern to end in an asterisk `(*)`, indicating an arbitrarily large number in the version ordering. For example, `{version: 1.0 lessThan: 1.*}` would describe the entire 1.X branch for most range kinds, and `{version: 2.0, lessThan: *}` describes all versions starting at 2.0, including 3.0, 5.1, and so on. Only one of lessThan and lessThanOrEqual should be specified.", - "$ref": "#/definitions/version" - }, - "lessThanOrEqual": { - "description": "The inclusive upper limit of the range. This is the greatest version contained in the range. Only one of lessThan and lessThanOrEqual should be specified. For example, `{version: 1.0, lessThanOrEqual: 1.3}` covers all versions from 1.0 up to and including 1.3.", - "$ref": "#/definitions/version" - }, - "changes": { - "type": "array", - "description": "A list of status changes that take place during the range. The array should be sorted in increasing order by the 'at' field, according to the versionType, but clients must re-sort the list themselves rather than assume it is sorted.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "The start of a single status change during the range.", - "required": [ - "at", - "status" - ], - "additionalProperties": false, - "properties": { - "at": { - "description": "The version at which a status change occurs.", - "$ref": "#/definitions/version" - }, - "status": { - "description": "The new status in the range starting at the given version.", - "$ref": "#/definitions/status" - } - } - } - } - }, - "additionalProperties": false - } - } - } - }, - "dataType": { - "description": "Indicates the type of information represented in the JSON instance.", - "type": "string", - "enum": [ - "CVE_RECORD" - ] - }, - "dataVersion": { - "description": "The version of the CVE schema used for validating this record. Used to support multiple versions of this format.", - "type": "string", - "pattern": "^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$", - "default": "5.1.0" - }, - "cveMetadataPublished": { - "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", - "type": "object", - "required": [ - "cveId", - "assignerOrgId", - "state" - ], - "properties": { - "cveId": { - "description": "The CVE identifier that this record pertains to.", - "$ref": "#/definitions/cveId" - }, - "assignerOrgId": { - "$ref": "#/definitions/orgId", - "description": "The UUID for the organization to which the CVE ID was originally assigned. This UUID can be used to lookup the organization record in the user registry service." - }, - "assignerShortName": { - "$ref": "#/definitions/shortName", - "description": "The short name for the organization to which the CVE ID was originally assigned." - }, - "requesterUserId": { - "$ref": "#/definitions/userId", - "description": "The user that requested the CVE identifier." - }, - "dateUpdated": { - "description": "The date/time the record was last updated.", - "$ref": "#/definitions/timestamp" - }, - "serial": { - "type": "integer", - "minimum": 1, - "description": "The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition." - }, - "dateReserved": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE." - }, - "datePublished": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE Record was first published in the CVE List." - }, - "state": { - "description": "State of CVE - PUBLISHED, REJECTED.", - "type": "string", - "enum": [ - "PUBLISHED" - ] - } - }, - "additionalProperties": false - }, - "cveMetadataRejected": { - "type": "object", - "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", - "required": [ - "cveId", - "assignerOrgId", - "state" - ], - "properties": { - "cveId": { - "description": "The CVE identifier that this record pertains to.", - "$ref": "#/definitions/cveId" - }, - "assignerOrgId": { - "$ref": "#/definitions/orgId", - "description": "The UUID for the organization to which the CVE ID was originally assigned." - }, - "assignerShortName": { - "$ref": "#/definitions/shortName", - "description": "The short name for the organization to which the CVE ID was originally assigned." - }, - "serial": { - "type": "integer", - "minimum": 1, - "description": "The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition." - }, - "dateUpdated": { - "description": "The date/time the record was last updated.", - "$ref": "#/definitions/timestamp" - }, - "datePublished": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE Record was first published in the CVE List." - }, - "dateRejected": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE ID was rejected." - }, - "state": { - "type": "string", - "description": "State of CVE - PUBLISHED, REJECTED.", - "enum": [ - "REJECTED" - ] - }, - "dateReserved": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE." - } - }, - "additionalProperties": false - }, - "providerMetadata": { - "type": "object", - "description": "Details related to the information container provider (CNA or ADP).", - "properties": { - "orgId": { - "$ref": "#/definitions/orgId", - "description": "The container provider's organizational UUID." - }, - "shortName": { - "$ref": "#/definitions/shortName", - "description": "The container provider's organizational short name." - }, - "dateUpdated": { - "$ref": "#/definitions/timestamp", - "description": "Timestamp to be set by the system of record at time of submission. If dateUpdated is provided to the system of record it will be replaced by the current timestamp at the time of submission." - } - }, - "required": [ - "orgId" - ], - "additionalProperties": false - }, - "cnaPublishedContainer": { - "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a published CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA. The CNA container must include the required information defined in the CVE Rules, which includes a product, version, problem type, prose description, and a reference.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "dateAssigned": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was associated with a vulnerability by a CNA." - }, - "datePublic": { - "$ref": "#/definitions/timestamp", - "description": "If known, the date/time the vulnerability was disclosed publicly." - }, - "title": { - "type": "string", - "description": "A title, headline, or a brief phrase summarizing the CVE record. Eg., Buffer overflow in Example Soft.", - "minLength": 1, - "maxLength": 256 - }, - "descriptions": { - "$ref": "#/definitions/descriptions" - }, - "affected": { - "$ref": "#/definitions/affected" - }, - "problemTypes": { - "$ref": "#/definitions/problemTypes" - }, - "references": { - "$ref": "#/definitions/references" - }, - "impacts": { - "$ref": "#/definitions/impacts" - }, - "metrics": { - "$ref": "#/definitions/metrics" - }, - "configurations": { - "$ref": "#/definitions/configurations" - }, - "workarounds": { - "$ref": "#/definitions/workarounds" - }, - "solutions": { - "$ref": "#/definitions/solutions" - }, - "exploits": { - "$ref": "#/definitions/exploits" - }, - "timeline": { - "$ref": "#/definitions/timeline" - }, - "credits": { - "$ref": "#/definitions/credits" - }, - "source": { - "$ref": "#/definitions/source" - }, - "tags": { - "$ref": "#/definitions/cnaTags" - }, - "taxonomyMappings": { - "$ref": "#/definitions/taxonomyMappings" - } - }, - "required": [ - "providerMetadata", - "descriptions", - "affected", - "references" - ], - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "cnaRejectedContainer": { - "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a rejected CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "rejectedReasons": { - "description": "Reasons for rejecting this CVE Record.", - "$ref": "#/definitions/descriptions" - }, - "replacedBy": { - "type": "array", - "description": "Contains an array of CVE IDs that this CVE ID was rejected in favor of because this CVE ID was assigned to the vulnerabilities.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/cveId" - } - } - }, - "required": [ - "providerMetadata", - "rejectedReasons" - ], - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "adpContainer": { - "description": "An object containing the vulnerability information provided by an Authorized Data Publisher (ADP). Since multiple ADPs can provide information for a CVE ID, an ADP container must indicate which ADP is the source of the information in the object.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "datePublic": { - "$ref": "#/definitions/timestamp", - "description": "If known, the date/time the vulnerability was disclosed publicly." - }, - "title": { - "type": "string", - "description": "A title, headline, or a brief phrase summarizing the information in an ADP container.", - "minLength": 1, - "maxLength": 256 - }, - "descriptions": { - "$ref": "#/definitions/descriptions" - }, - "affected": { - "$ref": "#/definitions/affected" - }, - "problemTypes": { - "$ref": "#/definitions/problemTypes" - }, - "references": { - "$ref": "#/definitions/references" - }, - "impacts": { - "$ref": "#/definitions/impacts" - }, - "metrics": { - "$ref": "#/definitions/metrics" - }, - "configurations": { - "$ref": "#/definitions/configurations" - }, - "workarounds": { - "$ref": "#/definitions/workarounds" - }, - "solutions": { - "$ref": "#/definitions/solutions" - }, - "exploits": { - "$ref": "#/definitions/exploits" - }, - "timeline": { - "$ref": "#/definitions/timeline" - }, - "credits": { - "$ref": "#/definitions/credits" - }, - "source": { - "$ref": "#/definitions/source" - }, - "tags": { - "$ref": "#/definitions/adpTags" - }, - "taxonomyMappings": { - "$ref": "#/definitions/taxonomyMappings" - } - }, - "required": [ - "providerMetadata" - ], - "minProperties": 2, - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "affected": { - "type": "array", - "description": "List of affected products.", - "minItems": 1, - "items": { - "$ref": "#/definitions/product" - } - }, - "description": { - "type": "object", - "description": "Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.", - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "description": "Plain text description.", - "minLength": 1, - "maxLength": 4096 - }, - "supportingMedia": { - "type": "array", - "title": "Supporting media", - "description": "Supporting media data for the description such as markdown, diagrams, .. (optional). Similar to RFC 2397 each media object has three main parts: media type, media data value, and an optional boolean flag to indicate if the media data is base64 encoded.", - "uniqueItems": true, - "minItems": 1, - "items": { - "type": "object", - "properties": { - "type": { - "type": "string", - "title": "Media type", - "minLength": 1, - "maxLength": 256, - "description": "RFC2046 compliant IANA Media type for eg., text/markdown, text/html.", - "examples": [ - "text/markdown", - "text/html", - "image/png", - "image/svg", - "audio/mp3" - ] - }, - "base64": { - "type": "boolean", - "title": "Encoding", - "description": "If true then the value field contains the media data encoded in base64. If false then the value field contains the UTF-8 media content.", - "default": false - }, - "value": { - "type": "string", - "description": "Supporting media content, up to 16K. If base64 is true, this field stores base64 encoded data.", - "minLength": 1, - "maxLength": 16384 - } - }, - "required": [ - "type", - "value" - ], - "additionalProperties": false - } - } - }, - "required": [ - "lang", - "value" - ], - "additionalProperties": false - }, - "englishLanguageDescription": { - "type": "object", - "description": "A description with lang set to an English language (en, en_US, en_UK, and so on).", - "properties": { - "lang": { - "$ref": "#/definitions/englishLanguage" - } - }, - "required": [ - "lang" - ], - "$comment": "Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description." - }, - "descriptions": { - "type": "array", - "description": "A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - }, - "contains": { - "$ref": "#/definitions/englishLanguageDescription" - } - }, - "problemTypes": { - "type": "array", - "description": "This is problem type information (e.g. CWE identifier). Must contain: At least one entry, can be text, OWASP, CWE, please note that while only one is required you can use more than one (or indeed all three) as long as they are correct). (CNA requirement: [PROBLEMTYPE]).", - "items": { - "type": "object", - "required": [ - "descriptions" - ], - "properties": { - "descriptions": { - "type": "array", - "items": { - "type": "object", - "required": [ - "lang", - "description" - ], - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "description": { - "type": "string", - "description": "Text description of problemType, or title from CWE or OWASP.", - "minLength": 1, - "maxLength": 4096 - }, - "cweId": { - "type": "string", - "description": "CWE ID of the CWE that best describes this problemType entry.", - "minLength": 5, - "maxLength": 9, - "pattern": "^CWE-[1-9][0-9]*$" - }, - "type": { - "type": "string", - "description": "Problemtype source, text, OWASP, CWE, etc.,", - "minLength": 1, - "maxLength": 128 - }, - "references": { - "$ref": "#/definitions/references" - } - }, - "additionalProperties": false - }, - "minItems": 1, - "uniqueItems": true - } - }, - "additionalProperties": false - }, - "minItems": 1, - "uniqueItems": true - }, - "references": { - "type": "array", - "description": "This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are \"dangerous\").", - "items": { - "$ref": "#/definitions/reference" - }, - "minItems": 1, - "maxItems": 512, - "uniqueItems": true - }, - "impacts": { - "type": "array", - "description": "Collection of impacts of this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "This is impact type information (e.g. a text description.", - "required": [ - "descriptions" - ], - "properties": { - "capecId": { - "type": "string", - "description": "CAPEC ID that best relates to this impact.", - "minLength": 7, - "maxLength": 11, - "pattern": "^CAPEC-[1-9][0-9]{0,4}$" - }, - "descriptions": { - "description": "Prose description of the impact scenario. At a minimum provide the description given by CAPEC.", - "$ref": "#/definitions/descriptions" - } - }, - "additionalProperties": false - } - }, - "metrics": { - "type": "array", - "description": "Collection of impact scores with attribution.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "This is impact type information (e.g. a text description, CVSSv2, CVSSv3, CVSSV4, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.", - "anyOf": [ - { - "required": [ - "cvssV4_0" - ] - }, - { - "required": [ - "cvssV3_1" - ] - }, - { - "required": [ - "cvssV3_0" - ] - }, - { - "required": [ - "cvssV2_0" - ] - }, - { - "required": [ - "other" - ] - } - ], - "properties": { - "format": { - "type": "string", - "description": "Name of the scoring format. This provides a bit of future proofing. Additional properties are not prohibited, so this will support the inclusion of proprietary formats. It also provides an easy future conversion mechanism when future score formats become part of the schema. example: cvssV44, format = 'cvssV44', other = cvssV4_4 JSON object. In the future, the other properties can be converted to score properties when they become part of the schema.", - "minLength": 1, - "maxLength": 64 - }, - "scenarios": { - "type": "array", - "description": "Description of the scenarios this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "default": "GENERAL", - "description": "Description of the scenario this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.", - "minLength": 1, - "maxLength": 4096 - } - }, - "required": [ - "lang", - "value" - ], - "additionalProperties": false - } - }, - "cvssV4_0": { - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 4.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT" - ] - }, - "modifiedAttackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedVulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "subCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedSubCType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "modifiedSubIaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "SAFETY", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "exploitMaturityType": { - "type": "string", - "enum": [ - "UNREPORTED", - "PROOF_OF_CONCEPT", - "ATTACKED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "safetyType": { - "type": "string", - "enum": [ - "NEGLIGIBLE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "automatableType": { - "type": "string", - "enum": [ - "NO", - "YES", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "recoveryType": { - "type": "string", - "enum": [ - "AUTOMATIC", - "USER", - "IRRECOVERABLE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "valueDensityType": { - "type": "string", - "enum": [ - "DIFFUSE", - "CONCENTRATED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnerabilityResponseEffortType": { - "type": "string", - "enum": [ - "LOW", - "MODERATE", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "providerUrgencyType": { - "type": "string", - "enum": [ - "CLEAR", - "GREEN", - "AMBER", - "RED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10, - "multipleOf": 0.1 - }, - "noneScoreType": { - "type": "number", - "minimum": 0, - "maximum": 0 - }, - "lowScoreType": { - "type": "number", - "minimum": 0.1, - "maximum": 3.9, - "multipleOf": 0.1 - }, - "mediumScoreType": { - "type": "number", - "minimum": 4, - "maximum": 6.9, - "multipleOf": 0.1 - }, - "highScoreType": { - "type": "number", - "minimum": 7, - "maximum": 8.9, - "multipleOf": 0.1 - }, - "criticalScoreType": { - "type": "number", - "minimum": 9, - "maximum": 10, - "multipleOf": 0.1 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - }, - "noneSeverityType": { - "const": "NONE" - }, - "lowSeverityType": { - "const": "LOW" - }, - "mediumSeverityType": { - "const": "MEDIUM" - }, - "highSeverityType": { - "const": "HIGH" - }, - "criticalSeverityType": { - "const": "CRITICAL" - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "4.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType" - }, - "attackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType" - }, - "vulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "subConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "exploitMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType" - }, - "modifiedAttackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType" - }, - "modifiedVulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedSubConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType" - }, - "modifiedSubIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "modifiedSubAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "Safety": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType" - }, - "Automatable": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType" - }, - "Recovery": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType" - }, - "valueDensity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType" - }, - "vulnerabilityResponseEffort": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType" - }, - "providerUrgency": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType" - } - }, - "allOf": [ - { - "anyOf": [ - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - } - ], - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV3_1": { - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.1", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ] - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED", - "NOT_DEFINED" - ] - }, - "scopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED" - ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED", - "NOT_DEFINED" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "confidenceType": { - "type": "string", - "enum": [ - "UNKNOWN", - "REASONABLE", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "3.1" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType" - }, - "scope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - }, - "exploitCodeMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "temporalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType" - }, - "modifiedScope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType" - }, - "modifiedConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "modifiedIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "modifiedAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV3_0": { - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ] - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED", - "NOT_DEFINED" - ] - }, - "scopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED" - ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED", - "NOT_DEFINED" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "confidenceType": { - "type": "string", - "enum": [ - "UNKNOWN", - "REASONABLE", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "3.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType" - }, - "scope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - }, - "exploitCodeMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "temporalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType" - }, - "modifiedScope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType" - }, - "modifiedConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "modifiedIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "modifiedAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV2_0": { - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 2.0", - "type": "object", - "definitions": { - "accessVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL" - ] - }, - "accessComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "MEDIUM", - "LOW" - ] - }, - "authenticationType": { - "type": "string", - "enum": [ - "MULTIPLE", - "SINGLE", - "NONE" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "PARTIAL", - "COMPLETE" - ] - }, - "exploitabilityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "reportConfidenceType": { - "type": "string", - "enum": [ - "UNCONFIRMED", - "UNCORROBORATED", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "collateralDamagePotentialType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "LOW_MEDIUM", - "MEDIUM_HIGH", - "HIGH", - "NOT_DEFINED" - ] - }, - "targetDistributionType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "2.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$" - }, - "accessVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType" - }, - "accessComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType" - }, - "authentication": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - }, - "exploitability": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - }, - "collateralDamagePotential": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType" - }, - "targetDistribution": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore" - ], - "additionalProperties": false - }, - "other": { - "type": "object", - "description": "A non-standard impact description, may be prose or JSON block.", - "required": [ - "type", - "content" - ], - "properties": { - "type": { - "description": "Name of the non-standard impact metrics format used.", - "type": "string", - "minLength": 1, - "maxLength": 128 - }, - "content": { - "type": "object", - "$comment": "additionalProperties are allowed here, since this construct supports arbitrary JSON.", - "description": "JSON object not covered by another metrics format.", - "minProperties": 1 - } - }, - "additionalProperties": false - } - }, - "additionalProperties": false - } - }, - "configurations": { - "type": "array", - "description": "Configurations required for exploiting this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "workarounds": { - "type": "array", - "description": "Workarounds and mitigations for this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "solutions": { - "type": "array", - "description": "Information about solutions or remediations available for this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "exploits": { - "type": "array", - "description": "Information about exploits of the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "timeline": { - "type": "array", - "description": "This is timeline information for significant events about this vulnerability or changes to the CVE Record.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "required": [ - "time", - "lang", - "value" - ], - "properties": { - "time": { - "description": "Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM - if the timezone offset is not given, GMT (+00:00) is assumed.", - "$ref": "#/definitions/timestamp" - }, - "lang": { - "description": "The language used in the description of the event. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.", - "$ref": "#/definitions/language" - }, - "value": { - "description": "A summary of the event.", - "type": "string", - "minLength": 1, - "maxLength": 4096 - } - }, - "additionalProperties": false - } - }, - "credits": { - "type": "array", - "description": "Statements acknowledging specific people, organizations, or tools recognizing the work done in researching, discovering, remediating or helping with activities related to this CVE.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "properties": { - "lang": { - "description": "The language used when describing the credits. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.", - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "minLength": 1, - "maxLength": 4096 - }, - "user": { - "description": "UUID of the user being credited if present in the CVE User Registry (optional). This UUID can be used to lookup the user record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "type": { - "type": "string", - "description": "Type or role of the entity being credited (optional). finder: identifies the vulnerability.\nreporter: notifies the vendor of the vulnerability to a CNA.\nanalyst: validates the vulnerability to ensure accuracy or severity.\ncoordinator: facilitates the coordinated response process.\nremediation developer: prepares a code change or other remediation plans.\nremediation reviewer: reviews vulnerability remediation plans or code changes for effectiveness and completeness.\nremediation verifier: tests and verifies the vulnerability or its remediation.\ntool: names of tools used in vulnerability discovery or identification.\nsponsor: supports the vulnerability identification or remediation activities.", - "default": "finder", - "enum": [ - "finder", - "reporter", - "analyst", - "coordinator", - "remediation developer", - "remediation reviewer", - "remediation verifier", - "tool", - "sponsor", - "other" - ] - } - }, - "additionalProperties": false, - "required": [ - "lang", - "value" - ] - } - }, - "source": { - "type": "object", - "description": "This is the source information (who discovered it, who researched it, etc.) and optionally a chain of CNA information (e.g. the originating CNA and subsequent parent CNAs who have processed it before it arrives at the MITRE root).\n Must contain: IF this is in the root level it MUST contain a CNA_chain entry, IF this source entry is NOT in the root (e.g. it is part of a vendor statement) then it must contain at least one type of data entry.", - "minProperties": 1 - }, - "language": { - "type": "string", - "description": "BCP 47 language code, language-region.", - "default": "en", - "pattern": "^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" - }, - "englishLanguage": { - "type": "string", - "description": "BCP 47 language code, language-region, required to be English.", - "pattern": "^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" - }, - "taxonomyMappings": { - "type": "array", - "description": "List of taxonomy items related to the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A taxonomy mapping object identifies the taxonomy by a name and version (eg., ATT&CK v13.1, CVSS 3.1, CWE 4.12) along with a list of relations relevant to this CVE.", - "required": [ - "taxonomyName", - "taxonomyRelations" - ], - "properties": { - "taxonomyName": { - "type": "string", - "description": "The name of the taxonomy, eg., ATT&CK, D3FEND, CWE, CVSS", - "minLength": 1, - "maxLength": 128 - }, - "taxonomyVersion": { - "type": "string", - "description": "The version of taxonomy the identifiers come from.", - "minLength": 1, - "maxLength": 128 - }, - "taxonomyRelations": { - "type": "array", - "description": "List of relationships to the taxonomy for the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A relationship between the taxonomy and the CVE or two taxonomy items.", - "required": [ - "taxonomyId", - "relationshipName", - "relationshipValue" - ], - "properties": { - "taxonomyId": { - "type": "string", - "description": "Identifier of the item in the taxonomy. Used as the subject of the relationship.", - "minLength": 1, - "maxLength": 2048 - }, - "relationshipName": { - "type": "string", - "description": "A description of the relationship.", - "minLength": 1, - "maxLength": 128 - }, - "relationshipValue": { - "type": "string", - "description": "The target of the relationship. Can be the CVE ID or another taxonomy identifier.", - "minLength": 1, - "maxLength": 2048 - } - }, - "additionalProperties": false - } - } - }, - "additionalProperties": false - } - }, - "tagExtension": { - "type": "string", - "minLength": 2, - "maxLength": 128, - "pattern": "^x_.*$", - "$comment": "These values are not used as JSON property names, so there is not a need to work-around property naming limitations in some common implementations." - }, - "cnaTags": { - "type": "array", - "description": "Tags provided by a CNA describing the CVE Record.", - "uniqueItems": true, - "minItems": 1, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/cna/", - "type": "string", - "description": "exclusively-hosted-service: All known software and/or hardware affected by this CVE Record is known to exist only in the affected hosted service. If the vulnerability affects both hosted and on-prem software and/or hardware, then the tag should not be used.\n\nunsupported-when-assigned: Used by the assigning CNA to indicate that when a request for a CVE assignment was received, the product was already end-of-life (EOL) or a product or specific version was deemed not to be supported by the vendor. This tag should only be applied to a CVE Record when all affected products or version lines referenced in the CVE-Record are EOL.\n\ndisputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.", - "enum": [ - "unsupported-when-assigned", - "exclusively-hosted-service", - "disputed" - ] - } - ] - } - }, - "adpTags": { - "type": "array", - "description": "Tags provided by an ADP describing the CVE Record.", - "uniqueItems": true, - "minItems": 1, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/adp/", - "type": "string", - "description": "disputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.", - "enum": [ - "disputed" - ] - } - ] - } - } - }, - "properties": { - "cnaContainer": { - "$ref": "#/definitions/cnaPublishedContainer" - } - }, - "additionalProperties": false -} \ No newline at end of file diff --git a/schema/archive/v5.0/docs/CVE_JSON_cnaRejectedContainer.json b/schema/archive/v5.0/docs/CVE_JSON_cnaRejectedContainer.json deleted file mode 100644 index afae83b0ae7..00000000000 --- a/schema/archive/v5.0/docs/CVE_JSON_cnaRejectedContainer.json +++ /dev/null @@ -1,2560 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_cnaRejectedContainer.json", - "title": "CVE JSON cnaRejectedContainer sub schema", - "description": "CVE JSON cnaRejectedContainer format", - "definitions": { - "uriType": { - "description": "A universal resource identifier (URI), according to [RFC 3986](https://tools.ietf.org/html/rfc3986).", - "type": "string", - "format": "uri", - "minLength": 1, - "maxLength": 2048 - }, - "uuidType": { - "description": "A version 4 (random) universally unique identifier (UUID) as defined by [RFC 4122](https://tools.ietf.org/html/rfc4122#section-4.1.3).", - "type": "string", - "pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$" - }, - "reference": { - "type": "object", - "required": [ - "url" - ], - "properties": { - "url": { - "description": "The uniform resource locator (URL), according to [RFC 3986](https://tools.ietf.org/html/rfc3986#section-1.1.3), that can be used to retrieve the referenced resource.", - "$ref": "#/definitions/uriType" - }, - "name": { - "description": "User created name for the reference, often the title of the page.", - "type": "string", - "maxLength": 512, - "minLength": 1 - }, - "tags": { - "description": "An array of one or more tags that describe the resource referenced by 'url'.", - "type": "array", - "minItems": 1, - "uniqueItems": true, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/reference/", - "type": "string", - "description": "broken-link: The reference link is returning a 404 error, or the site is no longer online.\n\ncustomer-entitlement: Similar to Privileges Required, but specific to references that require non-public/paid access for customers of the particular vendor.\n\nexploit: Reference contains an in-depth/detailed description of steps to exploit a vulnerability OR the reference contains any legitimate Proof of Concept (PoC) code or exploit kit.\n\ngovernment-resource: All reference links that are from a government agency or organization should be given the Government Resource tag.\n\nissue-tracking: The reference is a post from a bug tracking tool such as MantisBT, Bugzilla, JIRA, Github Issues, etc...\n\nmailing-list: The reference is from a mailing list -- often specific to a product or vendor.\n\nmitigation: The reference contains information on steps to mitigate against the vulnerability in the event a patch can't be applied or is unavailable or for EOL product situations.\n\nnot-applicable: The reference link is not applicable to the vulnerability and was likely associated by MITRE accidentally (should be used sparingly).\n\npatch: The reference contains an update to the software that fixes the vulnerability.\n\npermissions-required: The reference link provided is blocked by a logon page. If credentials are required to see any information this tag must be applied.\n\nmedia-coverage: The reference is from a media outlet such as a newspaper, magazine, social media, or weblog. This tag is not intended to apply to any individual's personal social media account. It is strictly intended for public media entities.\n\nproduct: A reference appropriate for describing a product for the purpose of CPE or SWID.\n\nrelated: A reference that is for a related (but not the same) vulnerability.\n\nrelease-notes: The reference is in the format of a vendor or open source project's release notes or change log.\n\nsignature: The reference contains a method to detect or prevent the presence or exploitation of the vulnerability.\n\ntechnical-description: The reference contains in-depth technical information about a vulnerability and its exploitation process, typically in the form of a presentation or whitepaper.\n\nthird-party-advisory: Advisory is from an organization that is not the vulnerable product's vendor/publisher/maintainer.\n\nvendor-advisory: Advisory is from the vendor/publisher/maintainer of the product or the parent organization.\n\nvdb-entry: VDBs are loosely defined as sites that provide information about this vulnerability, such as advisories, with identifiers. Included VDBs are free to access, substantially public, and have broad scope and coverage (not limited to a single vendor or research organization). See: https://www.first.org/global/sigs/vrdx/vdb-catalog", - "enum": [ - "broken-link", - "customer-entitlement", - "exploit", - "government-resource", - "issue-tracking", - "mailing-list", - "mitigation", - "not-applicable", - "patch", - "permissions-required", - "media-coverage", - "product", - "related", - "release-notes", - "signature", - "technical-description", - "third-party-advisory", - "vendor-advisory", - "vdb-entry" - ] - } - ] - } - } - }, - "additionalProperties": false - }, - "cveId": { - "type": "string", - "pattern": "^CVE-[0-9]{4}-[0-9]{4,19}$" - }, - "orgId": { - "description": "A UUID for an organization participating in the CVE program. This UUID can be used to lookup the organization record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "userId": { - "description": "A UUID for a user participating in the CVE program. This UUID can be used to lookup the user record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "shortName": { - "description": "A 2-32 character name that can be used to complement an organization's UUID.", - "type": "string", - "minLength": 2, - "maxLength": 32 - }, - "datestamp": { - "description": "Date/time format based on RFC3339 and ISO ISO8601.", - "type": "string", - "format": "date", - "pattern": "^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))$" - }, - "timestamp": { - "type": "string", - "format": "date-time", - "description": "Date/time format based on RFC3339 and ISO ISO8601, with an optional timezone in the format 'yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM'. If timezone offset is not given, GMT (+00:00) is assumed.", - "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$" - }, - "version": { - "description": "A single version of a product, as expressed in its own version numbering scheme.", - "type": "string", - "minLength": 1, - "maxLength": 1024 - }, - "status": { - "description": "The vulnerability status of a given version or range of versions of a product. The statuses 'affected' and 'unaffected' indicate that the version is affected or unaffected by the vulnerability. The status 'unknown' indicates that it is unknown or unspecified whether the given version is affected. There can be many reasons for an 'unknown' status, including that an investigation has not been undertaken or that a vendor has not disclosed the status.", - "type": "string", - "enum": [ - "affected", - "unaffected", - "unknown" - ] - }, - "product": { - "type": "object", - "description": "Provides information about the set of products and services affected by this vulnerability.", - "allOf": [ - { - "anyOf": [ - { - "required": [ - "vendor", - "product" - ] - }, - { - "required": [ - "collectionURL", - "packageName" - ] - } - ] - }, - { - "anyOf": [ - { - "required": [ - "versions" - ] - }, - { - "required": [ - "defaultStatus" - ] - } - ] - } - ], - "properties": { - "vendor": { - "type": "string", - "description": "Name of the organization, project, community, individual, or user that created or maintains this product or hosted service. Can be 'N/A' if none of those apply. When collectionURL and packageName are used, this field may optionally represent the user or account within the package collection associated with the package.", - "minLength": 1, - "maxLength": 512 - }, - "product": { - "type": "string", - "description": "Name of the affected product.", - "minLength": 1, - "maxLength": 2048 - }, - "collectionURL": { - "description": "URL identifying a package collection (determines the meaning of packageName).", - "$ref": "#/definitions/uriType", - "examples": [ - "https://access.redhat.com/downloads/content/package-browser", - "https://addons.mozilla.org", - "https://addons.thunderbird.net", - "https://anaconda.org/anaconda/repo", - "https://app.vagrantup.com/boxes/search", - "https://apps.apple.com", - "https://archlinux.org/packages", - "https://atmospherejs.meteor.com", - "https://atom.io/packages", - "https://bitbucket.org", - "https://bower.io", - "https://brew.sh/", - "https://chocolatey.org/packages", - "https://chrome.google.com/webstore", - "https://clojars.org", - "https://cocoapods.org", - "https://code.dlang.org", - "https://conan.io/center", - "https://cpan.org/modules", - "https://cran.r-project.org", - "https://crates.io", - "https://ctan.org/pkg", - "https://drupal.org", - "https://exchange.adobe.com", - "https://forge.puppet.com/modules", - "https://github.com", - "https://gitlab.com/explore", - "https://golang.org/pkg", - "https://guix.gnu.org/packages", - "https://hackage.haskell.org", - "https://helm.sh", - "https://hub.docker.com", - "https://juliahub.com", - "https://lib.haxe.org", - "https://luarocks.org", - "https://marketplace.visualstudio.com", - "https://melpa.org", - "https://microsoft.com/en-us/store/apps", - "https://nimble.directory", - "https://nuget.org/packages", - "https://opam.ocaml.org/packages", - "https://openwrt.org/packages/index", - "https://package.elm-lang.org", - "https://packagecontrol.io", - "https://packages.debian.org", - "https://packages.gentoo.org", - "https://packagist.org", - "https://pear.php.net/packages.php", - "https://pecl.php.net", - "https://platformio.org/lib", - "https://play.google.com/store", - "https://plugins.gradle.org", - "https://projects.eclipse.org", - "https://pub.dev", - "https://pypi.python.org", - "https://registry.npmjs.org", - "https://registry.terraform.io", - "https://repo.hex.pm", - "https://repo.maven.apache.org/maven2", - "https://rubygems.org", - "https://search.nixos.org/packages", - "https://sourceforge.net", - "https://wordpress.org/plugins" - ] - }, - "packageName": { - "type": "string", - "description": "Name or identifier of the affected software package as used in the package collection.", - "minLength": 1, - "maxLength": 2048 - }, - "cpes": { - "type": "array", - "description": "Affected products defined by CPE. This is an array of CPE values (vulnerable and not), we use an array so that we can make multiple statements about the same version and they are separate (if we used a JSON object we'd essentially be keying on the CPE name and they would have to overlap). Also, this allows things like cveDataVersion or cveDescription to be applied directly to the product entry. This also allows more complex statements such as \"Product X between versions 10.2 and 10.8\" to be put in a machine-readable format. As well since multiple statements can be used multiple branches of the same product can be defined here.", - "uniqueItems": true, - "items": { - "title": "CPE Name", - "type": "string", - "description": "Common Platform Enumeration (CPE) Name in either 2.2 or 2.3 format", - "pattern": "([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})", - "minLength": 1, - "maxLength": 2048 - } - }, - "modules": { - "type": "array", - "description": "A list of the affected components, features, modules, sub-components, sub-products, APIs, commands, utilities, programs, or functionalities (optional).", - "uniqueItems": true, - "items": { - "type": "string", - "description": "Name of the affected component, feature, module, sub-component, sub-product, API, command, utility, program, or functionality (optional).", - "minLength": 1, - "maxLength": 4096 - } - }, - "programFiles": { - "type": "array", - "description": "A list of the affected source code files (optional).", - "uniqueItems": true, - "items": { - "description": "Name or path or location of the affected source code file.", - "type": "string", - "minLength": 1, - "maxLength": 1024 - } - }, - "programRoutines": { - "type": "array", - "description": "A list of the affected source code functions, methods, subroutines, or procedures (optional).", - "uniqueItems": true, - "items": { - "type": "object", - "description": "An object describing program routine.", - "required": [ - "name" - ], - "properties": { - "name": { - "type": "string", - "description": "Name of the affected source code file, function, method, subroutine, or procedure.", - "minLength": 1, - "maxLength": 4096 - } - }, - "additionalProperties": false - } - }, - "platforms": { - "title": "Platforms", - "description": "List of specific platforms if the vulnerability is only relevant in the context of these platforms (optional). Platforms may include execution environments, operating systems, virtualization technologies, hardware models, or computing architectures. The lack of this field or an empty array implies that the other fields are applicable to all relevant platforms.", - "type": "array", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "string", - "examples": [ - "iOS", - "Android", - "Windows", - "macOS", - "x86", - "ARM", - "64 bit", - "Big Endian", - "iPad", - "Chromebook", - "Docker", - "Model T" - ], - "maxLength": 1024 - } - }, - "repo": { - "description": "The URL of the source code repository, for informational purposes and/or to resolve git hash version ranges.", - "$ref": "#/definitions/uriType" - }, - "defaultStatus": { - "description": "The default status for versions that are not otherwise listed in the versions list. If not specified, defaultStatus defaults to 'unknown'. Versions or defaultStatus may be omitted, but not both.", - "$ref": "#/definitions/status" - }, - "versions": { - "type": "array", - "description": "Set of product versions or version ranges related to the vulnerability. The versions satisfy the CNA Rules [8.1.2 requirement](https://cve.mitre.org/cve/cna/rules.html#section_8-1_cve_entry_information_requirements). Versions or defaultStatus may be omitted, but not both.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A single version or a range of versions, with vulnerability status.\n\nAn entry with only 'version' and 'status' indicates the status of a single version.\n\nOtherwise, an entry describes a range; it must include the 'versionType' property, to define the version numbering semantics in use, and 'limit', to indicate the non-inclusive upper limit of the range. The object describes the status for versions V such that 'version' <= V and V < 'limit', using the <= and < semantics defined for the specific kind of 'versionType'. Status changes within the range can be specified by an optional 'changes' list.\n\nThe algorithm to decide the status specified for a version V is:\n\n\tfor entry in product.versions {\n\t\tif entry.lessThan is not present and entry.lessThanOrEqual is not present and v == entry.version {\n\t\t\treturn entry.status\n\t\t}\n\t\tif (entry.lessThan is present and entry.version <= v and v < entry.lessThan) or\n\t\t (entry.lessThanOrEqual is present and entry.version <= v and v <= entry.lessThanOrEqual) { // <= and < defined by entry.versionType\n\t\t\tstatus = entry.status\n\t\t\tfor change in entry.changes {\n\t\t\t\tif change.at <= v {\n\t\t\t\t\tstatus = change.status\n\t\t\t\t}\n\t\t\t}\n\t\t\treturn status\n\t\t}\n\t}\n\treturn product.defaultStatus\n\n.", - "oneOf": [ - { - "required": [ - "version", - "status" - ], - "maxProperties": 2 - }, - { - "required": [ - "version", - "status", - "versionType" - ], - "maxProperties": 3 - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThan" - ] - }, - { - "required": [ - "version", - "status", - "versionType", - "lessThanOrEqual" - ] - } - ], - "properties": { - "version": { - "description": "The single version being described, or the version at the start of the range. By convention, typically 0 denotes the earliest possible version.", - "$ref": "#/definitions/version" - }, - "status": { - "description": "The vulnerability status for the version or range of versions. For a range, the status may be refined by the 'changes' list.", - "$ref": "#/definitions/status" - }, - "versionType": { - "type": "string", - "description": "The version numbering system used for specifying the range. This defines the exact semantics of the comparison (less-than) operation on versions, which is required to understand the range itself. 'Custom' indicates that the version type is unspecified and should be avoided whenever possible. It is included primarily for use in conversion of older data files.", - "minLength": 1, - "maxLength": 128, - "examples": [ - "custom", - "git", - "maven", - "python", - "rpm", - "semver" - ] - }, - "lessThan": { - "description": "The non-inclusive upper limit of the range. This is the least version NOT in the range. The usual version syntax is expanded to allow a pattern to end in an asterisk `(*)`, indicating an arbitrarily large number in the version ordering. For example, `{version: 1.0 lessThan: 1.*}` would describe the entire 1.X branch for most range kinds, and `{version: 2.0, lessThan: *}` describes all versions starting at 2.0, including 3.0, 5.1, and so on. Only one of lessThan and lessThanOrEqual should be specified.", - "$ref": "#/definitions/version" - }, - "lessThanOrEqual": { - "description": "The inclusive upper limit of the range. This is the greatest version contained in the range. Only one of lessThan and lessThanOrEqual should be specified. For example, `{version: 1.0, lessThanOrEqual: 1.3}` covers all versions from 1.0 up to and including 1.3.", - "$ref": "#/definitions/version" - }, - "changes": { - "type": "array", - "description": "A list of status changes that take place during the range. The array should be sorted in increasing order by the 'at' field, according to the versionType, but clients must re-sort the list themselves rather than assume it is sorted.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "The start of a single status change during the range.", - "required": [ - "at", - "status" - ], - "additionalProperties": false, - "properties": { - "at": { - "description": "The version at which a status change occurs.", - "$ref": "#/definitions/version" - }, - "status": { - "description": "The new status in the range starting at the given version.", - "$ref": "#/definitions/status" - } - } - } - } - }, - "additionalProperties": false - } - } - } - }, - "dataType": { - "description": "Indicates the type of information represented in the JSON instance.", - "type": "string", - "enum": [ - "CVE_RECORD" - ] - }, - "dataVersion": { - "description": "The version of the CVE schema used for validating this record. Used to support multiple versions of this format.", - "type": "string", - "pattern": "^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$", - "default": "5.1.0" - }, - "cveMetadataPublished": { - "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", - "type": "object", - "required": [ - "cveId", - "assignerOrgId", - "state" - ], - "properties": { - "cveId": { - "description": "The CVE identifier that this record pertains to.", - "$ref": "#/definitions/cveId" - }, - "assignerOrgId": { - "$ref": "#/definitions/orgId", - "description": "The UUID for the organization to which the CVE ID was originally assigned. This UUID can be used to lookup the organization record in the user registry service." - }, - "assignerShortName": { - "$ref": "#/definitions/shortName", - "description": "The short name for the organization to which the CVE ID was originally assigned." - }, - "requesterUserId": { - "$ref": "#/definitions/userId", - "description": "The user that requested the CVE identifier." - }, - "dateUpdated": { - "description": "The date/time the record was last updated.", - "$ref": "#/definitions/timestamp" - }, - "serial": { - "type": "integer", - "minimum": 1, - "description": "The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition." - }, - "dateReserved": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE." - }, - "datePublished": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE Record was first published in the CVE List." - }, - "state": { - "description": "State of CVE - PUBLISHED, REJECTED.", - "type": "string", - "enum": [ - "PUBLISHED" - ] - } - }, - "additionalProperties": false - }, - "cveMetadataRejected": { - "type": "object", - "description": "This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.", - "required": [ - "cveId", - "assignerOrgId", - "state" - ], - "properties": { - "cveId": { - "description": "The CVE identifier that this record pertains to.", - "$ref": "#/definitions/cveId" - }, - "assignerOrgId": { - "$ref": "#/definitions/orgId", - "description": "The UUID for the organization to which the CVE ID was originally assigned." - }, - "assignerShortName": { - "$ref": "#/definitions/shortName", - "description": "The short name for the organization to which the CVE ID was originally assigned." - }, - "serial": { - "type": "integer", - "minimum": 1, - "description": "The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition." - }, - "dateUpdated": { - "description": "The date/time the record was last updated.", - "$ref": "#/definitions/timestamp" - }, - "datePublished": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE Record was first published in the CVE List." - }, - "dateRejected": { - "$ref": "#/definitions/timestamp", - "description": "The date/time the CVE ID was rejected." - }, - "state": { - "type": "string", - "description": "State of CVE - PUBLISHED, REJECTED.", - "enum": [ - "REJECTED" - ] - }, - "dateReserved": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE." - } - }, - "additionalProperties": false - }, - "providerMetadata": { - "type": "object", - "description": "Details related to the information container provider (CNA or ADP).", - "properties": { - "orgId": { - "$ref": "#/definitions/orgId", - "description": "The container provider's organizational UUID." - }, - "shortName": { - "$ref": "#/definitions/shortName", - "description": "The container provider's organizational short name." - }, - "dateUpdated": { - "$ref": "#/definitions/timestamp", - "description": "Timestamp to be set by the system of record at time of submission. If dateUpdated is provided to the system of record it will be replaced by the current timestamp at the time of submission." - } - }, - "required": [ - "orgId" - ], - "additionalProperties": false - }, - "cnaPublishedContainer": { - "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a published CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA. The CNA container must include the required information defined in the CVE Rules, which includes a product, version, problem type, prose description, and a reference.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "dateAssigned": { - "$ref": "#/definitions/timestamp", - "description": "The date/time this CVE ID was associated with a vulnerability by a CNA." - }, - "datePublic": { - "$ref": "#/definitions/timestamp", - "description": "If known, the date/time the vulnerability was disclosed publicly." - }, - "title": { - "type": "string", - "description": "A title, headline, or a brief phrase summarizing the CVE record. Eg., Buffer overflow in Example Soft.", - "minLength": 1, - "maxLength": 256 - }, - "descriptions": { - "$ref": "#/definitions/descriptions" - }, - "affected": { - "$ref": "#/definitions/affected" - }, - "problemTypes": { - "$ref": "#/definitions/problemTypes" - }, - "references": { - "$ref": "#/definitions/references" - }, - "impacts": { - "$ref": "#/definitions/impacts" - }, - "metrics": { - "$ref": "#/definitions/metrics" - }, - "configurations": { - "$ref": "#/definitions/configurations" - }, - "workarounds": { - "$ref": "#/definitions/workarounds" - }, - "solutions": { - "$ref": "#/definitions/solutions" - }, - "exploits": { - "$ref": "#/definitions/exploits" - }, - "timeline": { - "$ref": "#/definitions/timeline" - }, - "credits": { - "$ref": "#/definitions/credits" - }, - "source": { - "$ref": "#/definitions/source" - }, - "tags": { - "$ref": "#/definitions/cnaTags" - }, - "taxonomyMappings": { - "$ref": "#/definitions/taxonomyMappings" - } - }, - "required": [ - "providerMetadata", - "descriptions", - "affected", - "references" - ], - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "cnaRejectedContainer": { - "description": "An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a rejected CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "rejectedReasons": { - "description": "Reasons for rejecting this CVE Record.", - "$ref": "#/definitions/descriptions" - }, - "replacedBy": { - "type": "array", - "description": "Contains an array of CVE IDs that this CVE ID was rejected in favor of because this CVE ID was assigned to the vulnerabilities.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/cveId" - } - } - }, - "required": [ - "providerMetadata", - "rejectedReasons" - ], - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "adpContainer": { - "description": "An object containing the vulnerability information provided by an Authorized Data Publisher (ADP). Since multiple ADPs can provide information for a CVE ID, an ADP container must indicate which ADP is the source of the information in the object.", - "type": "object", - "properties": { - "providerMetadata": { - "$ref": "#/definitions/providerMetadata" - }, - "datePublic": { - "$ref": "#/definitions/timestamp", - "description": "If known, the date/time the vulnerability was disclosed publicly." - }, - "title": { - "type": "string", - "description": "A title, headline, or a brief phrase summarizing the information in an ADP container.", - "minLength": 1, - "maxLength": 256 - }, - "descriptions": { - "$ref": "#/definitions/descriptions" - }, - "affected": { - "$ref": "#/definitions/affected" - }, - "problemTypes": { - "$ref": "#/definitions/problemTypes" - }, - "references": { - "$ref": "#/definitions/references" - }, - "impacts": { - "$ref": "#/definitions/impacts" - }, - "metrics": { - "$ref": "#/definitions/metrics" - }, - "configurations": { - "$ref": "#/definitions/configurations" - }, - "workarounds": { - "$ref": "#/definitions/workarounds" - }, - "solutions": { - "$ref": "#/definitions/solutions" - }, - "exploits": { - "$ref": "#/definitions/exploits" - }, - "timeline": { - "$ref": "#/definitions/timeline" - }, - "credits": { - "$ref": "#/definitions/credits" - }, - "source": { - "$ref": "#/definitions/source" - }, - "tags": { - "$ref": "#/definitions/adpTags" - }, - "taxonomyMappings": { - "$ref": "#/definitions/taxonomyMappings" - } - }, - "required": [ - "providerMetadata" - ], - "minProperties": 2, - "patternProperties": { - "^x_[^.]*$": {} - }, - "$comment": "The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.", - "additionalProperties": false - }, - "affected": { - "type": "array", - "description": "List of affected products.", - "minItems": 1, - "items": { - "$ref": "#/definitions/product" - } - }, - "description": { - "type": "object", - "description": "Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.", - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "description": "Plain text description.", - "minLength": 1, - "maxLength": 4096 - }, - "supportingMedia": { - "type": "array", - "title": "Supporting media", - "description": "Supporting media data for the description such as markdown, diagrams, .. (optional). Similar to RFC 2397 each media object has three main parts: media type, media data value, and an optional boolean flag to indicate if the media data is base64 encoded.", - "uniqueItems": true, - "minItems": 1, - "items": { - "type": "object", - "properties": { - "type": { - "type": "string", - "title": "Media type", - "minLength": 1, - "maxLength": 256, - "description": "RFC2046 compliant IANA Media type for eg., text/markdown, text/html.", - "examples": [ - "text/markdown", - "text/html", - "image/png", - "image/svg", - "audio/mp3" - ] - }, - "base64": { - "type": "boolean", - "title": "Encoding", - "description": "If true then the value field contains the media data encoded in base64. If false then the value field contains the UTF-8 media content.", - "default": false - }, - "value": { - "type": "string", - "description": "Supporting media content, up to 16K. If base64 is true, this field stores base64 encoded data.", - "minLength": 1, - "maxLength": 16384 - } - }, - "required": [ - "type", - "value" - ], - "additionalProperties": false - } - } - }, - "required": [ - "lang", - "value" - ], - "additionalProperties": false - }, - "englishLanguageDescription": { - "type": "object", - "description": "A description with lang set to an English language (en, en_US, en_UK, and so on).", - "properties": { - "lang": { - "$ref": "#/definitions/englishLanguage" - } - }, - "required": [ - "lang" - ], - "$comment": "Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description." - }, - "descriptions": { - "type": "array", - "description": "A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - }, - "contains": { - "$ref": "#/definitions/englishLanguageDescription" - } - }, - "problemTypes": { - "type": "array", - "description": "This is problem type information (e.g. CWE identifier). Must contain: At least one entry, can be text, OWASP, CWE, please note that while only one is required you can use more than one (or indeed all three) as long as they are correct). (CNA requirement: [PROBLEMTYPE]).", - "items": { - "type": "object", - "required": [ - "descriptions" - ], - "properties": { - "descriptions": { - "type": "array", - "items": { - "type": "object", - "required": [ - "lang", - "description" - ], - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "description": { - "type": "string", - "description": "Text description of problemType, or title from CWE or OWASP.", - "minLength": 1, - "maxLength": 4096 - }, - "cweId": { - "type": "string", - "description": "CWE ID of the CWE that best describes this problemType entry.", - "minLength": 5, - "maxLength": 9, - "pattern": "^CWE-[1-9][0-9]*$" - }, - "type": { - "type": "string", - "description": "Problemtype source, text, OWASP, CWE, etc.,", - "minLength": 1, - "maxLength": 128 - }, - "references": { - "$ref": "#/definitions/references" - } - }, - "additionalProperties": false - }, - "minItems": 1, - "uniqueItems": true - } - }, - "additionalProperties": false - }, - "minItems": 1, - "uniqueItems": true - }, - "references": { - "type": "array", - "description": "This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are \"dangerous\").", - "items": { - "$ref": "#/definitions/reference" - }, - "minItems": 1, - "maxItems": 512, - "uniqueItems": true - }, - "impacts": { - "type": "array", - "description": "Collection of impacts of this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "This is impact type information (e.g. a text description.", - "required": [ - "descriptions" - ], - "properties": { - "capecId": { - "type": "string", - "description": "CAPEC ID that best relates to this impact.", - "minLength": 7, - "maxLength": 11, - "pattern": "^CAPEC-[1-9][0-9]{0,4}$" - }, - "descriptions": { - "description": "Prose description of the impact scenario. At a minimum provide the description given by CAPEC.", - "$ref": "#/definitions/descriptions" - } - }, - "additionalProperties": false - } - }, - "metrics": { - "type": "array", - "description": "Collection of impact scores with attribution.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "This is impact type information (e.g. a text description, CVSSv2, CVSSv3, CVSSV4, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.", - "anyOf": [ - { - "required": [ - "cvssV4_0" - ] - }, - { - "required": [ - "cvssV3_1" - ] - }, - { - "required": [ - "cvssV3_0" - ] - }, - { - "required": [ - "cvssV2_0" - ] - }, - { - "required": [ - "other" - ] - } - ], - "properties": { - "format": { - "type": "string", - "description": "Name of the scoring format. This provides a bit of future proofing. Additional properties are not prohibited, so this will support the inclusion of proprietary formats. It also provides an easy future conversion mechanism when future score formats become part of the schema. example: cvssV44, format = 'cvssV44', other = cvssV4_4 JSON object. In the future, the other properties can be converted to score properties when they become part of the schema.", - "minLength": 1, - "maxLength": 64 - }, - "scenarios": { - "type": "array", - "description": "Description of the scenarios this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "properties": { - "lang": { - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "default": "GENERAL", - "description": "Description of the scenario this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.", - "minLength": 1, - "maxLength": 4096 - } - }, - "required": [ - "lang", - "value" - ], - "additionalProperties": false - } - }, - "cvssV4_0": { - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 4.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "attackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT" - ] - }, - "modifiedAttackRequirementsType": { - "type": "string", - "enum": [ - "NONE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "PASSIVE", - "ACTIVE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedVulnCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "subCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedSubCType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "modifiedSubIaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "SAFETY", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "exploitMaturityType": { - "type": "string", - "enum": [ - "UNREPORTED", - "PROOF_OF_CONCEPT", - "ATTACKED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "safetyType": { - "type": "string", - "enum": [ - "NEGLIGIBLE", - "PRESENT", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "automatableType": { - "type": "string", - "enum": [ - "NO", - "YES", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "recoveryType": { - "type": "string", - "enum": [ - "AUTOMATIC", - "USER", - "IRRECOVERABLE", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "valueDensityType": { - "type": "string", - "enum": [ - "DIFFUSE", - "CONCENTRATED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "vulnerabilityResponseEffortType": { - "type": "string", - "enum": [ - "LOW", - "MODERATE", - "HIGH", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "providerUrgencyType": { - "type": "string", - "enum": [ - "CLEAR", - "GREEN", - "AMBER", - "RED", - "NOT_DEFINED" - ], - "default": "NOT_DEFINED" - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10, - "multipleOf": 0.1 - }, - "noneScoreType": { - "type": "number", - "minimum": 0, - "maximum": 0 - }, - "lowScoreType": { - "type": "number", - "minimum": 0.1, - "maximum": 3.9, - "multipleOf": 0.1 - }, - "mediumScoreType": { - "type": "number", - "minimum": 4, - "maximum": 6.9, - "multipleOf": 0.1 - }, - "highScoreType": { - "type": "number", - "minimum": 7, - "maximum": 8.9, - "multipleOf": 0.1 - }, - "criticalScoreType": { - "type": "number", - "minimum": 9, - "maximum": 10, - "multipleOf": 0.1 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - }, - "noneSeverityType": { - "const": "NONE" - }, - "lowSeverityType": { - "const": "LOW" - }, - "mediumSeverityType": { - "const": "MEDIUM" - }, - "highSeverityType": { - "const": "HIGH" - }, - "criticalSeverityType": { - "const": "CRITICAL" - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "4.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType" - }, - "attackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType" - }, - "vulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "vulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType" - }, - "subConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "subAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType" - }, - "exploitMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType" - }, - "modifiedAttackRequirements": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType" - }, - "modifiedVulnConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedVulnAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType" - }, - "modifiedSubConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType" - }, - "modifiedSubIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "modifiedSubAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType" - }, - "Safety": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType" - }, - "Automatable": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType" - }, - "Recovery": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType" - }, - "valueDensity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType" - }, - "vulnerabilityResponseEffort": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType" - }, - "providerUrgency": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType" - } - }, - "allOf": [ - { - "anyOf": [ - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "threatScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "threatSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType" - } - } - }, - { - "properties": { - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType" - } - } - } - ] - } - ], - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV3_1": { - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.1", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ] - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED", - "NOT_DEFINED" - ] - }, - "scopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED" - ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED", - "NOT_DEFINED" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "confidenceType": { - "type": "string", - "enum": [ - "UNKNOWN", - "REASONABLE", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "3.1" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType" - }, - "scope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - }, - "exploitCodeMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "temporalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType" - }, - "modifiedScope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType" - }, - "modifiedConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "modifiedIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "modifiedAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV3_0": { - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 3.0", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL" - ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL", - "PHYSICAL", - "NOT_DEFINED" - ] - }, - "attackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW" - ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NOT_DEFINED" - ] - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE" - ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ - "HIGH", - "LOW", - "NONE", - "NOT_DEFINED" - ] - }, - "userInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED" - ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ - "NONE", - "REQUIRED", - "NOT_DEFINED" - ] - }, - "scopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED" - ] - }, - "modifiedScopeType": { - "type": "string", - "enum": [ - "UNCHANGED", - "CHANGED", - "NOT_DEFINED" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH" - ] - }, - "modifiedCiaType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "HIGH", - "NOT_DEFINED" - ] - }, - "exploitCodeMaturityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "confidenceType": { - "type": "string", - "enum": [ - "UNKNOWN", - "REASONABLE", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - }, - "severityType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "CRITICAL" - ] - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "3.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" - }, - "attackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType" - }, - "attackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType" - }, - "privilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType" - }, - "userInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType" - }, - "scope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "baseSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - }, - "exploitCodeMaturity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "temporalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType" - }, - "modifiedAttackVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType" - }, - "modifiedAttackComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType" - }, - "modifiedPrivilegesRequired": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType" - }, - "modifiedUserInteraction": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType" - }, - "modifiedScope": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType" - }, - "modifiedConfidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "modifiedIntegrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "modifiedAvailabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType" - }, - "environmentalSeverity": { - "$ref": "#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore", - "baseSeverity" - ], - "additionalProperties": false - }, - "cvssV2_0": { - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 2.0", - "type": "object", - "definitions": { - "accessVectorType": { - "type": "string", - "enum": [ - "NETWORK", - "ADJACENT_NETWORK", - "LOCAL" - ] - }, - "accessComplexityType": { - "type": "string", - "enum": [ - "HIGH", - "MEDIUM", - "LOW" - ] - }, - "authenticationType": { - "type": "string", - "enum": [ - "MULTIPLE", - "SINGLE", - "NONE" - ] - }, - "ciaType": { - "type": "string", - "enum": [ - "NONE", - "PARTIAL", - "COMPLETE" - ] - }, - "exploitabilityType": { - "type": "string", - "enum": [ - "UNPROVEN", - "PROOF_OF_CONCEPT", - "FUNCTIONAL", - "HIGH", - "NOT_DEFINED" - ] - }, - "remediationLevelType": { - "type": "string", - "enum": [ - "OFFICIAL_FIX", - "TEMPORARY_FIX", - "WORKAROUND", - "UNAVAILABLE", - "NOT_DEFINED" - ] - }, - "reportConfidenceType": { - "type": "string", - "enum": [ - "UNCONFIRMED", - "UNCORROBORATED", - "CONFIRMED", - "NOT_DEFINED" - ] - }, - "collateralDamagePotentialType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "LOW_MEDIUM", - "MEDIUM_HIGH", - "HIGH", - "NOT_DEFINED" - ] - }, - "targetDistributionType": { - "type": "string", - "enum": [ - "NONE", - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "ciaRequirementType": { - "type": "string", - "enum": [ - "LOW", - "MEDIUM", - "HIGH", - "NOT_DEFINED" - ] - }, - "scoreType": { - "type": "number", - "minimum": 0, - "maximum": 10 - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ - "2.0" - ] - }, - "vectorString": { - "type": "string", - "pattern": "^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$" - }, - "accessVector": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType" - }, - "accessComplexity": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType" - }, - "authentication": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType" - }, - "confidentialityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "integrityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "availabilityImpact": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType" - }, - "baseScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - }, - "exploitability": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType" - }, - "remediationLevel": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType" - }, - "reportConfidence": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType" - }, - "temporalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - }, - "collateralDamagePotential": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType" - }, - "targetDistribution": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType" - }, - "confidentialityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "integrityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "availabilityRequirement": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType" - }, - "environmentalScore": { - "$ref": "#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType" - } - }, - "required": [ - "version", - "vectorString", - "baseScore" - ], - "additionalProperties": false - }, - "other": { - "type": "object", - "description": "A non-standard impact description, may be prose or JSON block.", - "required": [ - "type", - "content" - ], - "properties": { - "type": { - "description": "Name of the non-standard impact metrics format used.", - "type": "string", - "minLength": 1, - "maxLength": 128 - }, - "content": { - "type": "object", - "$comment": "additionalProperties are allowed here, since this construct supports arbitrary JSON.", - "description": "JSON object not covered by another metrics format.", - "minProperties": 1 - } - }, - "additionalProperties": false - } - }, - "additionalProperties": false - } - }, - "configurations": { - "type": "array", - "description": "Configurations required for exploiting this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "workarounds": { - "type": "array", - "description": "Workarounds and mitigations for this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "solutions": { - "type": "array", - "description": "Information about solutions or remediations available for this vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "exploits": { - "type": "array", - "description": "Information about exploits of the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "$ref": "#/definitions/description" - } - }, - "timeline": { - "type": "array", - "description": "This is timeline information for significant events about this vulnerability or changes to the CVE Record.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "required": [ - "time", - "lang", - "value" - ], - "properties": { - "time": { - "description": "Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM - if the timezone offset is not given, GMT (+00:00) is assumed.", - "$ref": "#/definitions/timestamp" - }, - "lang": { - "description": "The language used in the description of the event. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.", - "$ref": "#/definitions/language" - }, - "value": { - "description": "A summary of the event.", - "type": "string", - "minLength": 1, - "maxLength": 4096 - } - }, - "additionalProperties": false - } - }, - "credits": { - "type": "array", - "description": "Statements acknowledging specific people, organizations, or tools recognizing the work done in researching, discovering, remediating or helping with activities related to this CVE.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "properties": { - "lang": { - "description": "The language used when describing the credits. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.", - "$ref": "#/definitions/language" - }, - "value": { - "type": "string", - "minLength": 1, - "maxLength": 4096 - }, - "user": { - "description": "UUID of the user being credited if present in the CVE User Registry (optional). This UUID can be used to lookup the user record in the user registry service.", - "$ref": "#/definitions/uuidType" - }, - "type": { - "type": "string", - "description": "Type or role of the entity being credited (optional). finder: identifies the vulnerability.\nreporter: notifies the vendor of the vulnerability to a CNA.\nanalyst: validates the vulnerability to ensure accuracy or severity.\ncoordinator: facilitates the coordinated response process.\nremediation developer: prepares a code change or other remediation plans.\nremediation reviewer: reviews vulnerability remediation plans or code changes for effectiveness and completeness.\nremediation verifier: tests and verifies the vulnerability or its remediation.\ntool: names of tools used in vulnerability discovery or identification.\nsponsor: supports the vulnerability identification or remediation activities.", - "default": "finder", - "enum": [ - "finder", - "reporter", - "analyst", - "coordinator", - "remediation developer", - "remediation reviewer", - "remediation verifier", - "tool", - "sponsor", - "other" - ] - } - }, - "additionalProperties": false, - "required": [ - "lang", - "value" - ] - } - }, - "source": { - "type": "object", - "description": "This is the source information (who discovered it, who researched it, etc.) and optionally a chain of CNA information (e.g. the originating CNA and subsequent parent CNAs who have processed it before it arrives at the MITRE root).\n Must contain: IF this is in the root level it MUST contain a CNA_chain entry, IF this source entry is NOT in the root (e.g. it is part of a vendor statement) then it must contain at least one type of data entry.", - "minProperties": 1 - }, - "language": { - "type": "string", - "description": "BCP 47 language code, language-region.", - "default": "en", - "pattern": "^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" - }, - "englishLanguage": { - "type": "string", - "description": "BCP 47 language code, language-region, required to be English.", - "pattern": "^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$" - }, - "taxonomyMappings": { - "type": "array", - "description": "List of taxonomy items related to the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A taxonomy mapping object identifies the taxonomy by a name and version (eg., ATT&CK v13.1, CVSS 3.1, CWE 4.12) along with a list of relations relevant to this CVE.", - "required": [ - "taxonomyName", - "taxonomyRelations" - ], - "properties": { - "taxonomyName": { - "type": "string", - "description": "The name of the taxonomy, eg., ATT&CK, D3FEND, CWE, CVSS", - "minLength": 1, - "maxLength": 128 - }, - "taxonomyVersion": { - "type": "string", - "description": "The version of taxonomy the identifiers come from.", - "minLength": 1, - "maxLength": 128 - }, - "taxonomyRelations": { - "type": "array", - "description": "List of relationships to the taxonomy for the vulnerability.", - "minItems": 1, - "uniqueItems": true, - "items": { - "type": "object", - "description": "A relationship between the taxonomy and the CVE or two taxonomy items.", - "required": [ - "taxonomyId", - "relationshipName", - "relationshipValue" - ], - "properties": { - "taxonomyId": { - "type": "string", - "description": "Identifier of the item in the taxonomy. Used as the subject of the relationship.", - "minLength": 1, - "maxLength": 2048 - }, - "relationshipName": { - "type": "string", - "description": "A description of the relationship.", - "minLength": 1, - "maxLength": 128 - }, - "relationshipValue": { - "type": "string", - "description": "The target of the relationship. Can be the CVE ID or another taxonomy identifier.", - "minLength": 1, - "maxLength": 2048 - } - }, - "additionalProperties": false - } - } - }, - "additionalProperties": false - } - }, - "tagExtension": { - "type": "string", - "minLength": 2, - "maxLength": 128, - "pattern": "^x_.*$", - "$comment": "These values are not used as JSON property names, so there is not a need to work-around property naming limitations in some common implementations." - }, - "cnaTags": { - "type": "array", - "description": "Tags provided by a CNA describing the CVE Record.", - "uniqueItems": true, - "minItems": 1, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/cna/", - "type": "string", - "description": "exclusively-hosted-service: All known software and/or hardware affected by this CVE Record is known to exist only in the affected hosted service. If the vulnerability affects both hosted and on-prem software and/or hardware, then the tag should not be used.\n\nunsupported-when-assigned: Used by the assigning CNA to indicate that when a request for a CVE assignment was received, the product was already end-of-life (EOL) or a product or specific version was deemed not to be supported by the vendor. This tag should only be applied to a CVE Record when all affected products or version lines referenced in the CVE-Record are EOL.\n\ndisputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.", - "enum": [ - "unsupported-when-assigned", - "exclusively-hosted-service", - "disputed" - ] - } - ] - } - }, - "adpTags": { - "type": "array", - "description": "Tags provided by an ADP describing the CVE Record.", - "uniqueItems": true, - "minItems": 1, - "items": { - "oneOf": [ - { - "$ref": "#/definitions/tagExtension" - }, - { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "https://cve.mitre.org/cve/v5_00/tags/adp/", - "type": "string", - "description": "disputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.", - "enum": [ - "disputed" - ] - } - ] - } - } - }, - "properties": { - "cnaContainer": { - "$ref": "#/definitions/cnaRejectedContainer" - } - }, - "additionalProperties": false -} \ No newline at end of file diff --git a/schema/archive/v5.0/docs/cnaContainer-advanced-example.json b/schema/archive/v5.0/docs/cnaContainer-advanced-example.json index c255d81b336..32fa56edadf 100644 --- a/schema/archive/v5.0/docs/cnaContainer-advanced-example.json +++ b/schema/archive/v5.0/docs/cnaContainer-advanced-example.json @@ -1,8 +1,5 @@ { "cnaContainer": { - "providerMetadata": { - "orgId": "00000000-0000-4000-9000-000000000000" - }, "title": "Buffer overflow in Example Enterprise allows Privilege Escalation.", "datePublic": "2021-09-08T16:24:00.000Z", "problemTypes": [ @@ -44,7 +41,7 @@ "Web-Management-Interface" ], "programFiles": [ - "example_enterprise/example.php" + "http://example_enterprise/example.php" ], "programRoutines": [ { @@ -98,15 +95,15 @@ }, { "lang": "eo", - "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise \u0109e Windows, macOS kaj XT-4500 permesas al malproksimaj nea\u016dtentikigitaj atakantoj eskaladi privilegiojn. \u0108i tiu afero efikas: 1.0-versioj anta\u016d 1.0.6, 2.1-versioj de 2.16 \u011dis 2.1.9.", + "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn. Ĉi tiu afero efikas: 1.0-versioj antaŭ 1.0.6, 2.1-versioj de 2.16 ĝis 2.1.9.", "supportingMedia": [ { "type": "text/html", "base64": false, - "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise \u0109e Windows, macOS kaj XT-4500 permesas al malproksimaj nea\u016dtentikigitaj atakantoj eskaladi privilegiojn.

\u0108i tiu afero efikas:
" + "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn.

Ĉi tiu afero efikas:
" } ] - } + } ], "metrics": [ { @@ -117,12 +114,6 @@ "value": "GENERAL" } ], - "cvssV4_0": { - "baseScore": 7.8, - "baseSeverity": "HIGH", - "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L", - "version": "4.0" - }, "cvssV3_1": { "version": "3.1", "attackVector": "NETWORK", diff --git a/schema/archive/v5.0/docs/cnaContainer-basic-example.json b/schema/archive/v5.0/docs/cnaContainer-basic-example.json index 0b474d3e5f6..803654a5c84 100644 --- a/schema/archive/v5.0/docs/cnaContainer-basic-example.json +++ b/schema/archive/v5.0/docs/cnaContainer-basic-example.json @@ -1,8 +1,5 @@ { "cnaContainer": { - "providerMetadata": { - "orgId": "00000000-0000-4000-9000-000000000000" - }, "problemTypes": [ { "descriptions": [ diff --git a/schema/archive/v5.0/docs/cnaContainer-rejected-example.json b/schema/archive/v5.0/docs/cnaContainer-rejected-example.json deleted file mode 100644 index dce4296a3b3..00000000000 --- a/schema/archive/v5.0/docs/cnaContainer-rejected-example.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "cnaContainer": { - "providerMetadata": { - "orgId": "00000000-0000-4000-9000-000000000000", - "shortName": "example" - }, - "rejectedReasons": [ - { - "lang": "en", - "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority." - } - ] - } -} \ No newline at end of file diff --git a/schema/archive/v5.0/docs/full-record-advanced-example.json b/schema/archive/v5.0/docs/full-record-advanced-example.json index da1532278cd..b4087335c36 100644 --- a/schema/archive/v5.0/docs/full-record-advanced-example.json +++ b/schema/archive/v5.0/docs/full-record-advanced-example.json @@ -1,316 +1,310 @@ { - "dataType": "CVE_RECORD", - "dataVersion": "5.1", - "cveMetadata": { - "cveId": "CVE-1337-1234", - "assignerOrgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", - "assignerShortName": "example", - "requesterUserId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", - "serial": 1, - "state": "PUBLISHED" - }, - "containers": { - "cna": { - "providerMetadata": { - "orgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", - "shortName": "example", - "dateUpdated": "2021-09-08T16:24:00.000Z" - }, - "title": "Buffer overflow in Example Enterprise allows Privilege Escalation.", - "datePublic": "2021-09-08T16:24:00.000Z", - "problemTypes": [ - { - "descriptions": [ - { - "lang": "en", - "cweId": "CWE-78", - "description": "CWE-78 OS Command Injection", - "type": "CWE" - } - ] - } - ], - "impacts": [ - { - "capecId": "CAPEC-233", - "descriptions": [ - { - "lang": "en", - "value": "CAPEC-233 Privilege Escalation" - } - ] - } - ], - "affected": [ - { - "vendor": "Example.org", - "product": "Example Enterprise", - "platforms": [ - "Windows", - "MacOS", - "XT-4500" - ], - "collectionURL": "https://example.org/packages", - "packageName": "example_enterprise", - "repo": "git://example.org/source/example_enterprise", - "modules": [ - "Web-Management-Interface" - ], - "programFiles": [ - "example_enterprise/example.php" - ], - "programRoutines": [ - { - "name": "parseFilename" - } - ], - "versions": [ - { - "version": "1.0.0", - "status": "affected", - "lessThan": "1.0.6", - "versionType": "semver" - }, - { - "version": "2.1.0", - "status": "unaffected", - "lessThan": "2.1.*", - "changes": [ - { - "at": "2.1.6", - "status": "affected" - }, - { - "at": "2.1.9", - "status": "unaffected" - } - ], - "versionType": "semver" - }, - { - "version": "3.0.0", - "status": "unaffected", - "lessThan": "*", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges. This issue affects: 1.0 versions before 1.0.6, 2.1 versions from 2.16 until 2.1.9.", - "supportingMedia": [ - { - "type": "text/html", - "base64": false, - "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges.

This issue affects:
" - } - ] + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-1337-1234", + "assignerOrgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", + "assignerShortName": "example", + "requesterUserId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", + "shortName": "example", + "dateUpdated": "2021-09-08T16:24:00.000Z" }, - { - "lang": "eo", - "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn. Ĉi tiu afero efikas: 1.0-versioj antaŭ 1.0.6, 2.1-versioj de 2.16 ĝis 2.1.9.", - "supportingMedia": [ - { - "type": "text/html", - "base64": false, - "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn.

Ĉi tiu afero efikas:
" + "title": "Buffer overflow in Example Enterprise allows Privilege Escalation.", + "datePublic": "2021-09-08T16:24:00.000Z", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-78", + "description": "CWE-78 OS Command Injection", + "type": "CWE" + } + ] + } + ], + "impacts": [ + { + "capecId": "CAPEC-233", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-233 Privilege Escalation" + } + ] + } + ], + "affected": [ + { + "vendor": "Example.org", + "product": "Example Enterprise", + "platforms": [ + "Windows", + "MacOS", + "XT-4500" + ], + "collectionURL": "https://example.org/packages", + "packageName": "example_enterprise", + "repo": "git://example.org/source/example_enterprise", + "modules": [ + "Web-Management-Interface" + ], + "programFiles": [ + "example_enterprise/example.php" + ], + "programRoutines": [ + { + "name": "parseFilename" + } + ], + "versions": [ + { + "version": "1.0.0", + "status": "affected", + "lessThan": "1.0.6", + "versionType": "semver" + }, + { + "version": "2.1.0", + "status": "unaffected", + "lessThan": "2.1.*", + "changes": [ + { + "at": "2.1.6", + "status": "affected" + }, + { + "at": "2.1.9", + "status": "unaffected" + } + ], + "versionType": "semver" + }, + { + "version": "3.0.0", + "status": "unaffected", + "lessThan": "*", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges. This issue affects: 1.0 versions before 1.0.6, 2.1 versions from 2.16 until 2.1.9.", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges.

This issue affects:
" + } + ] + }, + { + "lang": "eo", + "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn. Ĉi tiu afero efikas: 1.0-versioj antaŭ 1.0.6, 2.1-versioj de 2.16 ĝis 2.1.9.", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn.

Ĉi tiu afero efikas:
" + } + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } - ] - } - ], - "metrics": [ - { - "format": "CVSS", - "scenarios": [ - { - "lang": "en", - "value": "GENERAL" + }, + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "If the enhanced host protection mode is turned on, this vulnerability can only be exploited to run os commands as user 'nobody'. Privilege escalation is not possible." + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } - ], - "cvssV4_0": { - "baseScore": 7.8, - "baseSeverity": "HIGH", - "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L", - "version":"4.0" + } + ], + "solutions": [ + { + "lang": "en", + "value": "This issue is fixed in 1.0.6, 2.1.9, and 3.0.0 and all later versions.", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "This issue is fixed in 1.0.6, 2.1.9, and 3.0.0 and all later versions." + } + ] + } + ], + "workarounds": [ + { + "lang": "en", + "value": "Disable the web management interface with the command\n> service disable webmgmt", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Disable the web management interface with the command
> service disable webmgmt
" + } + ] + } + ], + "configurations": [ + { + "lang": "en", + "value": "Web management interface should be enabled.\n> service status webmgmt\nwebmgmt running", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Web management interface should be enabled.
> service status webmgmt
webmgmt running
" + } + ] + } + ], + "exploits": [ + { + "lang": "en", + "value": "Example.org is not aware of any malicious exploitation of the issue however exploits targeting this issue are publicly available.", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Example.org is not aware of any malicious exploitation of the issue however exploits targeting this issue are publicly available." + } + ] + } + ], + "timeline": [ + { + "time": "2001-09-01T07:31:00.000Z", + "lang": "en", + "value": "Issue discovered by Alice using Acme Autofuzz" + }, + { + "time": "2021-09-02T16:36:00.000Z", + "lang": "en", + "value": "Confirmed by Bob" }, - "cvssV3_1": { - "version": "3.1", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" + { + "time": "2021-09-07T16:37:00.000Z", + "lang": "en", + "value": "Fixes released" } - }, - { - "format": "CVSS", - "scenarios": [ - { - "lang": "en", - "value": "If the enhanced host protection mode is turned on, this vulnerability can only be exploited to run os commands as user 'nobody'. Privilege escalation is not possible." - } - ], - "cvssV3_1": { - "version": "3.1", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.3, - "baseSeverity": "HIGH", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" + ], + "credits": [ + { + "lang": "en", + "value": "Alice", + "type": "finder" + }, + { + "lang": "en", + "value": "Bob", + "type": "analyst" + }, + { + "lang": "en", + "value": "Acme Autofuzz", + "type": "tool" } - } - ], - "solutions": [ - { - "lang": "en", - "value": "This issue is fixed in 1.0.6, 2.1.9, and 3.0.0 and all later versions.", - "supportingMedia": [ - { - "type": "text/html", - "base64": false, - "value": "This issue is fixed in 1.0.6, 2.1.9, and 3.0.0 and all later versions." - } - ] - } - ], - "workarounds": [ - { - "lang": "en", - "value": "Disable the web management interface with the command\n> service disable webmgmt", - "supportingMedia": [ - { - "type": "text/html", - "base64": false, - "value": "Disable the web management interface with the command
> service disable webmgmt
" - } - ] - } - ], - "configurations": [ - { - "lang": "en", - "value": "Web management interface should be enabled.\n> service status webmgmt\nwebmgmt running", - "supportingMedia": [ - { - "type": "text/html", - "base64": false, - "value": "Web management interface should be enabled.
> service status webmgmt
webmgmt running
" - } - ] - } - ], - "exploits": [ - { - "lang": "en", - "value": "Example.org is not aware of any malicious exploitation of the issue however exploits targeting this issue are publicly available.", - "supportingMedia": [ - { - "type": "text/html", - "base64": false, - "value": "Example.org is not aware of any malicious exploitation of the issue however exploits targeting this issue are publicly available." - } - ] - } - ], - "timeline": [ - { - "time": "2001-09-01T07:31:00.000Z", - "lang": "en", - "value": "Issue discovered by Alice using Acme Autofuzz" - }, - { - "time": "2021-09-02T16:36:00.000Z", - "lang": "en", - "value": "Confirmed by Bob" - }, - { - "time": "2021-09-07T16:37:00.000Z", - "lang": "en", - "value": "Fixes released" - } - ], - "credits": [ - { - "lang": "en", - "value": "Alice", - "type": "finder" - }, - { - "lang": "en", - "value": "Bob", - "type": "analyst" - }, - { - "lang": "en", - "value": "Acme Autofuzz", - "type": "tool" - } - ], - "references": [ - { - "url": "https://example.org/ESA-22-11-CVE-1337-1234", - "name": "ESA-22-11", - "tags": [ - "vendor-advisory" - ] - }, - { - "url": "https://example.com/blog/alice/pwning_example_enterprise", - "name": "Pwning Example Enterprise", - "tags": [ - "technical-description", - "third-party-advisory" - ] - }, - { - "url": "https://example.org/bugs/EXAMPLE-1234", - "name": "EXAMPLE-1234", - "tags": [ - "issue-tracking" - ] - }, - { - "url": "https://example.org/ExampleEnterprise", - "tags": [ - "product" - ] - } - ], - "source": { - "defects": [ - "EXAMPLE-1234" ], - "advisory": "ESA-22-11", - "discovery": "EXTERNAL" - }, - "taxonomyMappings": [ - { - "taxonomyName": "ATT&CK", - "taxonomyVersion": "v9", - "taxonomyRelations": [ - { - "taxonomyId": "T1190", - "relationshipName": "mitigated by", - "relationshipValue": "M1048" - } - ] - } - ] + "references": [ + { + "url": "https://example.org/ESA-22-11-CVE-1337-1234", + "name": "ESA-22-11", + "tags": [ + "vendor-advisory" + ] + }, + { + "url": "https://example.com/blog/alice/pwning_example_enterprise", + "name": "Pwning Example Enterprise", + "tags": [ + "technical-description", + "third-party-advisory" + ] + }, + { + "url": "https://example.org/bugs/EXAMPLE-1234", + "name": "EXAMPLE-1234", + "tags": [ + "issue-tracking" + ] + }, + { + "url": "https://example.org/ExampleEnterprise", + "tags": [ + "product" + ] + } + ], + "source": { + "defects": [ + "EXAMPLE-1234" + ], + "advisory": "ESA-22-11", + "discovery": "EXTERNAL" + }, + "taxonomyMappings": [ + { + "taxonomyName": "ATT&CK", + "taxonomyVersion": "v9", + "taxonomyRelations": [ + { + "taxonomyId": "T1190", + "relationshipName": "mitigated by", + "relationshipValue": "M1048" + } + ] + } + ] + } } - } -} + } \ No newline at end of file diff --git a/schema/archive/v5.0/docs/full-record-basic-example.json b/schema/archive/v5.0/docs/full-record-basic-example.json index b1c3f5eaac0..d50177fecbf 100644 --- a/schema/archive/v5.0/docs/full-record-basic-example.json +++ b/schema/archive/v5.0/docs/full-record-basic-example.json @@ -1,52 +1,52 @@ { - "dataType": "CVE_RECORD", - "dataVersion": "5.1", - "cveMetadata": { - "cveId": "CVE-1337-1234", - "assignerOrgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", - "state": "PUBLISHED" - }, - "containers": { - "cna": { - "providerMetadata": { - "orgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6" - }, - "problemTypes": [ - { - "descriptions": [ - { - "lang": "en", - "description": "CWE-78 OS Command Injection" - } - ] - } - ], - "affected": [ - { - "vendor": "Example.org", - "product": "Example Enterprise", - "versions": [ - { - "version": "1.0.0", - "status": "affected", - "lessThan": "1.0.6", - "versionType": "semver" - } - ], - "defaultStatus": "unaffected" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, MacOS and XT-4500 allows remote unauthenticated attackers to escalate privileges.\n\nThis issue affects:\n * 1.0 versions before 1.0.6\n * 2.1 versions from 2.16 until 2.1.9." - } - ], - "references": [ - { - "url": "https://example.org/ESA-22-11-CVE-1337-1234" - } - ] + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-1337-1234", + "assignerOrgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6", + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6" + }, + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "CWE-78 OS Command Injection" + } + ] + } + ], + "affected": [ + { + "vendor": "Example.org", + "product": "Example Enterprise", + "versions": [ + { + "version": "1.0.0", + "status": "affected", + "lessThan": "1.0.6", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, MacOS and XT-4500 allows remote unauthenticated attackers to escalate privileges.\n\nThis issue affects:\n * 1.0 versions before 1.0.6\n * 2.1 versions from 2.16 until 2.1.9." + } + ], + "references": [ + { + "url": "https://example.org/ESA-22-11-CVE-1337-1234" + } + ] + } } - } -} \ No newline at end of file + } \ No newline at end of file diff --git a/schema/archive/v5.0/docs/index.html b/schema/archive/v5.0/docs/index.html index d47da866163..e69434f03dc 100644 --- a/schema/archive/v5.0/docs/index.html +++ b/schema/archive/v5.0/docs/index.html @@ -1,9 +1,9 @@ - CVE JSON record format

CVE JSON record format


cve-schema specifies the CVE JSON record format. This is the blueprint for a rich set of JSON data that can be submitted by CVE Numbering Authorities (CNAs) and Authorized Data Publishers (ADPs) to describe a CVE Record. Some examples of CVE Record data include CVE ID number, affected product(s), affected version(s), and public references. While those specific items are required when assigning a CVE, there are many other optional data in the schema that can be used to enrich CVE Records for community benefit. Learn more about the CVE program at the official website. This CVE JSON record format is defined using JSON Schema. Learn more about JSON Schema here.

Type: object

When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published.

No Additional Properties

Type: enum (of string)

Indicates the type of information represented in the JSON instance.

Must be one of:

  • "CVE_RECORD"

Type: string Default: "5.1.0"

The version of the CVE schema used for validating this record. Used to support multiple versions of this format.

Must match regular expression: ^5\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))?$

Type: object

This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.

No Additional Properties

Type: string

The CVE identifier that this record pertains to.

Must match regular expression: ^CVE-[0-9]{4}-[0-9]{4,19}$

Type: string

The UUID for the organization to which the CVE ID was originally assigned. This UUID can be used to lookup the organization record in the user registry service.

Must match regular expression: ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

Type: string

The short name for the organization to which the CVE ID was originally assigned.

Must be at least 2 characters long

Must be at most 32 characters long

Type: string

The user that requested the CVE identifier.

Same definition as assignerOrgId

Type: string

The date/time the record was last updated.

Must match regular expression: ^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$

Type: integer

The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition.

Value must be greater or equal to 1

Type: string

The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.

Same definition as dateUpdated

Type: string

The date/time the CVE Record was first published in the CVE List.

Same definition as dateUpdated

Type: enum (of string)

State of CVE - PUBLISHED, REJECTED.

Must be one of:

  • "PUBLISHED"

Type: object

A set of structures (called containers) used to store vulnerability information related to a specific CVE ID provided by a specific organization participating in the CVE program. Each container includes information provided by a different source.

At a minimum, a 'cna' container containing the vulnerability information provided by the CNA who initially assigned the CVE ID must be included.

There can only be one 'cna' container, as there can only be one assigning CNA. However, there can be multiple 'adp' containers, allowing multiple organizations participating in the CVE program to add additional information related to the vulnerability. For the most part, the 'cna' and 'adp' containers contain the same properties. The main differences are the source of the information. The 'cna' container requires the CNA to include certain fields, while the 'adp' container does not.

No Additional Properties

Type: object

An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a published CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA. The CNA container must include the required information defined in the CVE Rules, which includes a product, version, problem type, prose description, and a reference.

No Additional Properties

Type: object

Details related to the information container provider (CNA or ADP).

No Additional Properties

Type: string

The container provider's organizational UUID.

Same definition as assignerOrgId

Type: string

The container provider's organizational short name.

Same definition as assignerShortName

Type: string

Timestamp to be set by the system of record at time of submission. If dateUpdated is provided to the system of record it will be replaced by the current timestamp at the time of submission.

Same definition as dateUpdated

Type: string

The date/time this CVE ID was associated with a vulnerability by a CNA.

Same definition as dateUpdated

Type: string

If known, the date/time the vulnerability was disclosed publicly.

Same definition as dateUpdated

Type: string

A title, headline, or a brief phrase summarizing the CVE record. Eg., Buffer overflow in Example Soft.

Must be at least 1 characters long

Must be at most 256 characters long

Type: array

A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

No Additional Properties

Type: string Default: "en"

BCP 47 language code, language-region.

Must match regular expression: ^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$

Type: string

Plain text description.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of object

Supporting media data for the description such as markdown, diagrams, .. (optional). Similar to RFC 2397 each media object has three main parts: media type, media data value, and an optional boolean flag to indicate if the media data is base64 encoded.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object
No Additional Properties

Type: string

RFC2046 compliant IANA Media type for eg., text/markdown, text/html.

Must be at least 1 characters long

Must be at most 256 characters long


Examples:

"text/markdown"
+ CVE JSON record format 

CVE JSON record format


cve-schema specifies the CVE JSON record format. This is the blueprint for a rich set of JSON data that can be submitted by CVE Numbering Authorities (CNAs) and Authorized Data Publishers (ADPs) to describe a CVE Record. Some examples of CVE Record data include CVE ID number, affected product(s), affected version(s), and public references. While those specific items are required when assigning a CVE, there are many other optional data in the schema that can be used to enrich CVE Records for community benefit. Learn more about the CVE program at the official website. This CVE JSON record format is defined using JSON Schema. Learn more about JSON Schema here.

Type: object

When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published.

No Additional Properties

Type: enum (of string)

Indicates the type of information represented in the JSON instance.

Must be one of:

  • "CVE_RECORD"

Type: enum (of string)

The version of the schema being used. Used to support multiple versions of this format.

Must be one of:

  • "5.0"

Type: object

This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.

No Additional Properties

Type: string

The CVE identifier that this record pertains to.

Must match regular expression: ^CVE-[0-9]{4}-[0-9]{4,19}$

Type: string

The UUID for the organization to which the CVE ID was originally assigned. This UUID can be used to lookup the organization record in the user registry service.

Must match regular expression: ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$

Type: string

The short name for the organization to which the CVE ID was originally assigned.

Must be at least 2 characters long

Must be at most 32 characters long

Type: string

The user that requested the CVE identifier.

Same definition as assignerOrgId

Type: string

The date/time the record was last updated.

Must match regular expression: ^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$

Type: integer

The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition.

Value must be greater or equal to 1

Type: string

The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.

Same definition as dateUpdated

Type: string

The date/time the CVE Record was first published in the CVE List.

Same definition as dateUpdated

Type: enum (of string)

State of CVE - PUBLISHED, REJECTED.

Must be one of:

  • "PUBLISHED"

Type: object

A set of structures (called containers) used to store vulnerability information related to a specific CVE ID provided by a specific organization participating in the CVE program. Each container includes information provided by a different source.

At a minimum, a 'cna' container containing the vulnerability information provided by the CNA who initially assigned the CVE ID must be included.

There can only be one 'cna' container, as there can only be one assigning CNA. However, there can be multiple 'adp' containers, allowing multiple organizations participating in the CVE program to add additional information related to the vulnerability. For the most part, the 'cna' and 'adp' containers contain the same properties. The main differences are the source of the information. The 'cna' container requires the CNA to include certain fields, while the 'adp' container does not.

No Additional Properties

Type: object

An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a published CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA. The CNA container must include the required information defined in the CVE Rules, which includes a product, version, problem type, prose description, and a reference.

No Additional Properties

Type: object

Details related to the information container provider (CNA or ADP).

Type: string

The container provider's organizational UUID.

Same definition as assignerOrgId

Type: string

The container provider's organizational short name.

Same definition as assignerShortName

Type: string

Timestamp to be set by the system of record at time of submission. If dateUpdated is provided to the system of record it will be replaced by the current timestamp at the time of submission.

Same definition as dateUpdated

Type: string

The date/time this CVE ID was associated with a vulnerability by a CNA.

Same definition as dateUpdated

Type: string

If known, the date/time the vulnerability was disclosed publicly.

Same definition as dateUpdated

Type: string

A title, headline, or a brief phrase summarizing the CVE record. Eg., Buffer overflow in Example Soft.

Must be at least 1 characters long

Must be at most 256 characters long

Type: array

A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

No Additional Properties

Type: string Default: "en"

BCP 47 language code, language-region.

Must match regular expression: ^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$

Type: string

Plain text description.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of object

Supporting media data for the description such as markdown, diagrams, .. (optional). Similar to RFC 2397 each media object has three main parts: media type, media data value, and an optional boolean flag to indicate if the media data is base64 encoded.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Type: string

RFC2046 compliant IANA Media type for eg., text/markdown, text/html.

Must be at least 1 characters long

Must be at most 256 characters long


Examples:

"text/markdown"
 
"text/html"
 
"image/png"
 
"image/svg"
 
"audio/mp3"
-

Type: boolean Default: false

If true then the value field contains the media data encoded in base64. If false then the value field contains the UTF-8 media content.

Type: string

Supporting media content, up to 16K. If base64 is true, this field stores base64 encoded data.

Must be at least 1 characters long

Must be at most 16384 characters long

At least one of the items must be:

Type: object

A description with lang set to an English language (en, enUS, enUK, and so on).

Type: string

BCP 47 language code, language-region, required to be English.

Must match regular expression: ^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$

Type: array

List of affected products.

Must contain a minimum of 1 items

Each item of this array must be:

Type: object

Provides information about the set of products and services affected by this vulnerability.


Type: object

The following properties are required:

  • product
  • vendor
Type: object

The following properties are required:

  • packageName
  • collectionURL

Type: object

The following properties are required:

  • versions
Type: object

The following properties are required:

  • defaultStatus

Type: string

Name of the organization, project, community, individual, or user that created or maintains this product or hosted service. Can be 'N/A' if none of those apply. When collectionURL and packageName are used, this field may optionally represent the user or account within the package collection associated with the package.

Must be at least 1 characters long

Must be at most 512 characters long

Type: string

Name of the affected product.

Must be at least 1 characters long

Must be at most 2048 characters long

Type: string

URL identifying a package collection (determines the meaning of packageName).

Must be at least 1 characters long

Must be at most 2048 characters long


Examples:

"https://access.redhat.com/downloads/content/package-browser"
+

Type: boolean Default: false

If true then the value field contains the media data encoded in base64. If false then the value field contains the UTF-8 media content.

Type: string

Supporting media content, up to 16K. If base64 is true, this field stores base64 encoded data.

Must be at least 1 characters long

Must be at most 16384 characters long

At least one of the items must be:

Type: object

A description with lang set to an English language (en, enUS, enUK, and so on).

Type: string

BCP 47 language code, language-region, required to be English.

Must match regular expression: ^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$

Type: array

List of affected products.

Must contain a minimum of 1 items

Each item of this array must be:

Type: object

Provides information about the set of products and services affected by this vulnerability.


Type: object

The following properties are required:

  • vendor
  • product
Type: object

The following properties are required:

  • packageName
  • collectionURL

Type: object

The following properties are required:

  • versions
Type: object

The following properties are required:

  • defaultStatus

Type: string

Name of the organization, project, community, individual, or user that created or maintains this product or hosted service. Can be 'N/A' if none of those apply. When collectionURL and packageName are used, this field may optionally represent the user or account within the package collection associated with the package.

Must be at least 1 characters long

Must be at most 512 characters long

Type: string

Name of the affected product.

Must be at least 1 characters long

Must be at most 2048 characters long

Type: string

URL identifying a package collection (determines the meaning of packageName).

Must be at least 1 characters long

Must be at most 2048 characters long


Examples:

"https://access.redhat.com/downloads/content/package-browser"
 
"https://addons.mozilla.org"
 
"https://addons.thunderbird.net"
 
"https://anaconda.org/anaconda/repo"
@@ -66,7 +66,7 @@
 
"https://search.nixos.org/packages"
 
"https://sourceforge.net"
 
"https://wordpress.org/plugins"
-

Type: string

Name or identifier of the affected software package as used in the package collection.

Must be at least 1 characters long

Must be at most 2048 characters long

Type: array of string

Affected products defined by CPE. This is an array of CPE values (vulnerable and not), we use an array so that we can make multiple statements about the same version and they are separate (if we used a JSON object we'd essentially be keying on the CPE name and they would have to overlap). Also, this allows things like cveDataVersion or cveDescription to be applied directly to the product entry. This also allows more complex statements such as "Product X between versions 10.2 and 10.8" to be put in a machine-readable format. As well since multiple statements can be used multiple branches of the same product can be defined here.

All items must be unique

Each item of this array must be:

Type: string

Common Platform Enumeration (CPE) Name in either 2.2 or 2.3 format

Must match regular expression: ([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\-~%]*){0,6})|(cpe:2\.3:[aho*\-](:(((\?*|\*?)([a-zA-Z0-9\-._]|(\\[\\*?!"#$%&'()+,/:;<=>@\[\]\^`{|}~]))+(\?*|\*?))|[*\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\-]))(:(((\?*|\*?)([a-zA-Z0-9\-._]|(\\[\\*?!"#$%&'()+,/:;<=>@\[\]\^`{|}~]))+(\?*|\*?))|[*\-])){4})

Must be at least 1 characters long

Must be at most 2048 characters long

Type: array of string

A list of the affected components, features, modules, sub-components, sub-products, APIs, commands, utilities, programs, or functionalities (optional).

All items must be unique

Each item of this array must be:

Type: string

Name of the affected component, feature, module, sub-component, sub-product, API, command, utility, program, or functionality (optional).

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of string

A list of the affected source code files (optional).

All items must be unique

Each item of this array must be:

Type: string

Name or path or location of the affected source code file.

Must be at least 1 characters long

Must be at most 1024 characters long

Type: array of object

A list of the affected source code functions, methods, subroutines, or procedures (optional).

All items must be unique

Each item of this array must be:

Type: object

An object describing program routine.

No Additional Properties

Type: string

Name of the affected source code file, function, method, subroutine, or procedure.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of string

List of specific platforms if the vulnerability is only relevant in the context of these platforms (optional). Platforms may include execution environments, operating systems, virtualization technologies, hardware models, or computing architectures. The lack of this field or an empty array implies that the other fields are applicable to all relevant platforms.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: string

Must be at most 1024 characters long


Examples:

"iOS"
+

Type: string

Name or identifier of the affected software package as used in the package collection.

Must be at least 1 characters long

Must be at most 2048 characters long

Type: array of string

Affected products defined by CPE. This is an array of CPE values (vulnerable and not), we use an array so that we can make multiple statements about the same version and they are separate (if we used a JSON object we'd essentially be keying on the CPE name and they would have to overlap). Also, this allows things like cveDataVersion or cveDescription to be applied directly to the product entry. This also allows more complex statements such as "Product X between versions 10.2 and 10.8" to be put in a machine-readable format. As well since multiple statements can be used multiple branches of the same product can be defined here.

All items must be unique

Each item of this array must be:

Type: string

Common Platform Enumeration (CPE) Name in either 2.2 or 2.3 format

Must match regular expression: ([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\-~%]*){0,6})|(cpe:2\.3:[aho*\-](:(((\?*|\*?)([a-zA-Z0-9\-._]|(\\[\\*?!"#$%&'()+,/:;<=>@\[\]\^`{|}~]))+(\?*|\*?))|[*\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\-]))(:(((\?*|\*?)([a-zA-Z0-9\-._]|(\\[\\*?!"#$%&'()+,/:;<=>@\[\]\^`{|}~]))+(\?*|\*?))|[*\-])){4})

Must be at least 1 characters long

Must be at most 2048 characters long

Type: array of string

A list of the affected components, features, modules, sub-components, sub-products, APIs, commands, utilities, programs, or functionalities (optional).

All items must be unique

Each item of this array must be:

Type: string

Name of the affected component, feature, module, sub-component, sub-product, API, command, utility, program, or functionality (optional).

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of string

A list of the affected source code files (optional).

All items must be unique

Each item of this array must be:

Type: string

Name or path or location of the affected source code file.

Must be at least 1 characters long

Must be at most 1024 characters long

Type: array of object

A list of the affected source code functions, methods, subroutines, or procedures (optional).

All items must be unique

Each item of this array must be:

Type: object

An object describing program routine.

Type: string

Name of the affected source code file, function, method, subroutine, or procedure.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of string

List of specific platforms if the vulnerability is only relevant in the context of these platforms (optional). Platforms may include execution environments, operating systems, virtualization technologies, hardware models, or computing architectures. The lack of this field or an empty array implies that the other fields are applicable to all relevant platforms.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: string

Must be at most 1024 characters long


Examples:

"iOS"
 
"Android"
 
"Windows"
 
"macOS"
@@ -94,10 +94,10 @@
     }
 }
 return product.defaultStatus
-

.

No Additional Properties

Type: object

The following properties are required:

  • version
  • status
Type: object

The following properties are required:

  • version
  • versionType
  • status
Type: object

The following properties are required:

  • lessThan
  • version
  • versionType
  • status
Type: object

The following properties are required:

  • lessThanOrEqual
  • version
  • versionType
  • status

Type: string

The single version being described, or the version at the start of the range. By convention, typically 0 denotes the earliest possible version.

Must be at least 1 characters long

Must be at most 1024 characters long

Type: enum (of string)

The vulnerability status for the version or range of versions. For a range, the status may be refined by the 'changes' list.

Same definition as defaultStatus

Type: string

The version numbering system used for specifying the range. This defines the exact semantics of the comparison (less-than) operation on versions, which is required to understand the range itself. 'Custom' indicates that the version type is unspecified and should be avoided whenever possible. It is included primarily for use in conversion of older data files.

Must be at least 1 characters long

Must be at most 128 characters long


Examples:

"custom"
+

.

Type: object

The following properties are required:

  • version
  • status

Type: object

The following properties are required:

  • lessThan
Type: object

The following properties are required:

  • lessThanOrEqual

The following properties are required:

  • version
  • versionType
  • status

Type: string

The single version being described, or the version at the start of the range. By convention, typically 0 denotes the earliest possible version.

Must be at least 1 characters long

Must be at most 1024 characters long

Type: enum (of string)

The vulnerability status for the version or range of versions. For a range, the status may be refined by the 'changes' list.

Same definition as defaultStatus

Type: string

The version numbering system used for specifying the range. This defines the exact semantics of the comparison (less-than) operation on versions, which is required to understand the range itself. 'Custom' indicates that the version type is unspecified and should be avoided whenever possible. It is included primarily for use in conversion of older data files.

Must be at least 1 characters long

Must be at most 128 characters long


Examples:

"custom"
 
"git"
 
"maven"
 
"python"
 
"rpm"
 
"semver"
-

Type: string

The non-inclusive upper limit of the range. This is the least version NOT in the range. The usual version syntax is expanded to allow a pattern to end in an asterisk (*), indicating an arbitrarily large number in the version ordering. For example, {version: 1.0 lessThan: 1.*} would describe the entire 1.X branch for most range kinds, and {version: 2.0, lessThan: *} describes all versions starting at 2.0, including 3.0, 5.1, and so on. Only one of lessThan and lessThanOrEqual should be specified.

Same definition as version

Type: string

The inclusive upper limit of the range. This is the greatest version contained in the range. Only one of lessThan and lessThanOrEqual should be specified. For example, {version: 1.0, lessThanOrEqual: 1.3} covers all versions from 1.0 up to and including 1.3.

Same definition as version

Type: array of object

A list of status changes that take place during the range. The array should be sorted in increasing order by the 'at' field, according to the versionType, but clients must re-sort the list themselves rather than assume it is sorted.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

The start of a single status change during the range.

No Additional Properties

Type: string

The version at which a status change occurs.

Same definition as version

Type: enum (of string)

The new status in the range starting at the given version.

Same definition as defaultStatus

Type: array of object

This is problem type information (e.g. CWE identifier). Must contain: At least one entry, can be text, OWASP, CWE, please note that while only one is required you can use more than one (or indeed all three) as long as they are correct). (CNA requirement: [PROBLEMTYPE]).

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object
No Additional Properties

Type: array of object

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object
No Additional Properties

Type: string Default: "en"

BCP 47 language code, language-region.

Same definition as lang

Type: string

Text description of problemType, or title from CWE or OWASP.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: string

CWE ID of the CWE that best describes this problemType entry.

Must match regular expression: ^CWE-[1-9][0-9]*$

Must be at least 5 characters long

Must be at most 9 characters long

Type: string

Problemtype source, text, OWASP, CWE, etc.,

Must be at least 1 characters long

Must be at most 128 characters long

Type: array

This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are "dangerous").

Same definition as references

Type: array

This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are "dangerous").

Must contain a minimum of 1 items

Must contain a maximum of 512 items

All items must be unique

Each item of this array must be:

Type: object
No Additional Properties

Type: string

The uniform resource locator (URL), according to RFC 3986, that can be used to retrieve the referenced resource.

Same definition as collectionURL

Type: string

User created name for the reference, often the title of the page.

Must be at least 1 characters long

Must be at most 512 characters long

Type: array

An array of one or more tags that describe the resource referenced by 'url'.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


Type: enum (of string)

broken-link: The reference link is returning a 404 error, or the site is no longer online.

customer-entitlement: Similar to Privileges Required, but specific to references that require non-public/paid access for customers of the particular vendor.

exploit: Reference contains an in-depth/detailed description of steps to exploit a vulnerability OR the reference contains any legitimate Proof of Concept (PoC) code or exploit kit.

government-resource: All reference links that are from a government agency or organization should be given the Government Resource tag.

issue-tracking: The reference is a post from a bug tracking tool such as MantisBT, Bugzilla, JIRA, Github Issues, etc...

mailing-list: The reference is from a mailing list -- often specific to a product or vendor.

mitigation: The reference contains information on steps to mitigate against the vulnerability in the event a patch can't be applied or is unavailable or for EOL product situations.

not-applicable: The reference link is not applicable to the vulnerability and was likely associated by MITRE accidentally (should be used sparingly).

patch: The reference contains an update to the software that fixes the vulnerability.

permissions-required: The reference link provided is blocked by a logon page. If credentials are required to see any information this tag must be applied.

media-coverage: The reference is from a media outlet such as a newspaper, magazine, social media, or weblog. This tag is not intended to apply to any individual's personal social media account. It is strictly intended for public media entities.

product: A reference appropriate for describing a product for the purpose of CPE or SWID.

related: A reference that is for a related (but not the same) vulnerability.

release-notes: The reference is in the format of a vendor or open source project's release notes or change log.

signature: The reference contains a method to detect or prevent the presence or exploitation of the vulnerability.

technical-description: The reference contains in-depth technical information about a vulnerability and its exploitation process, typically in the form of a presentation or whitepaper.

third-party-advisory: Advisory is from an organization that is not the vulnerable product's vendor/publisher/maintainer.

vendor-advisory: Advisory is from the vendor/publisher/maintainer of the product or the parent organization.

vdb-entry: VDBs are loosely defined as sites that provide information about this vulnerability, such as advisories, with identifiers. Included VDBs are free to access, substantially public, and have broad scope and coverage (not limited to a single vendor or research organization). See: https://www.first.org/global/sigs/vrdx/vdb-catalog

Must be one of:

  • "broken-link"
  • "customer-entitlement"
  • "exploit"
  • "government-resource"
  • "issue-tracking"
  • "mailing-list"
  • "mitigation"
  • "not-applicable"
  • "patch"
  • "permissions-required"
  • "media-coverage"
  • "product"
  • "related"
  • "release-notes"
  • "signature"
  • "technical-description"
  • "third-party-advisory"
  • "vendor-advisory"
  • "vdb-entry"

Type: array of object

Collection of impacts of this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

This is impact type information (e.g. a text description.

No Additional Properties

Type: string

CAPEC ID that best relates to this impact.

Must match regular expression: ^CAPEC-[1-9][0-9]{0,4}$

Must be at least 7 characters long

Must be at most 11 characters long

Type: array

Prose description of the impact scenario. At a minimum provide the description given by CAPEC.

Same definition as descriptions

Type: array of object

Collection of impact scores with attribution.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


This is impact type information (e.g. a text description, CVSSv2, CVSSv3, CVSSV4, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.

No Additional Properties

Type: object

The following properties are required:

  • cvssV4_0
Type: object

The following properties are required:

  • cvssV3_1
Type: object

The following properties are required:

  • cvssV3_0
Type: object

The following properties are required:

  • cvssV2_0
Type: object

The following properties are required:

  • other

Type: string

Name of the scoring format. This provides a bit of future proofing. Additional properties are not prohibited, so this will support the inclusion of proprietary formats. It also provides an easy future conversion mechanism when future score formats become part of the schema. example: cvssV44, format = 'cvssV44', other = cvssV4_4 JSON object. In the future, the other properties can be converted to score properties when they become part of the schema.

Must be at least 1 characters long

Must be at most 64 characters long

Type: array of object

Description of the scenarios this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object
No Additional Properties

Type: string Default: "en"

BCP 47 language code, language-region.

Same definition as lang

Type: string Default: "GENERAL"

Description of the scenario this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: object
No Additional Properties


Type: object

Type: number

Value must be greater or equal to 0.0 and lesser or equal to 0.0

Type: const
Specific value: "NONE"
Type: object

Type: number

Value must be greater or equal to 0.1 and lesser or equal to 3.9 and a multiple of 0.1

Type: const
Specific value: "LOW"
Type: object

Type: number

Value must be greater or equal to 4.0 and lesser or equal to 6.9 and a multiple of 0.1

Type: const
Specific value: "MEDIUM"
Type: object

Type: number

Value must be greater or equal to 7.0 and lesser or equal to 8.9 and a multiple of 0.1

Type: const
Specific value: "HIGH"
Type: object

Type: number

Value must be greater or equal to 9.0 and lesser or equal to 10 and a multiple of 0.1

Type: const
Specific value: "CRITICAL"


Type: enum (of string)

CVSS Version

Must be one of:

  • "4.0"

Type: string
Must match regular expression: ^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$

Type: number

Value must be greater or equal to 0.0 and lesser or equal to 10.0 and a multiple of 0.1

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "CRITICAL"

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT"
  • "LOCAL"
  • "PHYSICAL"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "PRESENT"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "PASSIVE"
  • "ACTIVE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "UNREPORTED"
  • "PROOF_OF_CONCEPT"
  • "ATTACKED"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"
Same definition as confidentialityRequirement

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NETWORK"
  • "ADJACENT"
  • "LOCAL"
  • "PHYSICAL"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "HIGH"
  • "LOW"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NONE"
  • "PRESENT"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NONE"
  • "PASSIVE"
  • "ACTIVE"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"
  • "SAFETY"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NEGLIGIBLE"
  • "PRESENT"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "NO"
  • "YES"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "AUTOMATIC"
  • "USER"
  • "IRRECOVERABLE"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "DIFFUSE"
  • "CONCENTRATED"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "LOW"
  • "MODERATE"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string) Default: "NOT_DEFINED"

Must be one of:

  • "CLEAR"
  • "GREEN"
  • "AMBER"
  • "RED"
  • "NOT_DEFINED"

Type: object
No Additional Properties

Type: enum (of string)

CVSS Version

Must be one of:

  • "3.1"

Type: string
Must match regular expression: ^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"

Type: number

Value must be greater or equal to 0 and lesser or equal to 10

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "CRITICAL"

Type: enum (of string)

Must be one of:

  • "UNPROVEN"
  • "PROOF_OF_CONCEPT"
  • "FUNCTIONAL"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "OFFICIAL_FIX"
  • "TEMPORARY_FIX"
  • "WORKAROUND"
  • "UNAVAILABLE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNKNOWN"
  • "REASONABLE"
  • "CONFIRMED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"
  • "NOT_DEFINED"

Type: object
No Additional Properties

Type: enum (of string)

CVSS Version

Must be one of:

  • "3.0"

Type: string
Must match regular expression: ^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"

Type: number

Value must be greater or equal to 0 and lesser or equal to 10

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "CRITICAL"

Type: enum (of string)

Must be one of:

  • "UNPROVEN"
  • "PROOF_OF_CONCEPT"
  • "FUNCTIONAL"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "OFFICIAL_FIX"
  • "TEMPORARY_FIX"
  • "WORKAROUND"
  • "UNAVAILABLE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNKNOWN"
  • "REASONABLE"
  • "CONFIRMED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"
  • "NOT_DEFINED"

Type: object
No Additional Properties

Type: enum (of string)

CVSS Version

Must be one of:

  • "2.0"

Type: string
Must match regular expression: ^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "MEDIUM"
  • "LOW"

Type: enum (of string)

Must be one of:

  • "MULTIPLE"
  • "SINGLE"
  • "NONE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "PARTIAL"
  • "COMPLETE"

Type: number

Value must be greater or equal to 0 and lesser or equal to 10

Type: enum (of string)

Must be one of:

  • "UNPROVEN"
  • "PROOF_OF_CONCEPT"
  • "FUNCTIONAL"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "OFFICIAL_FIX"
  • "TEMPORARY_FIX"
  • "WORKAROUND"
  • "UNAVAILABLE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNCONFIRMED"
  • "UNCORROBORATED"
  • "CONFIRMED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "LOW_MEDIUM"
  • "MEDIUM_HIGH"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: object

A non-standard impact description, may be prose or JSON block.

No Additional Properties

Type: string

Name of the non-standard impact metrics format used.

Must be at least 1 characters long

Must be at most 128 characters long

Type: object

JSON object not covered by another metrics format.

Type: array

Configurations required for exploiting this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array

Workarounds and mitigations for this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array

Information about solutions or remediations available for this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array

Information about exploits of the vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array of object

This is timeline information for significant events about this vulnerability or changes to the CVE Record.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object
No Additional Properties

Type: string

Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ss[+-]ZH:ZM - if the timezone offset is not given, GMT (+00:00) is assumed.

Same definition as dateUpdated

Type: string Default: "en"

The language used in the description of the event. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.

Same definition as lang

Type: string

A summary of the event.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of object

Statements acknowledging specific people, organizations, or tools recognizing the work done in researching, discovering, remediating or helping with activities related to this CVE.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object
No Additional Properties

Type: string Default: "en"

The language used when describing the credits. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.

Same definition as lang

Type: string

Must be at least 1 characters long

Must be at most 4096 characters long

Type: string

UUID of the user being credited if present in the CVE User Registry (optional). This UUID can be used to lookup the user record in the user registry service.

Same definition as assignerOrgId

Type: enum (of string) Default: "finder"

Type or role of the entity being credited (optional). finder: identifies the vulnerability.
reporter: notifies the vendor of the vulnerability to a CNA.
analyst: validates the vulnerability to ensure accuracy or severity.
coordinator: facilitates the coordinated response process.
remediation developer: prepares a code change or other remediation plans.
remediation reviewer: reviews vulnerability remediation plans or code changes for effectiveness and completeness.
remediation verifier: tests and verifies the vulnerability or its remediation.
tool: names of tools used in vulnerability discovery or identification.
sponsor: supports the vulnerability identification or remediation activities.

Must be one of:

  • "finder"
  • "reporter"
  • "analyst"
  • "coordinator"
  • "remediation developer"
  • "remediation reviewer"
  • "remediation verifier"
  • "tool"
  • "sponsor"
  • "other"

Type: object

This is the source information (who discovered it, who researched it, etc.) and optionally a chain of CNA information (e.g. the originating CNA and subsequent parent CNAs who have processed it before it arrives at the MITRE root).
Must contain: IF this is in the root level it MUST contain a CNA_chain entry, IF this source entry is NOT in the root (e.g. it is part of a vendor statement) then it must contain at least one type of data entry.

Type: array

Tags provided by a CNA describing the CVE Record.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


Type: string
Must match regular expression: ^x_.*$

Must be at least 2 characters long

Must be at most 128 characters long

Type: enum (of string)

exclusively-hosted-service: All known software and/or hardware affected by this CVE Record is known to exist only in the affected hosted service. If the vulnerability affects both hosted and on-prem software and/or hardware, then the tag should not be used.

unsupported-when-assigned: Used by the assigning CNA to indicate that when a request for a CVE assignment was received, the product was already end-of-life (EOL) or a product or specific version was deemed not to be supported by the vendor. This tag should only be applied to a CVE Record when all affected products or version lines referenced in the CVE-Record are EOL.

disputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.

Must be one of:

  • "unsupported-when-assigned"
  • "exclusively-hosted-service"
  • "disputed"

Type: array of object

List of taxonomy items related to the vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

A taxonomy mapping object identifies the taxonomy by a name and version (eg., ATT&CK v13.1, CVSS 3.1, CWE 4.12) along with a list of relations relevant to this CVE.

No Additional Properties

Type: string

The name of the taxonomy, eg., ATT&CK, D3FEND, CWE, CVSS

Must be at least 1 characters long

Must be at most 128 characters long

Type: string

The version of taxonomy the identifiers come from.

Must be at least 1 characters long

Must be at most 128 characters long

Type: array of object

List of relationships to the taxonomy for the vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

A relationship between the taxonomy and the CVE or two taxonomy items.

No Additional Properties

Type: string

Identifier of the item in the taxonomy. Used as the subject of the relationship.

Must be at least 1 characters long

Must be at most 2048 characters long

Type: string

A description of the relationship.

Must be at least 1 characters long

Must be at most 128 characters long

Type: string

The target of the relationship. Can be the CVE ID or another taxonomy identifier.

Must be at least 1 characters long

Must be at most 2048 characters long

All property whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^x_[^.]*$
Type: object

Type: array

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

An object containing the vulnerability information provided by an Authorized Data Publisher (ADP). Since multiple ADPs can provide information for a CVE ID, an ADP container must indicate which ADP is the source of the information in the object.

No Additional Properties

Type: object

Details related to the information container provider (CNA or ADP).

Same definition as providerMetadata

Type: string

If known, the date/time the vulnerability was disclosed publicly.

Same definition as dateUpdated

Type: string

A title, headline, or a brief phrase summarizing the information in an ADP container.

Must be at least 1 characters long

Must be at most 256 characters long

Type: array

A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].

Same definition as descriptions

Type: array

List of affected products.

Same definition as affected

Type: array of object

This is problem type information (e.g. CWE identifier). Must contain: At least one entry, can be text, OWASP, CWE, please note that while only one is required you can use more than one (or indeed all three) as long as they are correct). (CNA requirement: [PROBLEMTYPE]).

Same definition as problemTypes

Type: array

This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are "dangerous").

Same definition as references

Type: array of object

Collection of impacts of this vulnerability.

Same definition as impacts

Type: array of object

Collection of impact scores with attribution.

Same definition as metrics

Type: array

Configurations required for exploiting this vulnerability.

Same definition as configurations

Type: array

Workarounds and mitigations for this vulnerability.

Same definition as workarounds

Type: array

Information about solutions or remediations available for this vulnerability.

Same definition as solutions

Type: array

Information about exploits of the vulnerability.

Same definition as exploits

Type: array of object

This is timeline information for significant events about this vulnerability or changes to the CVE Record.

Same definition as timeline

Type: array of object

Statements acknowledging specific people, organizations, or tools recognizing the work done in researching, discovering, remediating or helping with activities related to this CVE.

Same definition as credits

Type: object

This is the source information (who discovered it, who researched it, etc.) and optionally a chain of CNA information (e.g. the originating CNA and subsequent parent CNAs who have processed it before it arrives at the MITRE root).
Must contain: IF this is in the root level it MUST contain a CNA_chain entry, IF this source entry is NOT in the root (e.g. it is part of a vendor statement) then it must contain at least one type of data entry.

Same definition as source

Type: array

Tags provided by an ADP describing the CVE Record.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


Type: enum (of string)

disputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.

Must be one of:

  • "disputed"

Type: array of object

List of taxonomy items related to the vulnerability.

Same definition as taxonomyMappings

All property whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^x_[^.]*$
Type: object
Type: object

If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.

No Additional Properties

Type: enum (of string)

Indicates the type of information represented in the JSON instance.

Same definition as dataType

Type: string Default: "5.1.0"

The version of the CVE schema used for validating this record. Used to support multiple versions of this format.

Same definition as dataVersion

Type: object

This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.

No Additional Properties

Type: string

The CVE identifier that this record pertains to.

Same definition as cveId

Type: string

The UUID for the organization to which the CVE ID was originally assigned.

Same definition as assignerOrgId

Type: string

The short name for the organization to which the CVE ID was originally assigned.

Same definition as assignerShortName

Type: integer

The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition.

Value must be greater or equal to 1

Type: string

The date/time the record was last updated.

Same definition as dateUpdated

Type: string

The date/time the CVE Record was first published in the CVE List.

Same definition as dateUpdated

Type: string

The date/time the CVE ID was rejected.

Same definition as dateUpdated

Type: enum (of string)

State of CVE - PUBLISHED, REJECTED.

Must be one of:

  • "REJECTED"

Type: string

The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.

Same definition as dateUpdated

Type: object

A set of structures (called containers) used to store vulnerability information related to a specific CVE ID provided by a specific organization participating in the CVE program. Each container includes information provided by a different source.

At minimum, a 'cna' container containing the vulnerability information provided by the CNA who initially assigned the CVE ID must be included.

There can only be one 'cna' container, as there can only be one assigning CNA.

No Additional Properties

Type: object

An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a rejected CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA.

No Additional Properties

Type: object

Details related to the information container provider (CNA or ADP).

Same definition as providerMetadata

Type: array

Reasons for rejecting this CVE Record.

Same definition as descriptions

Type: array

Contains an array of CVE IDs that this CVE ID was rejected in favor of because this CVE ID was assigned to the vulnerabilities.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

All property whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^x_[^.]*$
Type: object
\ No newline at end of file +

Type: string

The non-inclusive upper limit of the range. This is the least version NOT in the range. The usual version syntax is expanded to allow a pattern to end in an asterisk (*), indicating an arbitrarily large number in the version ordering. For example, {version: 1.0 lessThan: 1.*} would describe the entire 1.X branch for most range kinds, and {version: 2.0, lessThan: *} describes all versions starting at 2.0, including 3.0, 5.1, and so on. Only one of lessThan and lessThanOrEqual should be specified.

Same definition as version

Type: string

The inclusive upper limit of the range. This is the greatest version contained in the range. Only one of lessThan and lessThanOrEqual should be specified. For example, {version: 1.0, lessThanOrEqual: 1.3} covers all versions from 1.0 up to and including 1.3.

Same definition as version

Type: array of object

A list of status changes that take place during the range. The array should be sorted in increasing order by the 'at' field, according to the versionType, but clients must re-sort the list themselves rather than assume it is sorted.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

The start of a single status change during the range.

Type: string

The version at which a status change occurs.

Same definition as version

Type: enum (of string)

The new status in the range starting at the given version.

Same definition as defaultStatus

Type: array of object

This is problem type information (e.g. CWE identifier). Must contain: At least one entry, can be text, OWASP, CWE, please note that while only one is required you can use more than one (or indeed all three) as long as they are correct). (CNA requirement: [PROBLEMTYPE]).

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Type: array of object

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Type: string Default: "en"

BCP 47 language code, language-region.

Same definition as lang

Type: string

Text description of problemType, or title from CWE or OWASP.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: string

CWE ID of the CWE that best describes this problemType entry.

Must match regular expression: ^CWE-[1-9][0-9]*$

Must be at least 5 characters long

Must be at most 9 characters long

Type: string

Problemtype source, text, OWASP, CWE, etc.,

Must be at least 1 characters long

Must be at most 128 characters long

Type: array

This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are "dangerous").

Same definition as references

Type: array

This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are "dangerous").

Must contain a minimum of 1 items

Must contain a maximum of 512 items

All items must be unique

Each item of this array must be:

Type: object

Type: string

The uniform resource locator (URL), according to RFC 3986, that can be used to retrieve the referenced resource.

Same definition as collectionURL

Type: string

User created name for the reference, often the title of the page.

Must be at least 1 characters long

Must be at most 512 characters long

Type: array

An array of one or more tags that describe the resource referenced by 'url'.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


Type: enum (of string)

broken-link: The reference link is returning a 404 error, or the site is no longer online.

customer-entitlement: Similar to Privileges Required, but specific to references that require non-public/paid access for customers of the particular vendor.

exploit: Reference contains an in-depth/detailed description of steps to exploit a vulnerability OR the reference contains any legitimate Proof of Concept (PoC) code or exploit kit.

government-resource: All reference links that are from a government agency or organization should be given the Government Resource tag.

issue-tracking: The reference is a post from a bug tracking tool such as MantisBT, Bugzilla, JIRA, Github Issues, etc...

mailing-list: The reference is from a mailing list -- often specific to a product or vendor.

mitigation: The reference contains information on steps to mitigate against the vulnerability in the event a patch can't be applied or is unavailable or for EOL product situations.

not-applicable: The reference link is not applicable to the vulnerability and was likely associated by MITRE accidentally (should be used sparingly).

patch: The reference contains an update to the software that fixes the vulnerability.

permissions-required: The reference link provided is blocked by a logon page. If credentials are required to see any information this tag must be applied.

media-coverage: The reference is from a media outlet such as a newspaper, magazine, social media, or weblog. This tag is not intended to apply to any individual's personal social media account. It is strictly intended for public media entities.

product: A reference appropriate for describing a product for the purpose of CPE or SWID.

related: A reference that is for a related (but not the same) vulnerability.

release-notes: The reference is in the format of a vendor or open source project's release notes or change log.

signature: The reference contains a method to detect or prevent the presence or exploitation of the vulnerability.

technical-description: The reference contains in-depth technical information about a vulnerability and its exploitation process, typically in the form of a presentation or whitepaper.

third-party-advisory: Advisory is from an organization that is not the vulnerable product's vendor/publisher/maintainer.

vendor-advisory: Advisory is from the vendor/publisher/maintainer of the product or the parent organization.

vdb-entry: VDBs are loosely defined as sites that provide information about this vulnerability, such as advisories, with identifiers. Included VDBs are free to access, substantially public, and have broad scope and coverage (not limited to a single vendor or research organization). See: https://www.first.org/global/sigs/vrdx/vdb-catalog

Must be one of:

  • "broken-link"
  • "customer-entitlement"
  • "exploit"
  • "government-resource"
  • "issue-tracking"
  • "mailing-list"
  • "mitigation"
  • "not-applicable"
  • "patch"
  • "permissions-required"
  • "media-coverage"
  • "product"
  • "related"
  • "release-notes"
  • "signature"
  • "technical-description"
  • "third-party-advisory"
  • "vendor-advisory"
  • "vdb-entry"

Type: array of object

Collection of impacts of this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

This is impact type information (e.g. a text description.

Type: string

CAPEC ID that best relates to this impact.

Must match regular expression: ^CAPEC-[1-9][0-9]{0,4}$

Must be at least 7 characters long

Must be at most 11 characters long

Type: array

Prose description of the impact scenario. At a minimum provide the description given by CAPEC.

Same definition as descriptions

Type: array of object

Collection of impact scores with attribution.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


This is impact type information (e.g. a text description, CVSSv2, CVSSv3, etc.). Must contain: At least one entry, can be text, CVSSv2, CVSSv3, others may be added.

Type: object

The following properties are required:

  • cvssV3_1
Type: object

The following properties are required:

  • cvssV3_0
Type: object

The following properties are required:

  • cvssV2_0
Type: object

The following properties are required:

  • other

Type: string

Name of the scoring format. This provides a bit of future proofing. Additional properties are not prohibited, so this will support the inclusion of proprietary formats. It also provides an easy future conversion mechanism when future score formats become part of the schema. example: cvssV44, format = 'cvssV44', other = cvssV4_4 JSON object. In the future, the other properties can be converted to score properties when they become part of the schema.

Must be at least 1 characters long

Must be at most 64 characters long

Type: array of object

Description of the scenarios this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Type: string Default: "en"

BCP 47 language code, language-region.

Same definition as lang

Type: string Default: "GENERAL"

Description of the scenario this metrics object applies to. If no specific scenario is given, GENERAL is used as the default and applies when no more specific metric matches.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: object

Type: enum (of string)

CVSS Version

Must be one of:

  • "3.1"

Type: string
Must match regular expression: ^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"

Type: number

Value must be greater or equal to 0 and lesser or equal to 10

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "CRITICAL"

Type: enum (of string)

Must be one of:

  • "UNPROVEN"
  • "PROOF_OF_CONCEPT"
  • "FUNCTIONAL"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "OFFICIAL_FIX"
  • "TEMPORARY_FIX"
  • "WORKAROUND"
  • "UNAVAILABLE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNKNOWN"
  • "REASONABLE"
  • "CONFIRMED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"
  • "NOT_DEFINED"

Type: object

Type: enum (of string)

CVSS Version

Must be one of:

  • "3.0"

Type: string
Must match regular expression: ^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"

Type: number

Value must be greater or equal to 0 and lesser or equal to 10

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "CRITICAL"

Type: enum (of string)

Must be one of:

  • "UNPROVEN"
  • "PROOF_OF_CONCEPT"
  • "FUNCTIONAL"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "OFFICIAL_FIX"
  • "TEMPORARY_FIX"
  • "WORKAROUND"
  • "UNAVAILABLE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNKNOWN"
  • "REASONABLE"
  • "CONFIRMED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"
  • "PHYSICAL"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "LOW"
  • "NONE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "REQUIRED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNCHANGED"
  • "CHANGED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "HIGH"
  • "NOT_DEFINED"

Type: object

Type: enum (of string)

CVSS Version

Must be one of:

  • "2.0"

Type: string
Must match regular expression: ^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$

Type: enum (of string)

Must be one of:

  • "NETWORK"
  • "ADJACENT_NETWORK"
  • "LOCAL"

Type: enum (of string)

Must be one of:

  • "HIGH"
  • "MEDIUM"
  • "LOW"

Type: enum (of string)

Must be one of:

  • "MULTIPLE"
  • "SINGLE"
  • "NONE"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "PARTIAL"
  • "COMPLETE"

Type: number

Value must be greater or equal to 0 and lesser or equal to 10

Type: enum (of string)

Must be one of:

  • "UNPROVEN"
  • "PROOF_OF_CONCEPT"
  • "FUNCTIONAL"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "OFFICIAL_FIX"
  • "TEMPORARY_FIX"
  • "WORKAROUND"
  • "UNAVAILABLE"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "UNCONFIRMED"
  • "UNCORROBORATED"
  • "CONFIRMED"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "LOW_MEDIUM"
  • "MEDIUM_HIGH"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "NONE"
  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: enum (of string)

Must be one of:

  • "LOW"
  • "MEDIUM"
  • "HIGH"
  • "NOT_DEFINED"

Type: object

A non-standard impact description, may be prose or JSON block.

Type: string

Name of the non-standard impact metrics format used.

Must be at least 1 characters long

Must be at most 128 characters long

Type: object

JSON object not covered by another metrics format.

Type: array

Configurations required for exploiting this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array

Workarounds and mitigations for this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array

Information about solutions or remediations available for this vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array

Information about exploits of the vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Text in a particular language with optional alternate markup or formatted representation (e.g., Markdown) or embedded media.

Same definition as description

Type: array of object

This is timeline information for significant events about this vulnerability or changes to the CVE Record.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Type: string

Timestamp representing when the event in the timeline occurred. The timestamp format is based on RFC3339 and ISO ISO8601, with an optional timezone. yyyy-MM-ddTHH:mm:ssZZZZ - if the timezone offset is not given, GMT (0000) is assumed.

Same definition as dateUpdated

Type: string Default: "en"

The language used in the description of the event. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.

Same definition as lang

Type: string

A summary of the event.

Must be at least 1 characters long

Must be at most 4096 characters long

Type: array of object

Statements acknowledging specific people, organizations, or tools recognizing the work done in researching, discovering, remediating or helping with activities related to this CVE.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Type: string Default: "en"

The language used when describing the credits. The language field is included so that CVE Records can support translations. The value must be a BCP 47 language code.

Same definition as lang

Type: string

Must be at least 1 characters long

Must be at most 4096 characters long

Type: string

UUID of the user being credited if present in the CVE User Registry (optional). This UUID can be used to lookup the user record in the user registry service.

Same definition as assignerOrgId

Type: enum (of string) Default: "finder"

Type or role of the entity being credited (optional). finder: identifies the vulnerability.
reporter: notifies the vendor of the vulnerability to a CNA.
analyst: validates the vulnerability to ensure accuracy or severity.
coordinator: facilitates the coordinated response process.
remediation developer: prepares a code change or other remediation plans.
remediation reviewer: reviews vulnerability remediation plans or code changes for effectiveness and completeness.
remediation verifier: tests and verifies the vulnerability or its remediation.
tool: names of tools used in vulnerability discovery or identification.
sponsor: supports the vulnerability identification or remediation activities.

Must be one of:

  • "finder"
  • "reporter"
  • "analyst"
  • "coordinator"
  • "remediation developer"
  • "remediation reviewer"
  • "remediation verifier"
  • "tool"
  • "sponsor"
  • "other"

Type: object

This is the source information (who discovered it, who researched it, etc.) and optionally a chain of CNA information (e.g. the originating CNA and subsequent parent CNAs who have processed it before it arrives at the MITRE root).
Must contain: IF this is in the root level it MUST contain a CNA_chain entry, IF this source entry is NOT in the root (e.g. it is part of a vendor statement) then it must contain at least one type of data entry.

Type: array

Tags provided by a CNA describing the CVE Record.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


Type: string
Must match regular expression: ^x_.*$

Must be at least 2 characters long

Must be at most 128 characters long

Type: enum (of string)

exclusively-hosted-service: All known software and/or hardware affected by this CVE Record is known to exist only in the affected hosted service. If the vulnerability affects both hosted and on-prem software and/or hardware, then the tag should not be used.

unsupported-when-assigned: Used by the assigning CNA to indicate that when a request for a CVE assignment was received, the product was already end-of-life (EOL) or a product or specific version was deemed not to be supported by the vendor. This tag should only be applied to a CVE Record when all affected products or version lines referenced in the CVE-Record are EOL.

disputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.

Must be one of:

  • "unsupported-when-assigned"
  • "exclusively-hosted-service"
  • "disputed"

Type: array of object

List of taxonomy items related to the vulnerability.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

Type: string

The name of the taxonomy.

Must be at least 1 characters long

Must be at most 128 characters long

Type: string

The version of taxonomy the identifiers come from.

Must be at least 1 characters long

Must be at most 128 characters long

Type: array of object

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

List of relationships to the taxonomy for the vulnerability. Relationships can be between the taxonomy and the CVE or two taxonomy items.

Type: string

Identifier of the item in the taxonomy. Used as the subject of the relationship.

Must be at least 1 characters long

Must be at most 2048 characters long

Type: string

A description of the relationship.

Must be at least 1 characters long

Must be at most 128 characters long

Type: string

The target of the relationship. Can be the CVE ID or another taxonomy identifier.

Must be at least 1 characters long

Must be at most 2048 characters long

All property whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^x_[^.]*$
Type: object

Type: array

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

Type: object

An object containing the vulnerability information provided by an Authorized Data Publisher (ADP). Since multiple ADPs can provide information for a CVE ID, an ADP container must indicate which ADP is the source of the information in the object.

No Additional Properties

Type: object

Details related to the information container provider (CNA or ADP).

Same definition as providerMetadata

Type: string

If known, the date/time the vulnerability was disclosed publicly.

Same definition as dateUpdated

Type: string

A title, headline, or a brief phrase summarizing the information in an ADP container.

Must be at least 1 characters long

Must be at most 256 characters long

Type: array

A list of multi-lingual descriptions of the vulnerability. E.g., [PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]. OR [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] [ROOT CAUSE], which allows [ATTACKER] to [IMPACT] via [VECTOR].

Same definition as descriptions

Type: array

List of affected products.

Same definition as affected

Type: array of object

This is problem type information (e.g. CWE identifier). Must contain: At least one entry, can be text, OWASP, CWE, please note that while only one is required you can use more than one (or indeed all three) as long as they are correct). (CNA requirement: [PROBLEMTYPE]).

Same definition as problemTypes

Type: array

This is reference data in the form of URLs or file objects (uuencoded and embedded within the JSON file, exact format to be decided, e.g. we may require a compressed format so the objects require unpacking before they are "dangerous").

Same definition as references

Type: array of object

Collection of impacts of this vulnerability.

Same definition as impacts

Type: array of object

Collection of impact scores with attribution.

Same definition as metrics

Type: array

Configurations required for exploiting this vulnerability.

Same definition as configurations

Type: array

Workarounds and mitigations for this vulnerability.

Same definition as workarounds

Type: array

Information about solutions or remediations available for this vulnerability.

Same definition as solutions

Type: array

Information about exploits of the vulnerability.

Same definition as exploits

Type: array of object

This is timeline information for significant events about this vulnerability or changes to the CVE Record.

Same definition as timeline

Type: array of object

Statements acknowledging specific people, organizations, or tools recognizing the work done in researching, discovering, remediating or helping with activities related to this CVE.

Same definition as credits

Type: object

This is the source information (who discovered it, who researched it, etc.) and optionally a chain of CNA information (e.g. the originating CNA and subsequent parent CNAs who have processed it before it arrives at the MITRE root).
Must contain: IF this is in the root level it MUST contain a CNA_chain entry, IF this source entry is NOT in the root (e.g. it is part of a vendor statement) then it must contain at least one type of data entry.

Same definition as source

Type: array

Tags provided by an ADP describing the CVE Record.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:


Type: enum (of string)

disputed: When one party disagrees with another party's assertion that a particular issue in software is a vulnerability, a CVE Record assigned to that issue may be tagged as being 'disputed'.

Must be one of:

  • "disputed"

Type: array of object

List of taxonomy items related to the vulnerability.

Same definition as taxonomyMappings

All property whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^x_[^.]*$
Type: object
Type: object

If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.

No Additional Properties

Type: enum (of string)

Indicates the type of information represented in the JSON instance.

Same definition as dataType

Type: enum (of string)

The version of the schema being used. Used to support multiple versions of this format.

Same definition as dataVersion

Type: object

This is meta data about the CVE ID such as the CVE ID, who requested it, who assigned it, when it was requested, the current state (PUBLISHED, REJECTED, etc.) and so on. These fields are controlled by the CVE Services.

No Additional Properties

Type: string

The CVE identifier that this record pertains to.

Same definition as cveId

Type: string

The UUID for the organization to which the CVE ID was originally assigned.

Same definition as assignerOrgId

Type: string

The short name for the organization to which the CVE ID was originally assigned.

Same definition as assignerShortName

Type: integer

The system of record causes this to start at 1, and increment by 1 each time a submission from a data provider changes this CVE Record. The incremented value moves to the Rejected schema upon a PUBLISHED->REJECTED transition, and moves to the Published schema upon a REJECTED->PUBLISHED transition.

Value must be greater or equal to 1

Type: string

The date/time the record was last updated.

Same definition as dateUpdated

Type: string

The date/time the CVE Record was first published in the CVE List.

Same definition as dateUpdated

Type: string

The date/time the CVE ID was rejected.

Same definition as dateUpdated

Type: enum (of string)

State of CVE - PUBLISHED, REJECTED.

Must be one of:

  • "REJECTED"

Type: string

The date/time this CVE ID was reserved in the CVE automation workgroup services system. Disclaimer: This date reflects when the CVE ID was reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.

Same definition as dateUpdated

Type: object

A set of structures (called containers) used to store vulnerability information related to a specific CVE ID provided by a specific organization participating in the CVE program. Each container includes information provided by a different source.

At minimum, a 'cna' container containing the vulnerability information provided by the CNA who initially assigned the CVE ID must be included.

There can only be one 'cna' container, as there can only be one assigning CNA.

No Additional Properties

Type: object

An object containing the vulnerability information provided by a CVE Numbering Authority (CNA) for a rejected CVE ID. There can only be one CNA container per CVE record since there can only be one assigning CNA.

No Additional Properties

Type: object

Details related to the information container provider (CNA or ADP).

Same definition as providerMetadata

Type: array

Reasons for rejecting this CVE Record.

Same definition as descriptions

Type: array

Contains an array of CVE IDs that this CVE ID was rejected in favor of because this CVE ID was assigned to the vulnerabilities.

Must contain a minimum of 1 items

All items must be unique

Each item of this array must be:

All property whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^x_[^.]*$
Type: object
\ No newline at end of file diff --git a/schema/archive/v5.0/docs/mindmap.html b/schema/archive/v5.0/docs/mindmap.html index 52d4df15174..701768b74f5 100644 --- a/schema/archive/v5.0/docs/mindmap.html +++ b/schema/archive/v5.0/docs/mindmap.html @@ -25,7 +25,7 @@ Markmap } = getMarkmap(); window.mm = Markmap.create('svg#mindmap', getOptions == null ? void 0 : getOptions(), data); - })(() => window.markmap,null,{"t":"heading","d":1,"p":{"lines":[0,1]},"v":"CVE JSON Record","c":[{"t":"heading","d":2,"p":{"lines":[1,2]},"v":"Published ","c":[{"t":"list_item","d":4,"p":{"lines":[2,3]},"v":"dataType CVE_RECORD"},{"t":"list_item","d":4,"p":{"lines":[3,4]},"v":"dataVersion"},{"t":"list_item","d":4,"p":{"lines":[4,5]},"v":"cveMetadata","c":[{"t":"list_item","d":6,"p":{"lines":[5,6]},"v":"cveId"},{"t":"list_item","d":6,"p":{"lines":[6,7]},"v":"assignerOrgId"},{"t":"list_item","d":6,"p":{"lines":[7,8]},"v":"assignerShortName"},{"t":"list_item","d":6,"p":{"lines":[8,9]},"v":"requesterUserId"},{"t":"list_item","d":6,"p":{"lines":[9,10]},"v":"dateUpdated"},{"t":"list_item","d":6,"p":{"lines":[10,11]},"v":"serial"},{"t":"list_item","d":6,"p":{"lines":[11,12]},"v":"dateReserved"},{"t":"list_item","d":6,"p":{"lines":[12,13]},"v":"datePublished"},{"t":"list_item","d":6,"p":{"lines":[13,14]},"v":"state PUBLISHED"}]},{"t":"list_item","d":4,"p":{"lines":[14,15]},"v":"containers","c":[{"t":"list_item","d":6,"p":{"lines":[15,16]},"v":"cna","c":[{"t":"list_item","d":8,"p":{"lines":[16,17]},"v":"providerMetadata","c":[{"t":"list_item","d":10,"p":{"lines":[17,18]},"v":"orgId"},{"t":"list_item","d":10,"p":{"lines":[18,19]},"v":"shortName"},{"t":"list_item","d":10,"p":{"lines":[19,20]},"v":"dateUpdated"}]},{"t":"list_item","d":8,"p":{"lines":[20,21]},"v":"dateAssigned"},{"t":"list_item","d":8,"p":{"lines":[21,22]},"v":"datePublic"},{"t":"list_item","d":8,"p":{"lines":[22,23]},"v":"title"},{"t":"list_item","d":8,"p":{"lines":[23,24]},"v":"descriptions []","c":[{"t":"list_item","d":10,"p":{"lines":[24,25]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[25,26]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[26,27],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[27,28]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[28,29]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[29,30]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[30,31]},"v":"affected []","c":[{"t":"list_item","d":10,"p":{"lines":[31,32]},"v":"vendor"},{"t":"list_item","d":10,"p":{"lines":[32,33]},"v":"product"},{"t":"list_item","d":10,"p":{"lines":[33,34]},"v":"collectionURL e.g., https://access.redhat.com/downloads/content/package-browser"},{"t":"list_item","d":10,"p":{"lines":[34,35]},"v":"packageName"},{"t":"list_item","d":10,"p":{"lines":[35,36]},"v":"cpes []"},{"t":"list_item","d":10,"p":{"lines":[36,37]},"v":"modules []"},{"t":"list_item","d":10,"p":{"lines":[37,38]},"v":"programFiles []"},{"t":"list_item","d":10,"p":{"lines":[38,39]},"v":"programRoutines []","c":[{"t":"list_item","d":12,"p":{"lines":[39,40]},"v":"name"}]},{"t":"list_item","d":10,"p":{"lines":[40,41]},"v":"platforms []"},{"t":"list_item","d":10,"p":{"lines":[41,42]},"v":"repo"},{"t":"list_item","d":10,"p":{"lines":[42,43]},"v":"defaultStatus affected unaffected unknown"},{"t":"list_item","d":10,"p":{"lines":[43,44]},"v":"versions []","c":[{"t":"list_item","d":12,"p":{"lines":[44,45]},"v":"version"},{"t":"list_item","d":12,"p":{"lines":[45,46]},"v":"status affected unaffected unknown"},{"t":"list_item","d":12,"p":{"lines":[46,47]},"v":"versionType e.g., custom"},{"t":"list_item","d":12,"p":{"lines":[47,48]},"v":"lessThan"},{"t":"list_item","d":12,"p":{"lines":[48,49]},"v":"lessThanOrEqual"},{"t":"list_item","d":12,"p":{"lines":[49,50]},"v":"changes []","c":[{"t":"list_item","d":14,"p":{"lines":[50,51]},"v":"at"},{"t":"list_item","d":14,"p":{"lines":[51,52]},"v":"status affected unaffected unknown"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[52,53]},"v":"problemTypes []","c":[{"t":"list_item","d":10,"p":{"lines":[53,54]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[54,55]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[55,56]},"v":"description"},{"t":"list_item","d":12,"p":{"lines":[56,57]},"v":"cweId"},{"t":"list_item","d":12,"p":{"lines":[57,58]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[58,59]},"v":"references []","c":[{"t":"list_item","d":14,"p":{"lines":[59,60]},"v":"url"},{"t":"list_item","d":14,"p":{"lines":[60,61]},"v":"name"},{"t":"list_item","d":14,"p":{"lines":[61,62],"f":true},"v":"tags []"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[62,63]},"v":"references []","c":[{"t":"list_item","d":10,"p":{"lines":[63,64]},"v":"url"},{"t":"list_item","d":10,"p":{"lines":[64,65]},"v":"name"},{"t":"list_item","d":10,"p":{"lines":[65,66],"f":true},"v":"tags []"}]},{"t":"list_item","d":8,"p":{"lines":[66,67],"f":true},"v":"impacts []","c":[{"t":"list_item","d":10,"p":{"lines":[67,68]},"v":"capecId"},{"t":"list_item","d":10,"p":{"lines":[68,69]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[69,70]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[70,71]},"v":"value"},{"t":"list_item","d":12,"p":{"lines":[71,72],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":14,"p":{"lines":[72,73]},"v":"type e.g., text/markdown"},{"t":"list_item","d":14,"p":{"lines":[73,74]},"v":"base64 ☯"},{"t":"list_item","d":14,"p":{"lines":[74,75]},"v":"value"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[75,76],"f":true},"v":"metrics []","c":[{"t":"list_item","d":10,"p":{"lines":[76,77]},"v":"format"},{"t":"list_item","d":10,"p":{"lines":[77,78]},"v":"scenarios []","c":[{"t":"list_item","d":12,"p":{"lines":[78,79]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[79,80]},"v":"value"}]},{"t":"list_item","d":10,"p":{"lines":[80,81]},"v":"cvssV4_0","c":[{"t":"list_item","d":12,"p":{"lines":[81,82]},"v":"version 4.0"},{"t":"list_item","d":12,"p":{"lines":[82,83]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[83,84]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[84,85]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[85,86]},"v":"attackVector NETWORK ADJACENT LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[86,87]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[87,88]},"v":"attackRequirements NONE PRESENT"},{"t":"list_item","d":12,"p":{"lines":[88,89]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[89,90]},"v":"userInteraction NONE PASSIVE ACTIVE"},{"t":"list_item","d":12,"p":{"lines":[90,91]},"v":"vulnConfidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[91,92]},"v":"vulnIntegrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[92,93]},"v":"vulnAvailabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[93,94]},"v":"subConfidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[94,95]},"v":"subIntegrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[95,96]},"v":"subAvailabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[96,97]},"v":"exploitMaturity UNREPORTED PROOF_OF_CONCEPT ATTACKED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[97,98]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[98,99]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[99,100]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[100,101]},"v":"modifiedAttackVector NETWORK ADJACENT LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[101,102]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[102,103]},"v":"modifiedAttackRequirements NONE PRESENT NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[103,104]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[104,105]},"v":"modifiedUserInteraction NONE PASSIVE ACTIVE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[105,106]},"v":"modifiedVulnConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[106,107]},"v":"modifiedVulnIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[107,108]},"v":"modifiedVulnAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[108,109]},"v":"modifiedSubConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[109,110]},"v":"modifiedSubIntegrityImpact NONE LOW HIGH SAFETY NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[110,111]},"v":"modifiedSubAvailabilityImpact NONE LOW HIGH SAFETY NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[111,112]},"v":"Safety NEGLIGIBLE PRESENT NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[112,113]},"v":"Automatable NO YES NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[113,114]},"v":"Recovery AUTOMATIC USER IRRECOVERABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[114,115]},"v":"valueDensity DIFFUSE CONCENTRATED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[115,116]},"v":"vulnerabilityResponseEffort LOW MODERATE HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[116,117]},"v":"providerUrgency CLEAR GREEN AMBER RED NOT_DEFINED","c":[{"t":"list_item","d":14,"p":{"lines":[117,118]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[118,119]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[119,120]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[120,121]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[121,122]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[122,123]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[123,124]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[124,125]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[125,126]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[126,127]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[127,128]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[128,129]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[129,130]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[130,131]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[131,132]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[132,133]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[133,134]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[134,135]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[135,136]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[136,137]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[137,138]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[138,139]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[139,140]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[140,141]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[141,142]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[142,143]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[143,144]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[144,145]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[145,146]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[146,147]},"v":"environmentalSeverity"}]}]},{"t":"list_item","d":10,"p":{"lines":[147,148],"f":true},"v":"cvssV3_1 ","c":[{"t":"list_item","d":12,"p":{"lines":[148,149]},"v":"version 3.1"},{"t":"list_item","d":12,"p":{"lines":[149,150]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[150,151]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[151,152]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[152,153]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[153,154]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[154,155]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[155,156]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[156,157]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[157,158]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[158,159]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[159,160]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[160,161]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[161,162]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[162,163]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[163,164]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[164,165]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[165,166]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[166,167]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[167,168]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[168,169]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[169,170]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[170,171]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[171,172]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[172,173]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[173,174]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[174,175]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[175,176]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[176,177]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[177,178]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[178,179],"f":true},"v":"cvssV3_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[179,180]},"v":"version 3.0"},{"t":"list_item","d":12,"p":{"lines":[180,181]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[181,182]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[182,183]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[183,184]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[184,185]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[185,186]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[186,187]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[187,188]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[188,189]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[189,190]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[190,191]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[191,192]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[192,193]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[193,194]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[194,195]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[195,196]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[196,197]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[197,198]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[198,199]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[199,200]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[200,201]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[201,202]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[202,203]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[203,204]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[204,205]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[205,206]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[206,207]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[207,208]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[208,209]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[209,210],"f":true},"v":"cvssV2_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[210,211]},"v":"version 2.0"},{"t":"list_item","d":12,"p":{"lines":[211,212]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[212,213]},"v":"accessVector NETWORK ADJACENT_NETWORK LOCAL"},{"t":"list_item","d":12,"p":{"lines":[213,214]},"v":"accessComplexity HIGH MEDIUM LOW"},{"t":"list_item","d":12,"p":{"lines":[214,215]},"v":"authentication MULTIPLE SINGLE NONE"},{"t":"list_item","d":12,"p":{"lines":[215,216]},"v":"confidentialityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[216,217]},"v":"integrityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[217,218]},"v":"availabilityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[218,219]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[219,220]},"v":"exploitability UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[220,221]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[221,222]},"v":"reportConfidence UNCONFIRMED UNCORROBORATED CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[222,223]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[223,224]},"v":"collateralDamagePotential NONE LOW LOW_MEDIUM MEDIUM_HIGH HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[224,225]},"v":"targetDistribution NONE LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[225,226]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[226,227]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[227,228]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[228,229]},"v":"environmentalScore"}]},{"t":"list_item","d":10,"p":{"lines":[229,230]},"v":"other","c":[{"t":"list_item","d":12,"p":{"lines":[230,231]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[231,232]},"v":"content"}]}]},{"t":"list_item","d":8,"p":{"lines":[232,233],"f":true},"v":"configurations []","c":[{"t":"list_item","d":10,"p":{"lines":[233,234]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[234,235]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[235,236],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[236,237]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[237,238]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[238,239]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[239,240],"f":true},"v":"workarounds []","c":[{"t":"list_item","d":10,"p":{"lines":[240,241]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[241,242]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[242,243],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[243,244]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[244,245]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[245,246]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[246,247],"f":true},"v":"solutions []","c":[{"t":"list_item","d":10,"p":{"lines":[247,248]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[248,249]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[249,250],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[250,251]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[251,252]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[252,253]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[253,254],"f":true},"v":"exploits []","c":[{"t":"list_item","d":10,"p":{"lines":[254,255]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[255,256]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[256,257],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[257,258]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[258,259]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[259,260]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[260,261],"f":true},"v":"timeline []","c":[{"t":"list_item","d":10,"p":{"lines":[261,262]},"v":"time"},{"t":"list_item","d":10,"p":{"lines":[262,263]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[263,264]},"v":"value"}]},{"t":"list_item","d":8,"p":{"lines":[264,265],"f":true},"v":"credits []","c":[{"t":"list_item","d":10,"p":{"lines":[265,266]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[266,267]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[267,268]},"v":"user"},{"t":"list_item","d":10,"p":{"lines":[268,269]},"v":"type finder reporter analyst coordinator remediation developer remediation reviewer remediation verifier tool sponsor other"}]},{"t":"list_item","d":8,"p":{"lines":[269,270]},"v":"source"},{"t":"list_item","d":8,"p":{"lines":[270,271],"f":true},"v":"tags []"},{"t":"list_item","d":8,"p":{"lines":[271,272],"f":true},"v":"taxonomyMappings []","c":[{"t":"list_item","d":10,"p":{"lines":[272,273]},"v":"taxonomyName"},{"t":"list_item","d":10,"p":{"lines":[273,274]},"v":"taxonomyVersion"},{"t":"list_item","d":10,"p":{"lines":[274,275]},"v":"taxonomyRelations []","c":[{"t":"list_item","d":12,"p":{"lines":[275,276]},"v":"taxonomyId"},{"t":"list_item","d":12,"p":{"lines":[276,277]},"v":"relationshipName"},{"t":"list_item","d":12,"p":{"lines":[277,278]},"v":"relationshipValue"}]}]},{"t":"list_item","d":8,"p":{"lines":[278,279]},"v":"^x_[^.]*$"}]},{"t":"list_item","d":6,"p":{"lines":[279,280],"f":true},"v":"adp []","c":[{"t":"list_item","d":8,"p":{"lines":[280,281]},"v":"providerMetadata","c":[{"t":"list_item","d":10,"p":{"lines":[281,282]},"v":"orgId"},{"t":"list_item","d":10,"p":{"lines":[282,283]},"v":"shortName"},{"t":"list_item","d":10,"p":{"lines":[283,284]},"v":"dateUpdated"}]},{"t":"list_item","d":8,"p":{"lines":[284,285]},"v":"datePublic"},{"t":"list_item","d":8,"p":{"lines":[285,286]},"v":"title"},{"t":"list_item","d":8,"p":{"lines":[286,287]},"v":"descriptions []","c":[{"t":"list_item","d":10,"p":{"lines":[287,288]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[288,289]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[289,290],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[290,291]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[291,292]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[292,293]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[293,294]},"v":"affected []","c":[{"t":"list_item","d":10,"p":{"lines":[294,295]},"v":"vendor"},{"t":"list_item","d":10,"p":{"lines":[295,296]},"v":"product"},{"t":"list_item","d":10,"p":{"lines":[296,297]},"v":"collectionURL e.g., https://access.redhat.com/downloads/content/package-browser"},{"t":"list_item","d":10,"p":{"lines":[297,298]},"v":"packageName"},{"t":"list_item","d":10,"p":{"lines":[298,299]},"v":"cpes []"},{"t":"list_item","d":10,"p":{"lines":[299,300]},"v":"modules []"},{"t":"list_item","d":10,"p":{"lines":[300,301]},"v":"programFiles []"},{"t":"list_item","d":10,"p":{"lines":[301,302]},"v":"programRoutines []","c":[{"t":"list_item","d":12,"p":{"lines":[302,303]},"v":"name"}]},{"t":"list_item","d":10,"p":{"lines":[303,304]},"v":"platforms []"},{"t":"list_item","d":10,"p":{"lines":[304,305]},"v":"repo"},{"t":"list_item","d":10,"p":{"lines":[305,306]},"v":"defaultStatus affected unaffected unknown"},{"t":"list_item","d":10,"p":{"lines":[306,307]},"v":"versions []","c":[{"t":"list_item","d":12,"p":{"lines":[307,308]},"v":"version"},{"t":"list_item","d":12,"p":{"lines":[308,309]},"v":"status affected unaffected unknown"},{"t":"list_item","d":12,"p":{"lines":[309,310]},"v":"versionType e.g., custom"},{"t":"list_item","d":12,"p":{"lines":[310,311]},"v":"lessThan"},{"t":"list_item","d":12,"p":{"lines":[311,312]},"v":"lessThanOrEqual"},{"t":"list_item","d":12,"p":{"lines":[312,313]},"v":"changes []","c":[{"t":"list_item","d":14,"p":{"lines":[313,314]},"v":"at"},{"t":"list_item","d":14,"p":{"lines":[314,315]},"v":"status affected unaffected unknown"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[315,316]},"v":"problemTypes []","c":[{"t":"list_item","d":10,"p":{"lines":[316,317]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[317,318]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[318,319]},"v":"description"},{"t":"list_item","d":12,"p":{"lines":[319,320]},"v":"cweId"},{"t":"list_item","d":12,"p":{"lines":[320,321]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[321,322]},"v":"references []","c":[{"t":"list_item","d":14,"p":{"lines":[322,323]},"v":"url"},{"t":"list_item","d":14,"p":{"lines":[323,324]},"v":"name"},{"t":"list_item","d":14,"p":{"lines":[324,325],"f":true},"v":"tags []"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[325,326]},"v":"references []","c":[{"t":"list_item","d":10,"p":{"lines":[326,327]},"v":"url"},{"t":"list_item","d":10,"p":{"lines":[327,328]},"v":"name"},{"t":"list_item","d":10,"p":{"lines":[328,329],"f":true},"v":"tags []"}]},{"t":"list_item","d":8,"p":{"lines":[329,330],"f":true},"v":"impacts []","c":[{"t":"list_item","d":10,"p":{"lines":[330,331]},"v":"capecId"},{"t":"list_item","d":10,"p":{"lines":[331,332]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[332,333]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[333,334]},"v":"value"},{"t":"list_item","d":12,"p":{"lines":[334,335],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":14,"p":{"lines":[335,336]},"v":"type e.g., text/markdown"},{"t":"list_item","d":14,"p":{"lines":[336,337]},"v":"base64 ☯"},{"t":"list_item","d":14,"p":{"lines":[337,338]},"v":"value"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[338,339],"f":true},"v":"metrics []","c":[{"t":"list_item","d":10,"p":{"lines":[339,340]},"v":"format"},{"t":"list_item","d":10,"p":{"lines":[340,341]},"v":"scenarios []","c":[{"t":"list_item","d":12,"p":{"lines":[341,342]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[342,343]},"v":"value"}]},{"t":"list_item","d":10,"p":{"lines":[343,344]},"v":"cvssV4_0","c":[{"t":"list_item","d":12,"p":{"lines":[344,345]},"v":"version 4.0"},{"t":"list_item","d":12,"p":{"lines":[345,346]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[346,347]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[347,348]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[348,349]},"v":"attackVector NETWORK ADJACENT LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[349,350]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[350,351]},"v":"attackRequirements NONE PRESENT"},{"t":"list_item","d":12,"p":{"lines":[351,352]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[352,353]},"v":"userInteraction NONE PASSIVE ACTIVE"},{"t":"list_item","d":12,"p":{"lines":[353,354]},"v":"vulnConfidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[354,355]},"v":"vulnIntegrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[355,356]},"v":"vulnAvailabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[356,357]},"v":"subConfidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[357,358]},"v":"subIntegrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[358,359]},"v":"subAvailabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[359,360]},"v":"exploitMaturity UNREPORTED PROOF_OF_CONCEPT ATTACKED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[360,361]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[361,362]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[362,363]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[363,364]},"v":"modifiedAttackVector NETWORK ADJACENT LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[364,365]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[365,366]},"v":"modifiedAttackRequirements NONE PRESENT NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[366,367]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[367,368]},"v":"modifiedUserInteraction NONE PASSIVE ACTIVE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[368,369]},"v":"modifiedVulnConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[369,370]},"v":"modifiedVulnIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[370,371]},"v":"modifiedVulnAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[371,372]},"v":"modifiedSubConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[372,373]},"v":"modifiedSubIntegrityImpact NONE LOW HIGH SAFETY NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[373,374]},"v":"modifiedSubAvailabilityImpact NONE LOW HIGH SAFETY NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[374,375]},"v":"Safety NEGLIGIBLE PRESENT NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[375,376]},"v":"Automatable NO YES NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[376,377]},"v":"Recovery AUTOMATIC USER IRRECOVERABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[377,378]},"v":"valueDensity DIFFUSE CONCENTRATED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[378,379]},"v":"vulnerabilityResponseEffort LOW MODERATE HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[379,380]},"v":"providerUrgency CLEAR GREEN AMBER RED NOT_DEFINED","c":[{"t":"list_item","d":14,"p":{"lines":[380,381]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[381,382]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[382,383]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[383,384]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[384,385]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[385,386]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[386,387]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[387,388]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[388,389]},"v":"baseScore"},{"t":"list_item","d":14,"p":{"lines":[389,390]},"v":"baseSeverity"},{"t":"list_item","d":14,"p":{"lines":[390,391]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[391,392]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[392,393]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[393,394]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[394,395]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[395,396]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[396,397]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[397,398]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[398,399]},"v":"threatScore"},{"t":"list_item","d":14,"p":{"lines":[399,400]},"v":"threatSeverity"},{"t":"list_item","d":14,"p":{"lines":[400,401]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[401,402]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[402,403]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[403,404]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[404,405]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[405,406]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[406,407]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[407,408]},"v":"environmentalSeverity"},{"t":"list_item","d":14,"p":{"lines":[408,409]},"v":"environmentalScore"},{"t":"list_item","d":14,"p":{"lines":[409,410]},"v":"environmentalSeverity"}]}]},{"t":"list_item","d":10,"p":{"lines":[410,411],"f":true},"v":"cvssV3_1 ","c":[{"t":"list_item","d":12,"p":{"lines":[411,412]},"v":"version 3.1"},{"t":"list_item","d":12,"p":{"lines":[412,413]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[413,414]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[414,415]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[415,416]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[416,417]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[417,418]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[418,419]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[419,420]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[420,421]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[421,422]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[422,423]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[423,424]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[424,425]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[425,426]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[426,427]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[427,428]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[428,429]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[429,430]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[430,431]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[431,432]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[432,433]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[433,434]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[434,435]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[435,436]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[436,437]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[437,438]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[438,439]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[439,440]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[440,441]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[441,442],"f":true},"v":"cvssV3_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[442,443]},"v":"version 3.0"},{"t":"list_item","d":12,"p":{"lines":[443,444]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[444,445]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[445,446]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[446,447]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[447,448]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[448,449]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[449,450]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[450,451]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[451,452]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[452,453]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[453,454]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[454,455]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[455,456]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[456,457]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[457,458]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[458,459]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[459,460]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[460,461]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[461,462]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[462,463]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[463,464]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[464,465]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[465,466]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[466,467]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[467,468]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[468,469]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[469,470]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[470,471]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[471,472]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[472,473],"f":true},"v":"cvssV2_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[473,474]},"v":"version 2.0"},{"t":"list_item","d":12,"p":{"lines":[474,475]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[475,476]},"v":"accessVector NETWORK ADJACENT_NETWORK LOCAL"},{"t":"list_item","d":12,"p":{"lines":[476,477]},"v":"accessComplexity HIGH MEDIUM LOW"},{"t":"list_item","d":12,"p":{"lines":[477,478]},"v":"authentication MULTIPLE SINGLE NONE"},{"t":"list_item","d":12,"p":{"lines":[478,479]},"v":"confidentialityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[479,480]},"v":"integrityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[480,481]},"v":"availabilityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[481,482]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[482,483]},"v":"exploitability UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[483,484]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[484,485]},"v":"reportConfidence UNCONFIRMED UNCORROBORATED CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[485,486]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[486,487]},"v":"collateralDamagePotential NONE LOW LOW_MEDIUM MEDIUM_HIGH HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[487,488]},"v":"targetDistribution NONE LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[488,489]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[489,490]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[490,491]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[491,492]},"v":"environmentalScore"}]},{"t":"list_item","d":10,"p":{"lines":[492,493]},"v":"other","c":[{"t":"list_item","d":12,"p":{"lines":[493,494]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[494,495]},"v":"content"}]}]},{"t":"list_item","d":8,"p":{"lines":[495,496],"f":true},"v":"configurations []","c":[{"t":"list_item","d":10,"p":{"lines":[496,497]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[497,498]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[498,499],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[499,500]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[500,501]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[501,502]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[502,503],"f":true},"v":"workarounds []","c":[{"t":"list_item","d":10,"p":{"lines":[503,504]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[504,505]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[505,506],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[506,507]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[507,508]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[508,509]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[509,510],"f":true},"v":"solutions []","c":[{"t":"list_item","d":10,"p":{"lines":[510,511]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[511,512]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[512,513],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[513,514]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[514,515]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[515,516]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[516,517],"f":true},"v":"exploits []","c":[{"t":"list_item","d":10,"p":{"lines":[517,518]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[518,519]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[519,520],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[520,521]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[521,522]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[522,523]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[523,524],"f":true},"v":"timeline []","c":[{"t":"list_item","d":10,"p":{"lines":[524,525]},"v":"time"},{"t":"list_item","d":10,"p":{"lines":[525,526]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[526,527]},"v":"value"}]},{"t":"list_item","d":8,"p":{"lines":[527,528],"f":true},"v":"credits []","c":[{"t":"list_item","d":10,"p":{"lines":[528,529]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[529,530]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[530,531]},"v":"user"},{"t":"list_item","d":10,"p":{"lines":[531,532]},"v":"type finder reporter analyst coordinator remediation developer remediation reviewer remediation verifier tool sponsor other"}]},{"t":"list_item","d":8,"p":{"lines":[532,533]},"v":"source"},{"t":"list_item","d":8,"p":{"lines":[533,534],"f":true},"v":"tags []"},{"t":"list_item","d":8,"p":{"lines":[534,535],"f":true},"v":"taxonomyMappings []","c":[{"t":"list_item","d":10,"p":{"lines":[535,536]},"v":"taxonomyName"},{"t":"list_item","d":10,"p":{"lines":[536,537]},"v":"taxonomyVersion"},{"t":"list_item","d":10,"p":{"lines":[537,538]},"v":"taxonomyRelations []","c":[{"t":"list_item","d":12,"p":{"lines":[538,539]},"v":"taxonomyId"},{"t":"list_item","d":12,"p":{"lines":[539,540]},"v":"relationshipName"},{"t":"list_item","d":12,"p":{"lines":[540,541]},"v":"relationshipValue"}]}]},{"t":"list_item","d":8,"p":{"lines":[541,542]},"v":"^x_[^.]*$"}]}]}]},{"t":"heading","d":2,"p":{"lines":[542,543]},"v":"Rejected ","c":[{"t":"list_item","d":4,"p":{"lines":[543,544]},"v":"dataType CVE_RECORD"},{"t":"list_item","d":4,"p":{"lines":[544,545]},"v":"dataVersion"},{"t":"list_item","d":4,"p":{"lines":[545,546]},"v":"cveMetadata","c":[{"t":"list_item","d":6,"p":{"lines":[546,547]},"v":"cveId"},{"t":"list_item","d":6,"p":{"lines":[547,548]},"v":"assignerOrgId"},{"t":"list_item","d":6,"p":{"lines":[548,549]},"v":"assignerShortName"},{"t":"list_item","d":6,"p":{"lines":[549,550]},"v":"serial"},{"t":"list_item","d":6,"p":{"lines":[550,551]},"v":"dateUpdated"},{"t":"list_item","d":6,"p":{"lines":[551,552]},"v":"datePublished"},{"t":"list_item","d":6,"p":{"lines":[552,553]},"v":"dateRejected"},{"t":"list_item","d":6,"p":{"lines":[553,554]},"v":"state REJECTED"},{"t":"list_item","d":6,"p":{"lines":[554,555]},"v":"dateReserved"}]},{"t":"list_item","d":4,"p":{"lines":[555,556]},"v":"containers","c":[{"t":"list_item","d":6,"p":{"lines":[556,557]},"v":"cna","c":[{"t":"list_item","d":8,"p":{"lines":[557,558]},"v":"providerMetadata","c":[{"t":"list_item","d":10,"p":{"lines":[558,559]},"v":"orgId"},{"t":"list_item","d":10,"p":{"lines":[559,560]},"v":"shortName"},{"t":"list_item","d":10,"p":{"lines":[560,561]},"v":"dateUpdated"}]},{"t":"list_item","d":8,"p":{"lines":[561,562]},"v":"rejectedReasons []","c":[{"t":"list_item","d":10,"p":{"lines":[562,563]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[563,564]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[564,565],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[565,566]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[566,567]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[567,568]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[568,569]},"v":"replacedBy []"},{"t":"list_item","d":8,"p":{"lines":[569,570]},"v":"^x_[^.]*$"}]}]}]}]}) + })(() => window.markmap,null,{"t":"heading","d":1,"p":{"lines":[0,1]},"v":"CVE JSON Record","c":[{"t":"heading","d":2,"p":{"lines":[1,2]},"v":"Published ","c":[{"t":"list_item","d":4,"p":{"lines":[2,3]},"v":"dataType CVE_RECORD"},{"t":"list_item","d":4,"p":{"lines":[3,4]},"v":"dataVersion 5.0"},{"t":"list_item","d":4,"p":{"lines":[4,5]},"v":"cveMetadata","c":[{"t":"list_item","d":6,"p":{"lines":[5,6]},"v":"cveId"},{"t":"list_item","d":6,"p":{"lines":[6,7]},"v":"assignerOrgId"},{"t":"list_item","d":6,"p":{"lines":[7,8]},"v":"assignerShortName"},{"t":"list_item","d":6,"p":{"lines":[8,9]},"v":"requesterUserId"},{"t":"list_item","d":6,"p":{"lines":[9,10]},"v":"dateUpdated"},{"t":"list_item","d":6,"p":{"lines":[10,11]},"v":"serial"},{"t":"list_item","d":6,"p":{"lines":[11,12]},"v":"dateReserved"},{"t":"list_item","d":6,"p":{"lines":[12,13]},"v":"datePublished"},{"t":"list_item","d":6,"p":{"lines":[13,14]},"v":"state PUBLISHED"}]},{"t":"list_item","d":4,"p":{"lines":[14,15]},"v":"containers","c":[{"t":"list_item","d":6,"p":{"lines":[15,16]},"v":"cna","c":[{"t":"list_item","d":8,"p":{"lines":[16,17]},"v":"providerMetadata","c":[{"t":"list_item","d":10,"p":{"lines":[17,18]},"v":"orgId"},{"t":"list_item","d":10,"p":{"lines":[18,19]},"v":"shortName"},{"t":"list_item","d":10,"p":{"lines":[19,20]},"v":"dateUpdated"}]},{"t":"list_item","d":8,"p":{"lines":[20,21]},"v":"dateAssigned"},{"t":"list_item","d":8,"p":{"lines":[21,22]},"v":"datePublic"},{"t":"list_item","d":8,"p":{"lines":[22,23]},"v":"title"},{"t":"list_item","d":8,"p":{"lines":[23,24]},"v":"descriptions []","c":[{"t":"list_item","d":10,"p":{"lines":[24,25]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[25,26]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[26,27],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[27,28]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[28,29]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[29,30]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[30,31]},"v":"affected []","c":[{"t":"list_item","d":10,"p":{"lines":[31,32]},"v":"vendor"},{"t":"list_item","d":10,"p":{"lines":[32,33]},"v":"product"},{"t":"list_item","d":10,"p":{"lines":[33,34]},"v":"collectionURL e.g., https://access.redhat.com/downloads/content/package-browser"},{"t":"list_item","d":10,"p":{"lines":[34,35]},"v":"packageName"},{"t":"list_item","d":10,"p":{"lines":[35,36]},"v":"cpes []"},{"t":"list_item","d":10,"p":{"lines":[36,37]},"v":"modules []"},{"t":"list_item","d":10,"p":{"lines":[37,38]},"v":"programFiles []"},{"t":"list_item","d":10,"p":{"lines":[38,39]},"v":"programRoutines []","c":[{"t":"list_item","d":12,"p":{"lines":[39,40]},"v":"name"}]},{"t":"list_item","d":10,"p":{"lines":[40,41]},"v":"platforms []"},{"t":"list_item","d":10,"p":{"lines":[41,42]},"v":"repo"},{"t":"list_item","d":10,"p":{"lines":[42,43]},"v":"defaultStatus affected unaffected unknown"},{"t":"list_item","d":10,"p":{"lines":[43,44]},"v":"versions []","c":[{"t":"list_item","d":12,"p":{"lines":[44,45]},"v":"version"},{"t":"list_item","d":12,"p":{"lines":[45,46]},"v":"status affected unaffected unknown"},{"t":"list_item","d":12,"p":{"lines":[46,47]},"v":"versionType e.g., custom"},{"t":"list_item","d":12,"p":{"lines":[47,48]},"v":"lessThan"},{"t":"list_item","d":12,"p":{"lines":[48,49]},"v":"lessThanOrEqual"},{"t":"list_item","d":12,"p":{"lines":[49,50]},"v":"changes []","c":[{"t":"list_item","d":14,"p":{"lines":[50,51]},"v":"at"},{"t":"list_item","d":14,"p":{"lines":[51,52]},"v":"status affected unaffected unknown"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[52,53]},"v":"problemTypes []","c":[{"t":"list_item","d":10,"p":{"lines":[53,54]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[54,55]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[55,56]},"v":"description"},{"t":"list_item","d":12,"p":{"lines":[56,57]},"v":"cweId"},{"t":"list_item","d":12,"p":{"lines":[57,58]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[58,59]},"v":"references []","c":[{"t":"list_item","d":14,"p":{"lines":[59,60]},"v":"url"},{"t":"list_item","d":14,"p":{"lines":[60,61]},"v":"name"},{"t":"list_item","d":14,"p":{"lines":[61,62],"f":true},"v":"tags []"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[62,63]},"v":"references []","c":[{"t":"list_item","d":10,"p":{"lines":[63,64]},"v":"url"},{"t":"list_item","d":10,"p":{"lines":[64,65]},"v":"name"},{"t":"list_item","d":10,"p":{"lines":[65,66],"f":true},"v":"tags []"}]},{"t":"list_item","d":8,"p":{"lines":[66,67],"f":true},"v":"impacts []","c":[{"t":"list_item","d":10,"p":{"lines":[67,68]},"v":"capecId"},{"t":"list_item","d":10,"p":{"lines":[68,69]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[69,70]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[70,71]},"v":"value"},{"t":"list_item","d":12,"p":{"lines":[71,72],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":14,"p":{"lines":[72,73]},"v":"type e.g., text/markdown"},{"t":"list_item","d":14,"p":{"lines":[73,74]},"v":"base64 ☯"},{"t":"list_item","d":14,"p":{"lines":[74,75]},"v":"value"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[75,76],"f":true},"v":"metrics []","c":[{"t":"list_item","d":10,"p":{"lines":[76,77]},"v":"format"},{"t":"list_item","d":10,"p":{"lines":[77,78]},"v":"scenarios []","c":[{"t":"list_item","d":12,"p":{"lines":[78,79]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[79,80]},"v":"value"}]},{"t":"list_item","d":10,"p":{"lines":[80,81],"f":true},"v":"cvssV3_1 ","c":[{"t":"list_item","d":12,"p":{"lines":[81,82]},"v":"version 3.1"},{"t":"list_item","d":12,"p":{"lines":[82,83]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[83,84]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[84,85]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[85,86]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[86,87]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[87,88]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[88,89]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[89,90]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[90,91]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[91,92]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[92,93]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[93,94]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[94,95]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[95,96]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[96,97]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[97,98]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[98,99]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[99,100]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[100,101]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[101,102]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[102,103]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[103,104]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[104,105]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[105,106]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[106,107]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[107,108]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[108,109]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[109,110]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[110,111]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[111,112],"f":true},"v":"cvssV3_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[112,113]},"v":"version 3.0"},{"t":"list_item","d":12,"p":{"lines":[113,114]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[114,115]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[115,116]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[116,117]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[117,118]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[118,119]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[119,120]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[120,121]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[121,122]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[122,123]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[123,124]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[124,125]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[125,126]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[126,127]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[127,128]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[128,129]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[129,130]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[130,131]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[131,132]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[132,133]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[133,134]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[134,135]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[135,136]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[136,137]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[137,138]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[138,139]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[139,140]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[140,141]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[141,142]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[142,143],"f":true},"v":"cvssV2_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[143,144]},"v":"version 2.0"},{"t":"list_item","d":12,"p":{"lines":[144,145]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[145,146]},"v":"accessVector NETWORK ADJACENT_NETWORK LOCAL"},{"t":"list_item","d":12,"p":{"lines":[146,147]},"v":"accessComplexity HIGH MEDIUM LOW"},{"t":"list_item","d":12,"p":{"lines":[147,148]},"v":"authentication MULTIPLE SINGLE NONE"},{"t":"list_item","d":12,"p":{"lines":[148,149]},"v":"confidentialityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[149,150]},"v":"integrityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[150,151]},"v":"availabilityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[151,152]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[152,153]},"v":"exploitability UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[153,154]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[154,155]},"v":"reportConfidence UNCONFIRMED UNCORROBORATED CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[155,156]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[156,157]},"v":"collateralDamagePotential NONE LOW LOW_MEDIUM MEDIUM_HIGH HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[157,158]},"v":"targetDistribution NONE LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[158,159]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[159,160]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[160,161]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[161,162]},"v":"environmentalScore"}]},{"t":"list_item","d":10,"p":{"lines":[162,163]},"v":"other","c":[{"t":"list_item","d":12,"p":{"lines":[163,164]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[164,165]},"v":"content"}]}]},{"t":"list_item","d":8,"p":{"lines":[165,166],"f":true},"v":"configurations []","c":[{"t":"list_item","d":10,"p":{"lines":[166,167]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[167,168]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[168,169],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[169,170]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[170,171]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[171,172]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[172,173],"f":true},"v":"workarounds []","c":[{"t":"list_item","d":10,"p":{"lines":[173,174]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[174,175]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[175,176],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[176,177]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[177,178]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[178,179]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[179,180],"f":true},"v":"solutions []","c":[{"t":"list_item","d":10,"p":{"lines":[180,181]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[181,182]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[182,183],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[183,184]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[184,185]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[185,186]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[186,187],"f":true},"v":"exploits []","c":[{"t":"list_item","d":10,"p":{"lines":[187,188]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[188,189]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[189,190],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[190,191]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[191,192]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[192,193]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[193,194],"f":true},"v":"timeline []","c":[{"t":"list_item","d":10,"p":{"lines":[194,195]},"v":"time"},{"t":"list_item","d":10,"p":{"lines":[195,196]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[196,197]},"v":"value"}]},{"t":"list_item","d":8,"p":{"lines":[197,198],"f":true},"v":"credits []","c":[{"t":"list_item","d":10,"p":{"lines":[198,199]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[199,200]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[200,201]},"v":"user"},{"t":"list_item","d":10,"p":{"lines":[201,202]},"v":"type finder reporter analyst coordinator remediation developer remediation reviewer remediation verifier tool sponsor other"}]},{"t":"list_item","d":8,"p":{"lines":[202,203]},"v":"source"},{"t":"list_item","d":8,"p":{"lines":[203,204],"f":true},"v":"tags []"},{"t":"list_item","d":8,"p":{"lines":[204,205],"f":true},"v":"taxonomyMappings []","c":[{"t":"list_item","d":10,"p":{"lines":[205,206]},"v":"taxonomyName"},{"t":"list_item","d":10,"p":{"lines":[206,207]},"v":"taxonomyVersion"},{"t":"list_item","d":10,"p":{"lines":[207,208]},"v":"taxonomyRelations []","c":[{"t":"list_item","d":12,"p":{"lines":[208,209]},"v":"taxonomyId"},{"t":"list_item","d":12,"p":{"lines":[209,210]},"v":"relationshipName"},{"t":"list_item","d":12,"p":{"lines":[210,211]},"v":"relationshipValue"}]}]},{"t":"list_item","d":8,"p":{"lines":[211,212]},"v":"^x_[^.]*$"}]},{"t":"list_item","d":6,"p":{"lines":[212,213],"f":true},"v":"adp []","c":[{"t":"list_item","d":8,"p":{"lines":[213,214]},"v":"providerMetadata","c":[{"t":"list_item","d":10,"p":{"lines":[214,215]},"v":"orgId"},{"t":"list_item","d":10,"p":{"lines":[215,216]},"v":"shortName"},{"t":"list_item","d":10,"p":{"lines":[216,217]},"v":"dateUpdated"}]},{"t":"list_item","d":8,"p":{"lines":[217,218]},"v":"datePublic"},{"t":"list_item","d":8,"p":{"lines":[218,219]},"v":"title"},{"t":"list_item","d":8,"p":{"lines":[219,220]},"v":"descriptions []","c":[{"t":"list_item","d":10,"p":{"lines":[220,221]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[221,222]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[222,223],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[223,224]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[224,225]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[225,226]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[226,227]},"v":"affected []","c":[{"t":"list_item","d":10,"p":{"lines":[227,228]},"v":"vendor"},{"t":"list_item","d":10,"p":{"lines":[228,229]},"v":"product"},{"t":"list_item","d":10,"p":{"lines":[229,230]},"v":"collectionURL e.g., https://access.redhat.com/downloads/content/package-browser"},{"t":"list_item","d":10,"p":{"lines":[230,231]},"v":"packageName"},{"t":"list_item","d":10,"p":{"lines":[231,232]},"v":"cpes []"},{"t":"list_item","d":10,"p":{"lines":[232,233]},"v":"modules []"},{"t":"list_item","d":10,"p":{"lines":[233,234]},"v":"programFiles []"},{"t":"list_item","d":10,"p":{"lines":[234,235]},"v":"programRoutines []","c":[{"t":"list_item","d":12,"p":{"lines":[235,236]},"v":"name"}]},{"t":"list_item","d":10,"p":{"lines":[236,237]},"v":"platforms []"},{"t":"list_item","d":10,"p":{"lines":[237,238]},"v":"repo"},{"t":"list_item","d":10,"p":{"lines":[238,239]},"v":"defaultStatus affected unaffected unknown"},{"t":"list_item","d":10,"p":{"lines":[239,240]},"v":"versions []","c":[{"t":"list_item","d":12,"p":{"lines":[240,241]},"v":"version"},{"t":"list_item","d":12,"p":{"lines":[241,242]},"v":"status affected unaffected unknown"},{"t":"list_item","d":12,"p":{"lines":[242,243]},"v":"versionType e.g., custom"},{"t":"list_item","d":12,"p":{"lines":[243,244]},"v":"lessThan"},{"t":"list_item","d":12,"p":{"lines":[244,245]},"v":"lessThanOrEqual"},{"t":"list_item","d":12,"p":{"lines":[245,246]},"v":"changes []","c":[{"t":"list_item","d":14,"p":{"lines":[246,247]},"v":"at"},{"t":"list_item","d":14,"p":{"lines":[247,248]},"v":"status affected unaffected unknown"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[248,249]},"v":"problemTypes []","c":[{"t":"list_item","d":10,"p":{"lines":[249,250]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[250,251]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[251,252]},"v":"description"},{"t":"list_item","d":12,"p":{"lines":[252,253]},"v":"cweId"},{"t":"list_item","d":12,"p":{"lines":[253,254]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[254,255]},"v":"references []","c":[{"t":"list_item","d":14,"p":{"lines":[255,256]},"v":"url"},{"t":"list_item","d":14,"p":{"lines":[256,257]},"v":"name"},{"t":"list_item","d":14,"p":{"lines":[257,258],"f":true},"v":"tags []"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[258,259]},"v":"references []","c":[{"t":"list_item","d":10,"p":{"lines":[259,260]},"v":"url"},{"t":"list_item","d":10,"p":{"lines":[260,261]},"v":"name"},{"t":"list_item","d":10,"p":{"lines":[261,262],"f":true},"v":"tags []"}]},{"t":"list_item","d":8,"p":{"lines":[262,263],"f":true},"v":"impacts []","c":[{"t":"list_item","d":10,"p":{"lines":[263,264]},"v":"capecId"},{"t":"list_item","d":10,"p":{"lines":[264,265]},"v":"descriptions []","c":[{"t":"list_item","d":12,"p":{"lines":[265,266]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[266,267]},"v":"value"},{"t":"list_item","d":12,"p":{"lines":[267,268],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":14,"p":{"lines":[268,269]},"v":"type e.g., text/markdown"},{"t":"list_item","d":14,"p":{"lines":[269,270]},"v":"base64 ☯"},{"t":"list_item","d":14,"p":{"lines":[270,271]},"v":"value"}]}]}]},{"t":"list_item","d":8,"p":{"lines":[271,272],"f":true},"v":"metrics []","c":[{"t":"list_item","d":10,"p":{"lines":[272,273]},"v":"format"},{"t":"list_item","d":10,"p":{"lines":[273,274]},"v":"scenarios []","c":[{"t":"list_item","d":12,"p":{"lines":[274,275]},"v":"lang"},{"t":"list_item","d":12,"p":{"lines":[275,276]},"v":"value"}]},{"t":"list_item","d":10,"p":{"lines":[276,277],"f":true},"v":"cvssV3_1 ","c":[{"t":"list_item","d":12,"p":{"lines":[277,278]},"v":"version 3.1"},{"t":"list_item","d":12,"p":{"lines":[278,279]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[279,280]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[280,281]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[281,282]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[282,283]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[283,284]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[284,285]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[285,286]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[286,287]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[287,288]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[288,289]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[289,290]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[290,291]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[291,292]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[292,293]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[293,294]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[294,295]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[295,296]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[296,297]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[297,298]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[298,299]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[299,300]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[300,301]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[301,302]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[302,303]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[303,304]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[304,305]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[305,306]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[306,307]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[307,308],"f":true},"v":"cvssV3_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[308,309]},"v":"version 3.0"},{"t":"list_item","d":12,"p":{"lines":[309,310]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[310,311]},"v":"attackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL"},{"t":"list_item","d":12,"p":{"lines":[311,312]},"v":"attackComplexity HIGH LOW"},{"t":"list_item","d":12,"p":{"lines":[312,313]},"v":"privilegesRequired HIGH LOW NONE"},{"t":"list_item","d":12,"p":{"lines":[313,314]},"v":"userInteraction NONE REQUIRED"},{"t":"list_item","d":12,"p":{"lines":[314,315]},"v":"scope UNCHANGED CHANGED"},{"t":"list_item","d":12,"p":{"lines":[315,316]},"v":"confidentialityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[316,317]},"v":"integrityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[317,318]},"v":"availabilityImpact NONE LOW HIGH"},{"t":"list_item","d":12,"p":{"lines":[318,319]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[319,320]},"v":"baseSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[320,321]},"v":"exploitCodeMaturity UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[321,322]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[322,323]},"v":"reportConfidence UNKNOWN REASONABLE CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[323,324]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[324,325]},"v":"temporalSeverity NONE LOW MEDIUM HIGH CRITICAL"},{"t":"list_item","d":12,"p":{"lines":[325,326]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[326,327]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[327,328]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[328,329]},"v":"modifiedAttackVector NETWORK ADJACENT_NETWORK LOCAL PHYSICAL NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[329,330]},"v":"modifiedAttackComplexity HIGH LOW NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[330,331]},"v":"modifiedPrivilegesRequired HIGH LOW NONE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[331,332]},"v":"modifiedUserInteraction NONE REQUIRED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[332,333]},"v":"modifiedScope UNCHANGED CHANGED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[333,334]},"v":"modifiedConfidentialityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[334,335]},"v":"modifiedIntegrityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[335,336]},"v":"modifiedAvailabilityImpact NONE LOW HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[336,337]},"v":"environmentalScore"},{"t":"list_item","d":12,"p":{"lines":[337,338]},"v":"environmentalSeverity NONE LOW MEDIUM HIGH CRITICAL"}]},{"t":"list_item","d":10,"p":{"lines":[338,339],"f":true},"v":"cvssV2_0 ","c":[{"t":"list_item","d":12,"p":{"lines":[339,340]},"v":"version 2.0"},{"t":"list_item","d":12,"p":{"lines":[340,341]},"v":"vectorString"},{"t":"list_item","d":12,"p":{"lines":[341,342]},"v":"accessVector NETWORK ADJACENT_NETWORK LOCAL"},{"t":"list_item","d":12,"p":{"lines":[342,343]},"v":"accessComplexity HIGH MEDIUM LOW"},{"t":"list_item","d":12,"p":{"lines":[343,344]},"v":"authentication MULTIPLE SINGLE NONE"},{"t":"list_item","d":12,"p":{"lines":[344,345]},"v":"confidentialityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[345,346]},"v":"integrityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[346,347]},"v":"availabilityImpact NONE PARTIAL COMPLETE"},{"t":"list_item","d":12,"p":{"lines":[347,348]},"v":"baseScore"},{"t":"list_item","d":12,"p":{"lines":[348,349]},"v":"exploitability UNPROVEN PROOF_OF_CONCEPT FUNCTIONAL HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[349,350]},"v":"remediationLevel OFFICIAL_FIX TEMPORARY_FIX WORKAROUND UNAVAILABLE NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[350,351]},"v":"reportConfidence UNCONFIRMED UNCORROBORATED CONFIRMED NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[351,352]},"v":"temporalScore"},{"t":"list_item","d":12,"p":{"lines":[352,353]},"v":"collateralDamagePotential NONE LOW LOW_MEDIUM MEDIUM_HIGH HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[353,354]},"v":"targetDistribution NONE LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[354,355]},"v":"confidentialityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[355,356]},"v":"integrityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[356,357]},"v":"availabilityRequirement LOW MEDIUM HIGH NOT_DEFINED"},{"t":"list_item","d":12,"p":{"lines":[357,358]},"v":"environmentalScore"}]},{"t":"list_item","d":10,"p":{"lines":[358,359]},"v":"other","c":[{"t":"list_item","d":12,"p":{"lines":[359,360]},"v":"type"},{"t":"list_item","d":12,"p":{"lines":[360,361]},"v":"content"}]}]},{"t":"list_item","d":8,"p":{"lines":[361,362],"f":true},"v":"configurations []","c":[{"t":"list_item","d":10,"p":{"lines":[362,363]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[363,364]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[364,365],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[365,366]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[366,367]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[367,368]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[368,369],"f":true},"v":"workarounds []","c":[{"t":"list_item","d":10,"p":{"lines":[369,370]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[370,371]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[371,372],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[372,373]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[373,374]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[374,375]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[375,376],"f":true},"v":"solutions []","c":[{"t":"list_item","d":10,"p":{"lines":[376,377]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[377,378]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[378,379],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[379,380]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[380,381]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[381,382]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[382,383],"f":true},"v":"exploits []","c":[{"t":"list_item","d":10,"p":{"lines":[383,384]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[384,385]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[385,386],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[386,387]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[387,388]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[388,389]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[389,390],"f":true},"v":"timeline []","c":[{"t":"list_item","d":10,"p":{"lines":[390,391]},"v":"time"},{"t":"list_item","d":10,"p":{"lines":[391,392]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[392,393]},"v":"value"}]},{"t":"list_item","d":8,"p":{"lines":[393,394],"f":true},"v":"credits []","c":[{"t":"list_item","d":10,"p":{"lines":[394,395]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[395,396]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[396,397]},"v":"user"},{"t":"list_item","d":10,"p":{"lines":[397,398]},"v":"type finder reporter analyst coordinator remediation developer remediation reviewer remediation verifier tool sponsor other"}]},{"t":"list_item","d":8,"p":{"lines":[398,399]},"v":"source"},{"t":"list_item","d":8,"p":{"lines":[399,400],"f":true},"v":"tags []"},{"t":"list_item","d":8,"p":{"lines":[400,401],"f":true},"v":"taxonomyMappings []","c":[{"t":"list_item","d":10,"p":{"lines":[401,402]},"v":"taxonomyName"},{"t":"list_item","d":10,"p":{"lines":[402,403]},"v":"taxonomyVersion"},{"t":"list_item","d":10,"p":{"lines":[403,404]},"v":"taxonomyRelations []","c":[{"t":"list_item","d":12,"p":{"lines":[404,405]},"v":"taxonomyId"},{"t":"list_item","d":12,"p":{"lines":[405,406]},"v":"relationshipName"},{"t":"list_item","d":12,"p":{"lines":[406,407]},"v":"relationshipValue"}]}]},{"t":"list_item","d":8,"p":{"lines":[407,408]},"v":"^x_[^.]*$"}]}]}]},{"t":"heading","d":2,"p":{"lines":[408,409]},"v":"Rejected ","c":[{"t":"list_item","d":4,"p":{"lines":[409,410]},"v":"dataType CVE_RECORD"},{"t":"list_item","d":4,"p":{"lines":[410,411]},"v":"dataVersion 5.0"},{"t":"list_item","d":4,"p":{"lines":[411,412]},"v":"cveMetadata","c":[{"t":"list_item","d":6,"p":{"lines":[412,413]},"v":"cveId"},{"t":"list_item","d":6,"p":{"lines":[413,414]},"v":"assignerOrgId"},{"t":"list_item","d":6,"p":{"lines":[414,415]},"v":"assignerShortName"},{"t":"list_item","d":6,"p":{"lines":[415,416]},"v":"serial"},{"t":"list_item","d":6,"p":{"lines":[416,417]},"v":"dateUpdated"},{"t":"list_item","d":6,"p":{"lines":[417,418]},"v":"datePublished"},{"t":"list_item","d":6,"p":{"lines":[418,419]},"v":"dateRejected"},{"t":"list_item","d":6,"p":{"lines":[419,420]},"v":"state REJECTED"},{"t":"list_item","d":6,"p":{"lines":[420,421]},"v":"dateReserved"}]},{"t":"list_item","d":4,"p":{"lines":[421,422]},"v":"containers","c":[{"t":"list_item","d":6,"p":{"lines":[422,423]},"v":"cna","c":[{"t":"list_item","d":8,"p":{"lines":[423,424]},"v":"providerMetadata","c":[{"t":"list_item","d":10,"p":{"lines":[424,425]},"v":"orgId"},{"t":"list_item","d":10,"p":{"lines":[425,426]},"v":"shortName"},{"t":"list_item","d":10,"p":{"lines":[426,427]},"v":"dateUpdated"}]},{"t":"list_item","d":8,"p":{"lines":[427,428]},"v":"rejectedReasons []","c":[{"t":"list_item","d":10,"p":{"lines":[428,429]},"v":"lang"},{"t":"list_item","d":10,"p":{"lines":[429,430]},"v":"value"},{"t":"list_item","d":10,"p":{"lines":[430,431],"f":true},"v":"supportingMedia []","c":[{"t":"list_item","d":12,"p":{"lines":[431,432]},"v":"type e.g., text/markdown"},{"t":"list_item","d":12,"p":{"lines":[432,433]},"v":"base64 ☯"},{"t":"list_item","d":12,"p":{"lines":[433,434]},"v":"value"}]}]},{"t":"list_item","d":8,"p":{"lines":[434,435]},"v":"replacedBy []"},{"t":"list_item","d":8,"p":{"lines":[435,436]},"v":"^x_[^.]*$"}]}]}]}]}) diff --git a/schema/archive/v5.0/imports/cvss/cvss-v2.0.json b/schema/archive/v5.0/imports/cvss/cvss-v2.0.json index caa64037aab..efe9917af6c 100644 --- a/schema/archive/v5.0/imports/cvss/cvss-v2.0.json +++ b/schema/archive/v5.0/imports/cvss/cvss-v2.0.json @@ -100,6 +100,5 @@ "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, "environmentalScore": { "$ref": "#/definitions/scoreType" } }, - "required": [ "version", "vectorString", "baseScore" ], - "additionalProperties": false + "required": [ "version", "vectorString", "baseScore" ] } diff --git a/schema/archive/v5.0/imports/cvss/cvss-v3.0.json b/schema/archive/v5.0/imports/cvss/cvss-v3.0.json index 7dbbac08720..28b3c389125 100644 --- a/schema/archive/v5.0/imports/cvss/cvss-v3.0.json +++ b/schema/archive/v5.0/imports/cvss/cvss-v3.0.json @@ -139,6 +139,5 @@ "environmentalScore": { "$ref": "#/definitions/scoreType" }, "environmentalSeverity": { "$ref": "#/definitions/severityType" } }, - "required": [ "version", "vectorString", "baseScore", "baseSeverity" ], - "additionalProperties": false + "required": [ "version", "vectorString", "baseScore", "baseSeverity" ] } diff --git a/schema/archive/v5.0/imports/cvss/cvss-v3.1.json b/schema/archive/v5.0/imports/cvss/cvss-v3.1.json index 71a1e2d7e57..fdb2cd0c168 100644 --- a/schema/archive/v5.0/imports/cvss/cvss-v3.1.json +++ b/schema/archive/v5.0/imports/cvss/cvss-v3.1.json @@ -139,6 +139,5 @@ "environmentalScore": { "$ref": "#/definitions/scoreType" }, "environmentalSeverity": { "$ref": "#/definitions/severityType" } }, - "required": [ "version", "vectorString", "baseScore", "baseSeverity" ], - "additionalProperties": false + "required": [ "version", "vectorString", "baseScore", "baseSeverity" ] } diff --git a/schema/archive/v5.0/imports/cvss/cvss-v4.0.json b/schema/archive/v5.0/imports/cvss/cvss-v4.0.json deleted file mode 100644 index 21a1e9c36d8..00000000000 --- a/schema/archive/v5.0/imports/cvss/cvss-v4.0.json +++ /dev/null @@ -1,400 +0,0 @@ -{ - "license": [ - "Copyright (c) 2023, FIRST.ORG, INC.", - "All rights reserved.", - "", - "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", - "following conditions are met:", - "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", - " disclaimer.", - "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", - " following disclaimer in the documentation and/or other materials provided with the distribution.", - "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", - " products derived from this software without specific prior written permission.", - "", - "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", - "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", - "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", - "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", - "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", - "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", - "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." - ], - - "$schema": "http://json-schema.org/draft-07/schema#", - "title": "JSON Schema for Common Vulnerability Scoring System version 4.0", - "$id": "https://www.first.org/cvss/cvss-v4.0.json?20231011", - "type": "object", - "definitions": { - "attackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT", "LOCAL", "PHYSICAL" ] - }, - "modifiedAttackVectorType": { - "type": "string", - "enum": [ "NETWORK", "ADJACENT", "LOCAL", "PHYSICAL", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "attackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW" ] - }, - "modifiedAttackComplexityType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "attackRequirementsType": { - "type": "string", - "enum": [ "NONE", "PRESENT" ] - }, - "modifiedAttackRequirementsType": { - "type": "string", - "enum": [ "NONE", "PRESENT", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "privilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE" ] - }, - "modifiedPrivilegesRequiredType": { - "type": "string", - "enum": [ "HIGH", "LOW", "NONE", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "userInteractionType": { - "type": "string", - "enum": [ "NONE", "PASSIVE", "ACTIVE" ] - }, - "modifiedUserInteractionType": { - "type": "string", - "enum": [ "NONE", "PASSIVE", "ACTIVE", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "vulnCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH" ] - }, - "modifiedVulnCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "subCiaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH" ] - }, - "modifiedSubCType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "modifiedSubIaType": { - "type": "string", - "enum": [ "NONE", "LOW", "HIGH", "SAFETY", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "exploitMaturityType": { - "type": "string", - "enum": [ "UNREPORTED", "PROOF_OF_CONCEPT", "ATTACKED", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "ciaRequirementType": { - "type": "string", - "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "safetyType": { - "type": "string", - "enum": [ "NEGLIGIBLE", "PRESENT", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "automatableType": { - "type": "string", - "enum": [ "NO", "YES", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "recoveryType": { - "type": "string", - "enum": [ "AUTOMATIC", "USER", "IRRECOVERABLE", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "valueDensityType": { - "type": "string", - "enum": [ "DIFFUSE", "CONCENTRATED", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "vulnerabilityResponseEffortType": { - "type": "string", - "enum": [ "LOW", "MODERATE", "HIGH", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "providerUrgencyType": { - "type": "string", - "enum": [ "CLEAR", "GREEN", "AMBER", "RED", "NOT_DEFINED" ], - "default": "NOT_DEFINED" - }, - "scoreType": { - "type": "number", - "minimum": 0.0, - "maximum": 10.0, - "multipleOf": 0.1 - }, - "noneScoreType": { - "type": "number", - "minimum": 0.0, - "maximum": 0.0 - }, - "lowScoreType": { - "type": "number", - "minimum": 0.1, - "maximum": 3.9, - "multipleOf": 0.1 - }, - "mediumScoreType": { - "type": "number", - "minimum": 4.0, - "maximum": 6.9, - "multipleOf": 0.1 - }, - "highScoreType": { - "type": "number", - "minimum": 7.0, - "maximum": 8.9, - "multipleOf": 0.1 - }, - "criticalScoreType": { - "type": "number", - "minimum": 9.0, - "maximum": 10, - "multipleOf": 0.1 - }, - "severityType": { - "type": "string", - "enum":["NONE", "LOW", "MEDIUM", "HIGH", "CRITICAL"] - }, - "noneSeverityType": { - "const": "NONE" - }, - "lowSeverityType": { - "const": "LOW" - }, - "mediumSeverityType": { - "const": "MEDIUM" - }, - "highSeverityType": { - "const": "HIGH" - }, - "criticalSeverityType": { - "const": "CRITICAL" - } - }, - "properties": { - "version": { - "description": "CVSS Version", - "type": "string", - "enum": [ "4.0" ] - }, - "vectorString": { - "type": "string", - "pattern": "^CVSS:4[.]0\/AV:[NALP]\/AC:[LH]\/AT:[NP]\/PR:[NLH]\/UI:[NPA]\/VC:[HLN]\/VI:[HLN]\/VA:[HLN]\/SC:[HLN]\/SI:[HLN]\/SA:[HLN](\/E:[XAPU])?(\/CR:[XHML])?(\/IR:[XHML])?(\/AR:[XHML])?(\/MAV:[XNALP])?(\/MAC:[XLH])?(\/MAT:[XNP])?(\/MPR:[XNLH])?(\/MUI:[XNPA])?(\/MVC:[XNLH])?(\/MVI:[XNLH])?(\/MVA:[XNLH])?(\/MSC:[XNLH])?(\/MSI:[XNLHS])?(\/MSA:[XNLHS])?(\/S:[XNP])?(\/AU:[XNY])?(\/R:[XAUI])?(\/V:[XDC])?(\/RE:[XLMH])?(\/U:(X|Clear|Green|Amber|Red))?$" - }, - "baseScore": { "$ref": "#/definitions/scoreType" }, - "baseSeverity": { "$ref": "#/definitions/severityType" }, - "attackVector": { "$ref": "#/definitions/attackVectorType" }, - "attackComplexity": { "$ref": "#/definitions/attackComplexityType" }, - "attackRequirements": { "$ref": "#/definitions/attackRequirementsType" }, - "privilegesRequired": { "$ref": "#/definitions/privilegesRequiredType" }, - "userInteraction": { "$ref": "#/definitions/userInteractionType" }, - "vulnConfidentialityImpact": { "$ref": "#/definitions/vulnCiaType" }, - "vulnIntegrityImpact": { "$ref": "#/definitions/vulnCiaType" }, - "vulnAvailabilityImpact": { "$ref": "#/definitions/vulnCiaType" }, - "subConfidentialityImpact": { "$ref": "#/definitions/subCiaType" }, - "subIntegrityImpact": { "$ref": "#/definitions/subCiaType" }, - "subAvailabilityImpact": { "$ref": "#/definitions/subCiaType" }, - "exploitMaturity": { "$ref": "#/definitions/exploitMaturityType" }, - "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, - "modifiedAttackVector": { "$ref": "#/definitions/modifiedAttackVectorType" }, - "modifiedAttackComplexity": { "$ref": "#/definitions/modifiedAttackComplexityType" }, - "modifiedAttackRequirements": { "$ref": "#/definitions/modifiedAttackRequirementsType" }, - "modifiedPrivilegesRequired": { "$ref": "#/definitions/modifiedPrivilegesRequiredType" }, - "modifiedUserInteraction": { "$ref": "#/definitions/modifiedUserInteractionType" }, - "modifiedVulnConfidentialityImpact": { "$ref": "#/definitions/modifiedVulnCiaType" }, - "modifiedVulnIntegrityImpact": { "$ref": "#/definitions/modifiedVulnCiaType" }, - "modifiedVulnAvailabilityImpact": { "$ref": "#/definitions/modifiedVulnCiaType" }, - "modifiedSubConfidentialityImpact": { "$ref": "#/definitions/modifiedSubCType" }, - "modifiedSubIntegrityImpact": { "$ref": "#/definitions/modifiedSubIaType" }, - "modifiedSubAvailabilityImpact": { "$ref": "#/definitions/modifiedSubIaType" }, - "Safety": { "$ref": "#/definitions/safetyType" }, - "Automatable": { "$ref": "#/definitions/automatableType" }, - "Recovery": { "$ref": "#/definitions/recoveryType" }, - "valueDensity": { "$ref": "#/definitions/valueDensityType" }, - "vulnerabilityResponseEffort": { "$ref": "#/definitions/vulnerabilityResponseEffortType" }, - "providerUrgency": { "$ref": "#/definitions/providerUrgencyType" } - }, - "allOf": [ - { - "anyOf": [{ - "properties": { - "baseScore" : { - "$ref": "#/definitions/noneScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/lowScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/mediumScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/highScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/highSeverityType" - } - } - }, - { - "properties": { - "baseScore" : { - "$ref": "#/definitions/criticalScoreType" - }, - "baseSeverity" : { - "$ref": "#/definitions/criticalSeverityType" - } - } - }] - }, - { - "anyOf": [{ - "properties": { - "threatScore" : { - "$ref": "#/definitions/noneScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/lowScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/mediumScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/highScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/highSeverityType" - } - } - }, - { - "properties": { - "threatScore" : { - "$ref": "#/definitions/criticalScoreType" - }, - "threatSeverity" : { - "$ref": "#/definitions/criticalSeverityType" - } - } - } - ] - }, - { - "anyOf": [ - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/noneScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/noneSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/lowScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/lowSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/mediumScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/mediumSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/highScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/highSeverityType" - } - } - }, - { - "properties": { - "environmentalScore" : { - "$ref": "#/definitions/criticalScoreType" - }, - "environmentalSeverity" : { - "$ref": "#/definitions/criticalSeverityType" - } - } - } - ] - } - ], - "required": [ "version", "vectorString", "baseScore", "baseSeverity" ], - "additionalProperties": false -} diff --git a/schema/archive/v5.0/support/Node_Validator/build.js b/schema/archive/v5.0/support/Node_Validator/build.js index 09ab39b0cd4..cbaa95df522 100644 --- a/schema/archive/v5.0/support/Node_Validator/build.js +++ b/schema/archive/v5.0/support/Node_Validator/build.js @@ -3,7 +3,7 @@ const path = require("path") const Ajv = require('ajv').default; const standaloneCode = require("ajv/dist/standalone").default const addFormats = require('ajv-formats').default; -const schema = require("../../docs/CVE_JSON_bundled.json") +const schema = require("../../docs/CVE_JSON_5.0_bundled.json") function reduceSchema(o) { for(prop in o) { diff --git a/schema/archive/v5.0/support/Node_Validator/dist/cve5validator.js b/schema/archive/v5.0/support/Node_Validator/dist/cve5validator.js index 6e0db22c3db..1ac16de2dcf 100644 --- a/schema/archive/v5.0/support/Node_Validator/dist/cve5validator.js +++ b/schema/archive/v5.0/support/Node_Validator/dist/cve5validator.js @@ -1 +1 @@ -"use strict";module.exports = validate10;module.exports.default = validate10;const schema11 = {"$schema":"http://json-schema.org/draft-07/schema#","$id":"https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_bundled.json","definitions":{"uriType":{"type":"string","format":"uri","minLength":1,"maxLength":2048},"uuidType":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},"reference":{"type":"object","required":["url"],"properties":{"url":{"$ref":"#/definitions/uriType"},"name":{"type":"string","maxLength":512,"minLength":1},"tags":{"type":"array","minItems":1,"uniqueItems":true,"items":{"oneOf":[{"$ref":"#/definitions/tagExtension"},{"$schema":"http://json-schema.org/draft-07/schema#","$id":"https://cve.mitre.org/cve/v5_00/tags/reference/","type":"string","enum":["broken-link","customer-entitlement","exploit","government-resource","issue-tracking","mailing-list","mitigation","not-applicable","patch","permissions-required","media-coverage","product","related","release-notes","signature","technical-description","third-party-advisory","vendor-advisory","vdb-entry"]}]}}},"additionalProperties":false},"cveId":{"type":"string","pattern":"^CVE-[0-9]{4}-[0-9]{4,19}$"},"orgId":{"$ref":"#/definitions/uuidType"},"userId":{"$ref":"#/definitions/uuidType"},"shortName":{"type":"string","minLength":2,"maxLength":32},"datestamp":{"type":"string","format":"date","pattern":"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))$"},"timestamp":{"type":"string","format":"date-time","pattern":"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},"version":{"type":"string","minLength":1,"maxLength":1024},"status":{"type":"string","enum":["affected","unaffected","unknown"]},"product":{"type":"object","allOf":[{"anyOf":[{"required":["vendor","product"]},{"required":["collectionURL","packageName"]}]},{"anyOf":[{"required":["versions"]},{"required":["defaultStatus"]}]}],"properties":{"vendor":{"type":"string","minLength":1,"maxLength":512},"product":{"type":"string","minLength":1,"maxLength":2048},"collectionURL":{"$ref":"#/definitions/uriType","examples":["https://access.redhat.com/downloads/content/package-browser","https://addons.mozilla.org","https://addons.thunderbird.net","https://anaconda.org/anaconda/repo","https://app.vagrantup.com/boxes/search","https://apps.apple.com","https://archlinux.org/packages","https://atmospherejs.meteor.com","https://atom.io/packages","https://bitbucket.org","https://bower.io","https://brew.sh/","https://chocolatey.org/packages","https://chrome.google.com/webstore","https://clojars.org","https://cocoapods.org","https://code.dlang.org","https://conan.io/center","https://cpan.org/modules","https://cran.r-project.org","https://crates.io","https://ctan.org/pkg","https://drupal.org","https://exchange.adobe.com","https://forge.puppet.com/modules","https://github.com","https://gitlab.com/explore","https://golang.org/pkg","https://guix.gnu.org/packages","https://hackage.haskell.org","https://helm.sh","https://hub.docker.com","https://juliahub.com","https://lib.haxe.org","https://luarocks.org","https://marketplace.visualstudio.com","https://melpa.org","https://microsoft.com/en-us/store/apps","https://nimble.directory","https://nuget.org/packages","https://opam.ocaml.org/packages","https://openwrt.org/packages/index","https://package.elm-lang.org","https://packagecontrol.io","https://packages.debian.org","https://packages.gentoo.org","https://packagist.org","https://pear.php.net/packages.php","https://pecl.php.net","https://platformio.org/lib","https://play.google.com/store","https://plugins.gradle.org","https://projects.eclipse.org","https://pub.dev","https://pypi.python.org","https://registry.npmjs.org","https://registry.terraform.io","https://repo.hex.pm","https://repo.maven.apache.org/maven2","https://rubygems.org","https://search.nixos.org/packages","https://sourceforge.net","https://wordpress.org/plugins"]},"packageName":{"type":"string","minLength":1,"maxLength":2048},"cpes":{"type":"array","uniqueItems":true,"items":{"type":"string","pattern":"([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})","minLength":1,"maxLength":2048}},"modules":{"type":"array","uniqueItems":true,"items":{"type":"string","minLength":1,"maxLength":4096}},"programFiles":{"type":"array","uniqueItems":true,"items":{"type":"string","minLength":1,"maxLength":1024}},"programRoutines":{"type":"array","uniqueItems":true,"items":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":4096}},"additionalProperties":false}},"platforms":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"string","examples":["iOS","Android","Windows","macOS","x86","ARM","64 bit","Big Endian","iPad","Chromebook","Docker","Model T"],"maxLength":1024}},"repo":{"$ref":"#/definitions/uriType"},"defaultStatus":{"$ref":"#/definitions/status"},"versions":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","oneOf":[{"required":["version","status"],"maxProperties":2},{"required":["version","status","versionType"],"maxProperties":3},{"required":["version","status","versionType","lessThan"]},{"required":["version","status","versionType","lessThanOrEqual"]}],"properties":{"version":{"$ref":"#/definitions/version"},"status":{"$ref":"#/definitions/status"},"versionType":{"type":"string","minLength":1,"maxLength":128,"examples":["custom","git","maven","python","rpm","semver"]},"lessThan":{"$ref":"#/definitions/version"},"lessThanOrEqual":{"$ref":"#/definitions/version"},"changes":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["at","status"],"additionalProperties":false,"properties":{"at":{"$ref":"#/definitions/version"},"status":{"$ref":"#/definitions/status"}}}}},"additionalProperties":false}}}},"dataType":{"type":"string","enum":["CVE_RECORD"]},"dataVersion":{"type":"string","pattern":"^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$","default":"5.1.0"},"cveMetadataPublished":{"type":"object","required":["cveId","assignerOrgId","state"],"properties":{"cveId":{"$ref":"#/definitions/cveId"},"assignerOrgId":{"$ref":"#/definitions/orgId"},"assignerShortName":{"$ref":"#/definitions/shortName"},"requesterUserId":{"$ref":"#/definitions/userId"},"dateUpdated":{"$ref":"#/definitions/timestamp"},"serial":{"type":"integer","minimum":1},"dateReserved":{"$ref":"#/definitions/timestamp"},"datePublished":{"$ref":"#/definitions/timestamp"},"state":{"type":"string","enum":["PUBLISHED"]}},"additionalProperties":false},"cveMetadataRejected":{"type":"object","required":["cveId","assignerOrgId","state"],"properties":{"cveId":{"$ref":"#/definitions/cveId"},"assignerOrgId":{"$ref":"#/definitions/orgId"},"assignerShortName":{"$ref":"#/definitions/shortName"},"serial":{"type":"integer","minimum":1},"dateUpdated":{"$ref":"#/definitions/timestamp"},"datePublished":{"$ref":"#/definitions/timestamp"},"dateRejected":{"$ref":"#/definitions/timestamp"},"state":{"type":"string","enum":["REJECTED"]},"dateReserved":{"$ref":"#/definitions/timestamp"}},"additionalProperties":false},"providerMetadata":{"type":"object","properties":{"orgId":{"$ref":"#/definitions/orgId"},"shortName":{"$ref":"#/definitions/shortName"},"dateUpdated":{"$ref":"#/definitions/timestamp"}},"required":["orgId"],"additionalProperties":false},"cnaPublishedContainer":{"type":"object","properties":{"providerMetadata":{"$ref":"#/definitions/providerMetadata"},"dateAssigned":{"$ref":"#/definitions/timestamp"},"datePublic":{"$ref":"#/definitions/timestamp"},"title":{"type":"string","minLength":1,"maxLength":256},"descriptions":{"$ref":"#/definitions/descriptions"},"affected":{"$ref":"#/definitions/affected"},"problemTypes":{"$ref":"#/definitions/problemTypes"},"references":{"$ref":"#/definitions/references"},"impacts":{"$ref":"#/definitions/impacts"},"metrics":{"$ref":"#/definitions/metrics"},"configurations":{"$ref":"#/definitions/configurations"},"workarounds":{"$ref":"#/definitions/workarounds"},"solutions":{"$ref":"#/definitions/solutions"},"exploits":{"$ref":"#/definitions/exploits"},"timeline":{"$ref":"#/definitions/timeline"},"credits":{"$ref":"#/definitions/credits"},"source":{"$ref":"#/definitions/source"},"tags":{"$ref":"#/definitions/cnaTags"},"taxonomyMappings":{"$ref":"#/definitions/taxonomyMappings"}},"required":["providerMetadata","descriptions","affected","references"],"patternProperties":{"^x_[^.]*$":{}},"$comment":"The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.","additionalProperties":false},"cnaRejectedContainer":{"type":"object","properties":{"providerMetadata":{"$ref":"#/definitions/providerMetadata"},"rejectedReasons":{"$ref":"#/definitions/descriptions"},"replacedBy":{"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/cveId"}}},"required":["providerMetadata","rejectedReasons"],"patternProperties":{"^x_[^.]*$":{}},"$comment":"The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.","additionalProperties":false},"adpContainer":{"type":"object","properties":{"providerMetadata":{"$ref":"#/definitions/providerMetadata"},"datePublic":{"$ref":"#/definitions/timestamp"},"title":{"type":"string","minLength":1,"maxLength":256},"descriptions":{"$ref":"#/definitions/descriptions"},"affected":{"$ref":"#/definitions/affected"},"problemTypes":{"$ref":"#/definitions/problemTypes"},"references":{"$ref":"#/definitions/references"},"impacts":{"$ref":"#/definitions/impacts"},"metrics":{"$ref":"#/definitions/metrics"},"configurations":{"$ref":"#/definitions/configurations"},"workarounds":{"$ref":"#/definitions/workarounds"},"solutions":{"$ref":"#/definitions/solutions"},"exploits":{"$ref":"#/definitions/exploits"},"timeline":{"$ref":"#/definitions/timeline"},"credits":{"$ref":"#/definitions/credits"},"source":{"$ref":"#/definitions/source"},"tags":{"$ref":"#/definitions/adpTags"},"taxonomyMappings":{"$ref":"#/definitions/taxonomyMappings"}},"required":["providerMetadata"],"minProperties":2,"patternProperties":{"^x_[^.]*$":{}},"$comment":"The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.","additionalProperties":false},"affected":{"type":"array","minItems":1,"items":{"$ref":"#/definitions/product"}},"description":{"type":"object","properties":{"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","minLength":1,"maxLength":4096},"supportingMedia":{"type":"array","uniqueItems":true,"minItems":1,"items":{"type":"object","properties":{"type":{"type":"string","minLength":1,"maxLength":256,"examples":["text/markdown","text/html","image/png","image/svg","audio/mp3"]},"base64":{"type":"boolean","default":false},"value":{"type":"string","minLength":1,"maxLength":16384}},"required":["type","value"],"additionalProperties":false}}},"required":["lang","value"],"additionalProperties":false},"englishLanguageDescription":{"type":"object","properties":{"lang":{"$ref":"#/definitions/englishLanguage"}},"required":["lang"],"$comment":"Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description."},"descriptions":{"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"},"contains":{"$ref":"#/definitions/englishLanguageDescription"}},"problemTypes":{"type":"array","items":{"type":"object","required":["descriptions"],"properties":{"descriptions":{"type":"array","items":{"type":"object","required":["lang","description"],"properties":{"lang":{"$ref":"#/definitions/language"},"description":{"type":"string","minLength":1,"maxLength":4096},"cweId":{"type":"string","minLength":5,"maxLength":9,"pattern":"^CWE-[1-9][0-9]*$"},"type":{"type":"string","minLength":1,"maxLength":128},"references":{"$ref":"#/definitions/references"}},"additionalProperties":false},"minItems":1,"uniqueItems":true}},"additionalProperties":false},"minItems":1,"uniqueItems":true},"references":{"type":"array","items":{"$ref":"#/definitions/reference"},"minItems":1,"maxItems":512,"uniqueItems":true},"impacts":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["descriptions"],"properties":{"capecId":{"type":"string","minLength":7,"maxLength":11,"pattern":"^CAPEC-[1-9][0-9]{0,4}$"},"descriptions":{"$ref":"#/definitions/descriptions"}},"additionalProperties":false}},"metrics":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","anyOf":[{"required":["cvssV4_0"]},{"required":["cvssV3_1"]},{"required":["cvssV3_0"]},{"required":["cvssV2_0"]},{"required":["other"]}],"properties":{"format":{"type":"string","minLength":1,"maxLength":64},"scenarios":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","properties":{"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","default":"GENERAL","minLength":1,"maxLength":4096}},"required":["lang","value"],"additionalProperties":false}},"cvssV4_0":{"$schema":"http://json-schema.org/draft-07/schema#","type":"object","definitions":{"attackVectorType":{"type":"string","enum":["NETWORK","ADJACENT","LOCAL","PHYSICAL"]},"modifiedAttackVectorType":{"type":"string","enum":["NETWORK","ADJACENT","LOCAL","PHYSICAL","NOT_DEFINED"],"default":"NOT_DEFINED"},"attackComplexityType":{"type":"string","enum":["HIGH","LOW"]},"modifiedAttackComplexityType":{"type":"string","enum":["HIGH","LOW","NOT_DEFINED"],"default":"NOT_DEFINED"},"attackRequirementsType":{"type":"string","enum":["NONE","PRESENT"]},"modifiedAttackRequirementsType":{"type":"string","enum":["NONE","PRESENT","NOT_DEFINED"],"default":"NOT_DEFINED"},"privilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE"]},"modifiedPrivilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"],"default":"NOT_DEFINED"},"userInteractionType":{"type":"string","enum":["NONE","PASSIVE","ACTIVE"]},"modifiedUserInteractionType":{"type":"string","enum":["NONE","PASSIVE","ACTIVE","NOT_DEFINED"],"default":"NOT_DEFINED"},"vulnCiaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedVulnCiaType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"subCiaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedSubCType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"modifiedSubIaType":{"type":"string","enum":["NONE","LOW","HIGH","SAFETY","NOT_DEFINED"],"default":"NOT_DEFINED"},"exploitMaturityType":{"type":"string","enum":["UNREPORTED","PROOF_OF_CONCEPT","ATTACKED","NOT_DEFINED"],"default":"NOT_DEFINED"},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"safetyType":{"type":"string","enum":["NEGLIGIBLE","PRESENT","NOT_DEFINED"],"default":"NOT_DEFINED"},"automatableType":{"type":"string","enum":["NO","YES","NOT_DEFINED"],"default":"NOT_DEFINED"},"recoveryType":{"type":"string","enum":["AUTOMATIC","USER","IRRECOVERABLE","NOT_DEFINED"],"default":"NOT_DEFINED"},"valueDensityType":{"type":"string","enum":["DIFFUSE","CONCENTRATED","NOT_DEFINED"],"default":"NOT_DEFINED"},"vulnerabilityResponseEffortType":{"type":"string","enum":["LOW","MODERATE","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"providerUrgencyType":{"type":"string","enum":["CLEAR","GREEN","AMBER","RED","NOT_DEFINED"],"default":"NOT_DEFINED"},"scoreType":{"type":"number","minimum":0,"maximum":10,"multipleOf":0.1},"noneScoreType":{"type":"number","minimum":0,"maximum":0},"lowScoreType":{"type":"number","minimum":0.1,"maximum":3.9,"multipleOf":0.1},"mediumScoreType":{"type":"number","minimum":4,"maximum":6.9,"multipleOf":0.1},"highScoreType":{"type":"number","minimum":7,"maximum":8.9,"multipleOf":0.1},"criticalScoreType":{"type":"number","minimum":9,"maximum":10,"multipleOf":0.1},"severityType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]},"noneSeverityType":{"const":"NONE"},"lowSeverityType":{"const":"LOW"},"mediumSeverityType":{"const":"MEDIUM"},"highSeverityType":{"const":"HIGH"},"criticalSeverityType":{"const":"CRITICAL"}},"properties":{"version":{"type":"string","enum":["4.0"]},"vectorString":{"type":"string","pattern":"^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType"},"attackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType"},"attackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType"},"attackRequirements":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType"},"privilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType"},"userInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType"},"vulnConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"},"vulnIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"},"vulnAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"},"subConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"},"subIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"},"subAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"},"exploitMaturity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"},"modifiedAttackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType"},"modifiedAttackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType"},"modifiedAttackRequirements":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType"},"modifiedPrivilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType"},"modifiedUserInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType"},"modifiedVulnConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"},"modifiedVulnIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"},"modifiedVulnAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"},"modifiedSubConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType"},"modifiedSubIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType"},"modifiedSubAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType"},"Safety":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType"},"Automatable":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType"},"Recovery":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType"},"valueDensity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType"},"vulnerabilityResponseEffort":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType"},"providerUrgency":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType"}},"allOf":[{"anyOf":[{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType"}}}]},{"anyOf":[{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType"}}}]},{"anyOf":[{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType"}}}]}],"required":["version","vectorString","baseScore","baseSeverity"],"additionalProperties":false},"cvssV3_1":{"$schema":"http://json-schema.org/draft-07/schema#","type":"object","definitions":{"attackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},"modifiedAttackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},"attackComplexityType":{"type":"string","enum":["HIGH","LOW"]},"modifiedAttackComplexityType":{"type":"string","enum":["HIGH","LOW","NOT_DEFINED"]},"privilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE"]},"modifiedPrivilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"]},"userInteractionType":{"type":"string","enum":["NONE","REQUIRED"]},"modifiedUserInteractionType":{"type":"string","enum":["NONE","REQUIRED","NOT_DEFINED"]},"scopeType":{"type":"string","enum":["UNCHANGED","CHANGED"]},"modifiedScopeType":{"type":"string","enum":["UNCHANGED","CHANGED","NOT_DEFINED"]},"ciaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedCiaType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"]},"exploitCodeMaturityType":{"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},"remediationLevelType":{"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},"confidenceType":{"type":"string","enum":["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]},"scoreType":{"type":"number","minimum":0,"maximum":10},"severityType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},"properties":{"version":{"type":"string","enum":["3.1"]},"vectorString":{"type":"string","pattern":"^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},"attackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType"},"attackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType"},"privilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType"},"userInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType"},"scope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType"},"confidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},"integrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},"availabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},"exploitCodeMaturity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType"},"remediationLevel":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType"},"reportConfidence":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType"},"temporalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},"temporalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},"modifiedAttackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType"},"modifiedAttackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType"},"modifiedPrivilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType"},"modifiedUserInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType"},"modifiedScope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType"},"modifiedConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},"modifiedIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},"modifiedAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"}},"required":["version","vectorString","baseScore","baseSeverity"],"additionalProperties":false},"cvssV3_0":{"$schema":"http://json-schema.org/draft-04/schema#","type":"object","definitions":{"attackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},"modifiedAttackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},"attackComplexityType":{"type":"string","enum":["HIGH","LOW"]},"modifiedAttackComplexityType":{"type":"string","enum":["HIGH","LOW","NOT_DEFINED"]},"privilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE"]},"modifiedPrivilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"]},"userInteractionType":{"type":"string","enum":["NONE","REQUIRED"]},"modifiedUserInteractionType":{"type":"string","enum":["NONE","REQUIRED","NOT_DEFINED"]},"scopeType":{"type":"string","enum":["UNCHANGED","CHANGED"]},"modifiedScopeType":{"type":"string","enum":["UNCHANGED","CHANGED","NOT_DEFINED"]},"ciaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedCiaType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"]},"exploitCodeMaturityType":{"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},"remediationLevelType":{"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},"confidenceType":{"type":"string","enum":["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]},"scoreType":{"type":"number","minimum":0,"maximum":10},"severityType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},"properties":{"version":{"type":"string","enum":["3.0"]},"vectorString":{"type":"string","pattern":"^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},"attackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType"},"attackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType"},"privilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType"},"userInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType"},"scope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType"},"confidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},"integrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},"availabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},"exploitCodeMaturity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType"},"remediationLevel":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType"},"reportConfidence":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType"},"temporalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},"temporalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},"modifiedAttackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType"},"modifiedAttackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType"},"modifiedPrivilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType"},"modifiedUserInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType"},"modifiedScope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType"},"modifiedConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},"modifiedIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},"modifiedAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"}},"required":["version","vectorString","baseScore","baseSeverity"],"additionalProperties":false},"cvssV2_0":{"$schema":"http://json-schema.org/draft-04/schema#","type":"object","definitions":{"accessVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL"]},"accessComplexityType":{"type":"string","enum":["HIGH","MEDIUM","LOW"]},"authenticationType":{"type":"string","enum":["MULTIPLE","SINGLE","NONE"]},"ciaType":{"type":"string","enum":["NONE","PARTIAL","COMPLETE"]},"exploitabilityType":{"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},"remediationLevelType":{"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},"reportConfidenceType":{"type":"string","enum":["UNCONFIRMED","UNCORROBORATED","CONFIRMED","NOT_DEFINED"]},"collateralDamagePotentialType":{"type":"string","enum":["NONE","LOW","LOW_MEDIUM","MEDIUM_HIGH","HIGH","NOT_DEFINED"]},"targetDistributionType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","NOT_DEFINED"]},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]},"scoreType":{"type":"number","minimum":0,"maximum":10}},"properties":{"version":{"type":"string","enum":["2.0"]},"vectorString":{"type":"string","pattern":"^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"},"accessVector":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType"},"accessComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType"},"authentication":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType"},"confidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},"integrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},"availabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},"exploitability":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType"},"remediationLevel":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType"},"reportConfidence":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType"},"temporalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},"collateralDamagePotential":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType"},"targetDistribution":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"}},"required":["version","vectorString","baseScore"],"additionalProperties":false},"other":{"type":"object","required":["type","content"],"properties":{"type":{"type":"string","minLength":1,"maxLength":128},"content":{"type":"object","$comment":"additionalProperties are allowed here, since this construct supports arbitrary JSON.","minProperties":1}},"additionalProperties":false}},"additionalProperties":false}},"configurations":{"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}},"workarounds":{"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}},"solutions":{"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}},"exploits":{"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}},"timeline":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["time","lang","value"],"properties":{"time":{"$ref":"#/definitions/timestamp"},"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","minLength":1,"maxLength":4096}},"additionalProperties":false}},"credits":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","properties":{"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","minLength":1,"maxLength":4096},"user":{"$ref":"#/definitions/uuidType"},"type":{"type":"string","default":"finder","enum":["finder","reporter","analyst","coordinator","remediation developer","remediation reviewer","remediation verifier","tool","sponsor","other"]}},"additionalProperties":false,"required":["lang","value"]}},"source":{"type":"object","minProperties":1},"language":{"type":"string","default":"en","pattern":"^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},"englishLanguage":{"type":"string","pattern":"^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},"taxonomyMappings":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["taxonomyName","taxonomyRelations"],"properties":{"taxonomyName":{"type":"string","minLength":1,"maxLength":128},"taxonomyVersion":{"type":"string","minLength":1,"maxLength":128},"taxonomyRelations":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["taxonomyId","relationshipName","relationshipValue"],"properties":{"taxonomyId":{"type":"string","minLength":1,"maxLength":2048},"relationshipName":{"type":"string","minLength":1,"maxLength":128},"relationshipValue":{"type":"string","minLength":1,"maxLength":2048}},"additionalProperties":false}}},"additionalProperties":false}},"tagExtension":{"type":"string","minLength":2,"maxLength":128,"pattern":"^x_.*$","$comment":"These values are not used as JSON property names, so there is not a need to work-around property naming limitations in some common implementations."},"cnaTags":{"type":"array","uniqueItems":true,"minItems":1,"items":{"oneOf":[{"$ref":"#/definitions/tagExtension"},{"$schema":"http://json-schema.org/draft-07/schema#","$id":"https://cve.mitre.org/cve/v5_00/tags/cna/","type":"string","enum":["unsupported-when-assigned","exclusively-hosted-service","disputed"]}]}},"adpTags":{"type":"array","uniqueItems":true,"minItems":1,"items":{"oneOf":[{"$ref":"#/definitions/tagExtension"},{"$schema":"http://json-schema.org/draft-07/schema#","$id":"https://cve.mitre.org/cve/v5_00/tags/adp/","type":"string","enum":["disputed"]}]}}},"oneOf":[{"type":"object","properties":{"dataType":{"$ref":"#/definitions/dataType"},"dataVersion":{"$ref":"#/definitions/dataVersion"},"cveMetadata":{"$ref":"#/definitions/cveMetadataPublished"},"containers":{"type":"object","properties":{"cna":{"$ref":"#/definitions/cnaPublishedContainer"},"adp":{"type":"array","items":{"$ref":"#/definitions/adpContainer"},"minItems":1,"uniqueItems":true}},"required":["cna"],"additionalProperties":false}},"required":["dataType","dataVersion","cveMetadata","containers"],"additionalProperties":false},{"type":"object","properties":{"dataType":{"$ref":"#/definitions/dataType"},"dataVersion":{"$ref":"#/definitions/dataVersion"},"cveMetadata":{"$ref":"#/definitions/cveMetadataRejected"},"containers":{"type":"object","properties":{"cna":{"$ref":"#/definitions/cnaRejectedContainer"}},"required":["cna"],"additionalProperties":false}},"required":["dataType","dataVersion","cveMetadata","containers"],"additionalProperties":false}]};const schema12 = {"type":"string","enum":["CVE_RECORD"]};const schema13 = {"type":"string","pattern":"^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$","default":"5.1.0"};const func0 = require("ajv/dist/runtime/equal").default;const pattern0 = new RegExp("^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$", "u");const schema14 = {"type":"object","required":["cveId","assignerOrgId","state"],"properties":{"cveId":{"$ref":"#/definitions/cveId"},"assignerOrgId":{"$ref":"#/definitions/orgId"},"assignerShortName":{"$ref":"#/definitions/shortName"},"requesterUserId":{"$ref":"#/definitions/userId"},"dateUpdated":{"$ref":"#/definitions/timestamp"},"serial":{"type":"integer","minimum":1},"dateReserved":{"$ref":"#/definitions/timestamp"},"datePublished":{"$ref":"#/definitions/timestamp"},"state":{"type":"string","enum":["PUBLISHED"]}},"additionalProperties":false};const schema15 = {"type":"string","pattern":"^CVE-[0-9]{4}-[0-9]{4,19}$"};const schema16 = {"type":"string","pattern":"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"};const schema17 = {"type":"string","minLength":2,"maxLength":32};const schema19 = {"type":"string","format":"date-time","pattern":"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"};const func5 = Object.prototype.hasOwnProperty;const func6 = require("ajv/dist/runtime/ucs2length").default;const pattern1 = new RegExp("^CVE-[0-9]{4}-[0-9]{4,19}$", "u");const pattern2 = new RegExp("^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$", "u");const pattern4 = new RegExp("^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$", "u");const formats0 = require("ajv-formats/dist/formats").fullFormats["date-time"];function validate11(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if((((data.cveId === undefined) && (missing0 = "cveId")) || ((data.assignerOrgId === undefined) && (missing0 = "assignerOrgId"))) || ((data.state === undefined) && (missing0 = "state"))){validate11.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {const _errs1 = errors;for(const key0 in data){if(!(func5.call(schema14.properties, key0))){validate11.errors = [{instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"}];return false;break;}}if(_errs1 === errors){if(data.cveId !== undefined){let data0 = data.cveId;const _errs2 = errors;const _errs3 = errors;if(errors === _errs3){if(typeof data0 === "string"){if(!pattern1.test(data0)){validate11.errors = [{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/pattern",keyword:"pattern",params:{pattern: "^CVE-[0-9]{4}-[0-9]{4,19}$"},message:"must match pattern \""+"^CVE-[0-9]{4}-[0-9]{4,19}$"+"\""}];return false;}}else {validate11.errors = [{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs2 === errors;}else {var valid0 = true;}if(valid0){if(data.assignerOrgId !== undefined){let data1 = data.assignerOrgId;const _errs5 = errors;const _errs6 = errors;if(errors === _errs6){if(typeof data1 === "string"){if(!pattern2.test(data1)){validate11.errors = [{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/pattern",keyword:"pattern",params:{pattern: "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:"must match pattern \""+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+"\""}];return false;}}else {validate11.errors = [{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs5 === errors;}else {var valid0 = true;}if(valid0){if(data.assignerShortName !== undefined){let data2 = data.assignerShortName;const _errs8 = errors;const _errs9 = errors;if(errors === _errs9){if(typeof data2 === "string"){if(func6(data2) > 32){validate11.errors = [{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/maxLength",keyword:"maxLength",params:{limit: 32},message:"must NOT have more than 32 characters"}];return false;}else {if(func6(data2) < 2){validate11.errors = [{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/minLength",keyword:"minLength",params:{limit: 2},message:"must NOT have fewer than 2 characters"}];return false;}}}else {validate11.errors = [{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs8 === errors;}else {var valid0 = true;}if(valid0){if(data.requesterUserId !== undefined){let data3 = data.requesterUserId;const _errs11 = errors;const _errs12 = errors;if(errors === _errs12){if(typeof data3 === "string"){if(!pattern2.test(data3)){validate11.errors = [{instancePath:instancePath+"/requesterUserId",schemaPath:"#/definitions/userId/pattern",keyword:"pattern",params:{pattern: "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:"must match pattern \""+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+"\""}];return false;}}else {validate11.errors = [{instancePath:instancePath+"/requesterUserId",schemaPath:"#/definitions/userId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs11 === errors;}else {var valid0 = true;}if(valid0){if(data.dateUpdated !== undefined){let data4 = data.dateUpdated;const _errs14 = errors;const _errs15 = errors;if(errors === _errs15){if(errors === _errs15){if(typeof data4 === "string"){if(!pattern4.test(data4)){validate11.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data4))){validate11.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate11.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs14 === errors;}else {var valid0 = true;}if(valid0){if(data.serial !== undefined){let data5 = data.serial;const _errs17 = errors;if(!(((typeof data5 == "number") && (!(data5 % 1) && !isNaN(data5))) && (isFinite(data5)))){validate11.errors = [{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/type",keyword:"type",params:{type: "integer"},message:"must be integer"}];return false;}if(errors === _errs17){if((typeof data5 == "number") && (isFinite(data5))){if(data5 < 1 || isNaN(data5)){validate11.errors = [{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/minimum",keyword:"minimum",params:{comparison: ">=", limit: 1},message:"must be >= 1"}];return false;}}}var valid0 = _errs17 === errors;}else {var valid0 = true;}if(valid0){if(data.dateReserved !== undefined){let data6 = data.dateReserved;const _errs19 = errors;const _errs20 = errors;if(errors === _errs20){if(errors === _errs20){if(typeof data6 === "string"){if(!pattern4.test(data6)){validate11.errors = [{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data6))){validate11.errors = [{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate11.errors = [{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs19 === errors;}else {var valid0 = true;}if(valid0){if(data.datePublished !== undefined){let data7 = data.datePublished;const _errs22 = errors;const _errs23 = errors;if(errors === _errs23){if(errors === _errs23){if(typeof data7 === "string"){if(!pattern4.test(data7)){validate11.errors = [{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data7))){validate11.errors = [{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate11.errors = [{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs22 === errors;}else {var valid0 = true;}if(valid0){if(data.state !== undefined){let data8 = data.state;const _errs25 = errors;if(typeof data8 !== "string"){validate11.errors = [{instancePath:instancePath+"/state",schemaPath:"#/properties/state/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(data8 === "PUBLISHED")){validate11.errors = [{instancePath:instancePath+"/state",schemaPath:"#/properties/state/enum",keyword:"enum",params:{allowedValues: schema14.properties.state.enum},message:"must be equal to one of the allowed values"}];return false;}var valid0 = _errs25 === errors;}else {var valid0 = true;}}}}}}}}}}}}else {validate11.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate11.errors = vErrors;return errors === 0;}const schema22 = {"type":"object","properties":{"providerMetadata":{"$ref":"#/definitions/providerMetadata"},"dateAssigned":{"$ref":"#/definitions/timestamp"},"datePublic":{"$ref":"#/definitions/timestamp"},"title":{"type":"string","minLength":1,"maxLength":256},"descriptions":{"$ref":"#/definitions/descriptions"},"affected":{"$ref":"#/definitions/affected"},"problemTypes":{"$ref":"#/definitions/problemTypes"},"references":{"$ref":"#/definitions/references"},"impacts":{"$ref":"#/definitions/impacts"},"metrics":{"$ref":"#/definitions/metrics"},"configurations":{"$ref":"#/definitions/configurations"},"workarounds":{"$ref":"#/definitions/workarounds"},"solutions":{"$ref":"#/definitions/solutions"},"exploits":{"$ref":"#/definitions/exploits"},"timeline":{"$ref":"#/definitions/timeline"},"credits":{"$ref":"#/definitions/credits"},"source":{"$ref":"#/definitions/source"},"tags":{"$ref":"#/definitions/cnaTags"},"taxonomyMappings":{"$ref":"#/definitions/taxonomyMappings"}},"required":["providerMetadata","descriptions","affected","references"],"patternProperties":{"^x_[^.]*$":{}},"$comment":"The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.","additionalProperties":false};const schema201 = {"type":"object","minProperties":1};const schema204 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["taxonomyName","taxonomyRelations"],"properties":{"taxonomyName":{"type":"string","minLength":1,"maxLength":128},"taxonomyVersion":{"type":"string","minLength":1,"maxLength":128},"taxonomyRelations":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["taxonomyId","relationshipName","relationshipValue"],"properties":{"taxonomyId":{"type":"string","minLength":1,"maxLength":2048},"relationshipName":{"type":"string","minLength":1,"maxLength":128},"relationshipValue":{"type":"string","minLength":1,"maxLength":2048}},"additionalProperties":false}}},"additionalProperties":false}};const pattern7 = new RegExp("^x_[^.]*$", "u");const schema23 = {"type":"object","properties":{"orgId":{"$ref":"#/definitions/orgId"},"shortName":{"$ref":"#/definitions/shortName"},"dateUpdated":{"$ref":"#/definitions/timestamp"}},"required":["orgId"],"additionalProperties":false};function validate14(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if((data.orgId === undefined) && (missing0 = "orgId")){validate14.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {const _errs1 = errors;for(const key0 in data){if(!(((key0 === "orgId") || (key0 === "shortName")) || (key0 === "dateUpdated"))){validate14.errors = [{instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"}];return false;break;}}if(_errs1 === errors){if(data.orgId !== undefined){let data0 = data.orgId;const _errs2 = errors;const _errs3 = errors;if(errors === _errs3){if(typeof data0 === "string"){if(!pattern2.test(data0)){validate14.errors = [{instancePath:instancePath+"/orgId",schemaPath:"#/definitions/orgId/pattern",keyword:"pattern",params:{pattern: "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:"must match pattern \""+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+"\""}];return false;}}else {validate14.errors = [{instancePath:instancePath+"/orgId",schemaPath:"#/definitions/orgId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs2 === errors;}else {var valid0 = true;}if(valid0){if(data.shortName !== undefined){let data1 = data.shortName;const _errs5 = errors;const _errs6 = errors;if(errors === _errs6){if(typeof data1 === "string"){if(func6(data1) > 32){validate14.errors = [{instancePath:instancePath+"/shortName",schemaPath:"#/definitions/shortName/maxLength",keyword:"maxLength",params:{limit: 32},message:"must NOT have more than 32 characters"}];return false;}else {if(func6(data1) < 2){validate14.errors = [{instancePath:instancePath+"/shortName",schemaPath:"#/definitions/shortName/minLength",keyword:"minLength",params:{limit: 2},message:"must NOT have fewer than 2 characters"}];return false;}}}else {validate14.errors = [{instancePath:instancePath+"/shortName",schemaPath:"#/definitions/shortName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs5 === errors;}else {var valid0 = true;}if(valid0){if(data.dateUpdated !== undefined){let data2 = data.dateUpdated;const _errs8 = errors;const _errs9 = errors;if(errors === _errs9){if(errors === _errs9){if(typeof data2 === "string"){if(!pattern4.test(data2)){validate14.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data2))){validate14.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate14.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs8 === errors;}else {var valid0 = true;}}}}}}else {validate14.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate14.errors = vErrors;return errors === 0;}const schema29 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"},"contains":{"$ref":"#/definitions/englishLanguageDescription"}};const schema30 = {"type":"object","properties":{"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","minLength":1,"maxLength":4096},"supportingMedia":{"type":"array","uniqueItems":true,"minItems":1,"items":{"type":"object","properties":{"type":{"type":"string","minLength":1,"maxLength":256,"examples":["text/markdown","text/html","image/png","image/svg","audio/mp3"]},"base64":{"type":"boolean","default":false},"value":{"type":"string","minLength":1,"maxLength":16384}},"required":["type","value"],"additionalProperties":false}}},"required":["lang","value"],"additionalProperties":false};const schema31 = {"type":"string","default":"en","pattern":"^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"};const pattern12 = new RegExp("^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$", "u");function validate17(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if(((data.lang === undefined) && (missing0 = "lang")) || ((data.value === undefined) && (missing0 = "value"))){validate17.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {const _errs1 = errors;for(const key0 in data){if(!(((key0 === "lang") || (key0 === "value")) || (key0 === "supportingMedia"))){validate17.errors = [{instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"}];return false;break;}}if(_errs1 === errors){if(data.lang !== undefined){let data0 = data.lang;const _errs2 = errors;const _errs3 = errors;if(errors === _errs3){if(typeof data0 === "string"){if(!pattern12.test(data0)){validate17.errors = [{instancePath:instancePath+"/lang",schemaPath:"#/definitions/language/pattern",keyword:"pattern",params:{pattern: "^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},message:"must match pattern \""+"^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"+"\""}];return false;}}else {validate17.errors = [{instancePath:instancePath+"/lang",schemaPath:"#/definitions/language/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs2 === errors;}else {var valid0 = true;}if(valid0){if(data.value !== undefined){let data1 = data.value;const _errs5 = errors;if(errors === _errs5){if(typeof data1 === "string"){if(func6(data1) > 4096){validate17.errors = [{instancePath:instancePath+"/value",schemaPath:"#/properties/value/maxLength",keyword:"maxLength",params:{limit: 4096},message:"must NOT have more than 4096 characters"}];return false;}else {if(func6(data1) < 1){validate17.errors = [{instancePath:instancePath+"/value",schemaPath:"#/properties/value/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate17.errors = [{instancePath:instancePath+"/value",schemaPath:"#/properties/value/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs5 === errors;}else {var valid0 = true;}if(valid0){if(data.supportingMedia !== undefined){let data2 = data.supportingMedia;const _errs7 = errors;if(errors === _errs7){if(Array.isArray(data2)){if(data2.length < 1){validate17.errors = [{instancePath:instancePath+"/supportingMedia",schemaPath:"#/properties/supportingMedia/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid2 = true;const len0 = data2.length;for(let i0=0; i0 256){validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0+"/type",schemaPath:"#/properties/supportingMedia/items/properties/type/maxLength",keyword:"maxLength",params:{limit: 256},message:"must NOT have more than 256 characters"}];return false;}else {if(func6(data4) < 1){validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0+"/type",schemaPath:"#/properties/supportingMedia/items/properties/type/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0+"/type",schemaPath:"#/properties/supportingMedia/items/properties/type/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs12 === errors;}else {var valid3 = true;}if(valid3){if(data3.base64 !== undefined){const _errs14 = errors;if(typeof data3.base64 !== "boolean"){validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0+"/base64",schemaPath:"#/properties/supportingMedia/items/properties/base64/type",keyword:"type",params:{type: "boolean"},message:"must be boolean"}];return false;}var valid3 = _errs14 === errors;}else {var valid3 = true;}if(valid3){if(data3.value !== undefined){let data6 = data3.value;const _errs16 = errors;if(errors === _errs16){if(typeof data6 === "string"){if(func6(data6) > 16384){validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0+"/value",schemaPath:"#/properties/supportingMedia/items/properties/value/maxLength",keyword:"maxLength",params:{limit: 16384},message:"must NOT have more than 16384 characters"}];return false;}else {if(func6(data6) < 1){validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0+"/value",schemaPath:"#/properties/supportingMedia/items/properties/value/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0+"/value",schemaPath:"#/properties/supportingMedia/items/properties/value/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs16 === errors;}else {var valid3 = true;}}}}}}else {validate17.errors = [{instancePath:instancePath+"/supportingMedia/" + i0,schemaPath:"#/properties/supportingMedia/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid2 = _errs9 === errors;if(!valid2){break;}}if(valid2){let i1 = data2.length;let j0;if(i1 > 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data2[i1], data2[j0])){validate17.errors = [{instancePath:instancePath+"/supportingMedia",schemaPath:"#/properties/supportingMedia/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate17.errors = [{instancePath:instancePath+"/supportingMedia",schemaPath:"#/properties/supportingMedia/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid0 = _errs7 === errors;}else {var valid0 = true;}}}}}}else {validate17.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate17.errors = vErrors;return errors === 0;}const schema32 = {"type":"object","properties":{"lang":{"$ref":"#/definitions/englishLanguage"}},"required":["lang"],"$comment":"Cannot use additionalProperties: false here, as this prevents the other properties used by /definitions/description."};const schema33 = {"type":"string","pattern":"^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"};const pattern13 = new RegExp("^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$", "u");function validate19(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if((data.lang === undefined) && (missing0 = "lang")){validate19.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {if(data.lang !== undefined){let data0 = data.lang;const _errs3 = errors;if(errors === _errs3){if(typeof data0 === "string"){if(!pattern13.test(data0)){validate19.errors = [{instancePath:instancePath+"/lang",schemaPath:"#/definitions/englishLanguage/pattern",keyword:"pattern",params:{pattern: "^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},message:"must match pattern \""+"^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"+"\""}];return false;}}else {validate19.errors = [{instancePath:instancePath+"/lang",schemaPath:"#/definitions/englishLanguage/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}}}else {validate19.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate19.errors = vErrors;return errors === 0;}function validate16(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate16.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 1){outer0:for(;i2--;){for(j0 = i2; j0--;){if(func0(data[i2], data[j0])){validate16.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i2, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0;}}}}}}}}else {validate16.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate16.errors = vErrors;return errors === 0;}const schema34 = {"type":"array","minItems":1,"items":{"$ref":"#/definitions/product"}};const schema35 = {"type":"object","allOf":[{"anyOf":[{"required":["vendor","product"]},{"required":["collectionURL","packageName"]}]},{"anyOf":[{"required":["versions"]},{"required":["defaultStatus"]}]}],"properties":{"vendor":{"type":"string","minLength":1,"maxLength":512},"product":{"type":"string","minLength":1,"maxLength":2048},"collectionURL":{"$ref":"#/definitions/uriType","examples":["https://access.redhat.com/downloads/content/package-browser","https://addons.mozilla.org","https://addons.thunderbird.net","https://anaconda.org/anaconda/repo","https://app.vagrantup.com/boxes/search","https://apps.apple.com","https://archlinux.org/packages","https://atmospherejs.meteor.com","https://atom.io/packages","https://bitbucket.org","https://bower.io","https://brew.sh/","https://chocolatey.org/packages","https://chrome.google.com/webstore","https://clojars.org","https://cocoapods.org","https://code.dlang.org","https://conan.io/center","https://cpan.org/modules","https://cran.r-project.org","https://crates.io","https://ctan.org/pkg","https://drupal.org","https://exchange.adobe.com","https://forge.puppet.com/modules","https://github.com","https://gitlab.com/explore","https://golang.org/pkg","https://guix.gnu.org/packages","https://hackage.haskell.org","https://helm.sh","https://hub.docker.com","https://juliahub.com","https://lib.haxe.org","https://luarocks.org","https://marketplace.visualstudio.com","https://melpa.org","https://microsoft.com/en-us/store/apps","https://nimble.directory","https://nuget.org/packages","https://opam.ocaml.org/packages","https://openwrt.org/packages/index","https://package.elm-lang.org","https://packagecontrol.io","https://packages.debian.org","https://packages.gentoo.org","https://packagist.org","https://pear.php.net/packages.php","https://pecl.php.net","https://platformio.org/lib","https://play.google.com/store","https://plugins.gradle.org","https://projects.eclipse.org","https://pub.dev","https://pypi.python.org","https://registry.npmjs.org","https://registry.terraform.io","https://repo.hex.pm","https://repo.maven.apache.org/maven2","https://rubygems.org","https://search.nixos.org/packages","https://sourceforge.net","https://wordpress.org/plugins"]},"packageName":{"type":"string","minLength":1,"maxLength":2048},"cpes":{"type":"array","uniqueItems":true,"items":{"type":"string","pattern":"([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})","minLength":1,"maxLength":2048}},"modules":{"type":"array","uniqueItems":true,"items":{"type":"string","minLength":1,"maxLength":4096}},"programFiles":{"type":"array","uniqueItems":true,"items":{"type":"string","minLength":1,"maxLength":1024}},"programRoutines":{"type":"array","uniqueItems":true,"items":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":4096}},"additionalProperties":false}},"platforms":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"string","examples":["iOS","Android","Windows","macOS","x86","ARM","64 bit","Big Endian","iPad","Chromebook","Docker","Model T"],"maxLength":1024}},"repo":{"$ref":"#/definitions/uriType"},"defaultStatus":{"$ref":"#/definitions/status"},"versions":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","oneOf":[{"required":["version","status"],"maxProperties":2},{"required":["version","status","versionType"],"maxProperties":3},{"required":["version","status","versionType","lessThan"]},{"required":["version","status","versionType","lessThanOrEqual"]}],"properties":{"version":{"$ref":"#/definitions/version"},"status":{"$ref":"#/definitions/status"},"versionType":{"type":"string","minLength":1,"maxLength":128,"examples":["custom","git","maven","python","rpm","semver"]},"lessThan":{"$ref":"#/definitions/version"},"lessThanOrEqual":{"$ref":"#/definitions/version"},"changes":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["at","status"],"additionalProperties":false,"properties":{"at":{"$ref":"#/definitions/version"},"status":{"$ref":"#/definitions/status"}}}}},"additionalProperties":false}}}};const schema36 = {"type":"string","format":"uri","minLength":1,"maxLength":2048};const schema38 = {"type":"string","enum":["affected","unaffected","unknown"]};const schema39 = {"type":"string","minLength":1,"maxLength":1024};const formats12 = require("ajv-formats/dist/formats").fullFormats.uri;const pattern14 = new RegExp("([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})", "u");function validate23(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;const _errs1 = errors;const _errs2 = errors;let valid1 = false;const _errs3 = errors;if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if(((data.vendor === undefined) && (missing0 = "vendor")) || ((data.product === undefined) && (missing0 = "product"))){const err0 = {instancePath,schemaPath:"#/allOf/0/anyOf/0/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"};if(vErrors === null){vErrors = [err0];}else {vErrors.push(err0);}errors++;}}var _valid0 = _errs3 === errors;valid1 = valid1 || _valid0;if(!valid1){const _errs4 = errors;if(data && typeof data == "object" && !Array.isArray(data)){let missing1;if(((data.collectionURL === undefined) && (missing1 = "collectionURL")) || ((data.packageName === undefined) && (missing1 = "packageName"))){const err1 = {instancePath,schemaPath:"#/allOf/0/anyOf/1/required",keyword:"required",params:{missingProperty: missing1},message:"must have required property '"+missing1+"'"};if(vErrors === null){vErrors = [err1];}else {vErrors.push(err1);}errors++;}}var _valid0 = _errs4 === errors;valid1 = valid1 || _valid0;}if(!valid1){const err2 = {instancePath,schemaPath:"#/allOf/0/anyOf",keyword:"anyOf",params:{},message:"must match a schema in anyOf"};if(vErrors === null){vErrors = [err2];}else {vErrors.push(err2);}errors++;validate23.errors = vErrors;return false;}else {errors = _errs2;if(vErrors !== null){if(_errs2){vErrors.length = _errs2;}else {vErrors = null;}}}var valid0 = _errs1 === errors;if(valid0){const _errs5 = errors;const _errs6 = errors;let valid2 = false;const _errs7 = errors;if(data && typeof data == "object" && !Array.isArray(data)){let missing2;if((data.versions === undefined) && (missing2 = "versions")){const err3 = {instancePath,schemaPath:"#/allOf/1/anyOf/0/required",keyword:"required",params:{missingProperty: missing2},message:"must have required property '"+missing2+"'"};if(vErrors === null){vErrors = [err3];}else {vErrors.push(err3);}errors++;}}var _valid1 = _errs7 === errors;valid2 = valid2 || _valid1;if(!valid2){const _errs8 = errors;if(data && typeof data == "object" && !Array.isArray(data)){let missing3;if((data.defaultStatus === undefined) && (missing3 = "defaultStatus")){const err4 = {instancePath,schemaPath:"#/allOf/1/anyOf/1/required",keyword:"required",params:{missingProperty: missing3},message:"must have required property '"+missing3+"'"};if(vErrors === null){vErrors = [err4];}else {vErrors.push(err4);}errors++;}}var _valid1 = _errs8 === errors;valid2 = valid2 || _valid1;}if(!valid2){const err5 = {instancePath,schemaPath:"#/allOf/1/anyOf",keyword:"anyOf",params:{},message:"must match a schema in anyOf"};if(vErrors === null){vErrors = [err5];}else {vErrors.push(err5);}errors++;validate23.errors = vErrors;return false;}else {errors = _errs6;if(vErrors !== null){if(_errs6){vErrors.length = _errs6;}else {vErrors = null;}}}var valid0 = _errs5 === errors;}if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){if(data.vendor !== undefined){let data0 = data.vendor;const _errs9 = errors;if(errors === _errs9){if(typeof data0 === "string"){if(func6(data0) > 512){validate23.errors = [{instancePath:instancePath+"/vendor",schemaPath:"#/properties/vendor/maxLength",keyword:"maxLength",params:{limit: 512},message:"must NOT have more than 512 characters"}];return false;}else {if(func6(data0) < 1){validate23.errors = [{instancePath:instancePath+"/vendor",schemaPath:"#/properties/vendor/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/vendor",schemaPath:"#/properties/vendor/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs9 === errors;}else {var valid3 = true;}if(valid3){if(data.product !== undefined){let data1 = data.product;const _errs11 = errors;if(errors === _errs11){if(typeof data1 === "string"){if(func6(data1) > 2048){validate23.errors = [{instancePath:instancePath+"/product",schemaPath:"#/properties/product/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data1) < 1){validate23.errors = [{instancePath:instancePath+"/product",schemaPath:"#/properties/product/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/product",schemaPath:"#/properties/product/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs11 === errors;}else {var valid3 = true;}if(valid3){if(data.collectionURL !== undefined){let data2 = data.collectionURL;const _errs13 = errors;const _errs14 = errors;if(errors === _errs14){if(errors === _errs14){if(typeof data2 === "string"){if(func6(data2) > 2048){validate23.errors = [{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data2) < 1){validate23.errors = [{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}else {if(!(formats12(data2))){validate23.errors = [{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/format",keyword:"format",params:{format: "uri"},message:"must match format \""+"uri"+"\""}];return false;}}}}else {validate23.errors = [{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid3 = _errs13 === errors;}else {var valid3 = true;}if(valid3){if(data.packageName !== undefined){let data3 = data.packageName;const _errs16 = errors;if(errors === _errs16){if(typeof data3 === "string"){if(func6(data3) > 2048){validate23.errors = [{instancePath:instancePath+"/packageName",schemaPath:"#/properties/packageName/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data3) < 1){validate23.errors = [{instancePath:instancePath+"/packageName",schemaPath:"#/properties/packageName/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/packageName",schemaPath:"#/properties/packageName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs16 === errors;}else {var valid3 = true;}if(valid3){if(data.cpes !== undefined){let data4 = data.cpes;const _errs18 = errors;if(errors === _errs18){if(Array.isArray(data4)){var valid5 = true;const len0 = data4.length;for(let i0=0; i0 2048){validate23.errors = [{instancePath:instancePath+"/cpes/" + i0,schemaPath:"#/properties/cpes/items/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data5) < 1){validate23.errors = [{instancePath:instancePath+"/cpes/" + i0,schemaPath:"#/properties/cpes/items/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}else {if(!pattern14.test(data5)){validate23.errors = [{instancePath:instancePath+"/cpes/" + i0,schemaPath:"#/properties/cpes/items/pattern",keyword:"pattern",params:{pattern: "([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})"},message:"must match pattern \""+"([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})"+"\""}];return false;}}}}else {validate23.errors = [{instancePath:instancePath+"/cpes/" + i0,schemaPath:"#/properties/cpes/items/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid5 = _errs20 === errors;if(!valid5){break;}}if(valid5){let i1 = data4.length;let j0;if(i1 > 1){const indices0 = {};for(;i1--;){let item0 = data4[i1];if(typeof item0 !== "string"){continue;}if(typeof indices0[item0] == "number"){j0 = indices0[item0];validate23.errors = [{instancePath:instancePath+"/cpes",schemaPath:"#/properties/cpes/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break;}indices0[item0] = i1;}}}}else {validate23.errors = [{instancePath:instancePath+"/cpes",schemaPath:"#/properties/cpes/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid3 = _errs18 === errors;}else {var valid3 = true;}if(valid3){if(data.modules !== undefined){let data6 = data.modules;const _errs22 = errors;if(errors === _errs22){if(Array.isArray(data6)){var valid7 = true;const len1 = data6.length;for(let i2=0; i2 4096){validate23.errors = [{instancePath:instancePath+"/modules/" + i2,schemaPath:"#/properties/modules/items/maxLength",keyword:"maxLength",params:{limit: 4096},message:"must NOT have more than 4096 characters"}];return false;}else {if(func6(data7) < 1){validate23.errors = [{instancePath:instancePath+"/modules/" + i2,schemaPath:"#/properties/modules/items/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/modules/" + i2,schemaPath:"#/properties/modules/items/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid7 = _errs24 === errors;if(!valid7){break;}}if(valid7){let i3 = data6.length;let j1;if(i3 > 1){const indices1 = {};for(;i3--;){let item1 = data6[i3];if(typeof item1 !== "string"){continue;}if(typeof indices1[item1] == "number"){j1 = indices1[item1];validate23.errors = [{instancePath:instancePath+"/modules",schemaPath:"#/properties/modules/uniqueItems",keyword:"uniqueItems",params:{i: i3, j: j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break;}indices1[item1] = i3;}}}}else {validate23.errors = [{instancePath:instancePath+"/modules",schemaPath:"#/properties/modules/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid3 = _errs22 === errors;}else {var valid3 = true;}if(valid3){if(data.programFiles !== undefined){let data8 = data.programFiles;const _errs26 = errors;if(errors === _errs26){if(Array.isArray(data8)){var valid9 = true;const len2 = data8.length;for(let i4=0; i4 1024){validate23.errors = [{instancePath:instancePath+"/programFiles/" + i4,schemaPath:"#/properties/programFiles/items/maxLength",keyword:"maxLength",params:{limit: 1024},message:"must NOT have more than 1024 characters"}];return false;}else {if(func6(data9) < 1){validate23.errors = [{instancePath:instancePath+"/programFiles/" + i4,schemaPath:"#/properties/programFiles/items/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/programFiles/" + i4,schemaPath:"#/properties/programFiles/items/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid9 = _errs28 === errors;if(!valid9){break;}}if(valid9){let i5 = data8.length;let j2;if(i5 > 1){const indices2 = {};for(;i5--;){let item2 = data8[i5];if(typeof item2 !== "string"){continue;}if(typeof indices2[item2] == "number"){j2 = indices2[item2];validate23.errors = [{instancePath:instancePath+"/programFiles",schemaPath:"#/properties/programFiles/uniqueItems",keyword:"uniqueItems",params:{i: i5, j: j2},message:"must NOT have duplicate items (items ## "+j2+" and "+i5+" are identical)"}];return false;break;}indices2[item2] = i5;}}}}else {validate23.errors = [{instancePath:instancePath+"/programFiles",schemaPath:"#/properties/programFiles/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid3 = _errs26 === errors;}else {var valid3 = true;}if(valid3){if(data.programRoutines !== undefined){let data10 = data.programRoutines;const _errs30 = errors;if(errors === _errs30){if(Array.isArray(data10)){var valid11 = true;const len3 = data10.length;for(let i6=0; i6 4096){validate23.errors = [{instancePath:instancePath+"/programRoutines/" + i6+"/name",schemaPath:"#/properties/programRoutines/items/properties/name/maxLength",keyword:"maxLength",params:{limit: 4096},message:"must NOT have more than 4096 characters"}];return false;}else {if(func6(data12) < 1){validate23.errors = [{instancePath:instancePath+"/programRoutines/" + i6+"/name",schemaPath:"#/properties/programRoutines/items/properties/name/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/programRoutines/" + i6+"/name",schemaPath:"#/properties/programRoutines/items/properties/name/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}}}}else {validate23.errors = [{instancePath:instancePath+"/programRoutines/" + i6,schemaPath:"#/properties/programRoutines/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid11 = _errs32 === errors;if(!valid11){break;}}if(valid11){let i7 = data10.length;let j3;if(i7 > 1){outer0:for(;i7--;){for(j3 = i7; j3--;){if(func0(data10[i7], data10[j3])){validate23.errors = [{instancePath:instancePath+"/programRoutines",schemaPath:"#/properties/programRoutines/uniqueItems",keyword:"uniqueItems",params:{i: i7, j: j3},message:"must NOT have duplicate items (items ## "+j3+" and "+i7+" are identical)"}];return false;break outer0;}}}}}}else {validate23.errors = [{instancePath:instancePath+"/programRoutines",schemaPath:"#/properties/programRoutines/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid3 = _errs30 === errors;}else {var valid3 = true;}if(valid3){if(data.platforms !== undefined){let data13 = data.platforms;const _errs37 = errors;if(errors === _errs37){if(Array.isArray(data13)){if(data13.length < 1){validate23.errors = [{instancePath:instancePath+"/platforms",schemaPath:"#/properties/platforms/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid14 = true;const len4 = data13.length;for(let i8=0; i8 1024){validate23.errors = [{instancePath:instancePath+"/platforms/" + i8,schemaPath:"#/properties/platforms/items/maxLength",keyword:"maxLength",params:{limit: 1024},message:"must NOT have more than 1024 characters"}];return false;}}else {validate23.errors = [{instancePath:instancePath+"/platforms/" + i8,schemaPath:"#/properties/platforms/items/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid14 = _errs39 === errors;if(!valid14){break;}}if(valid14){let i9 = data13.length;let j4;if(i9 > 1){const indices3 = {};for(;i9--;){let item3 = data13[i9];if(typeof item3 !== "string"){continue;}if(typeof indices3[item3] == "number"){j4 = indices3[item3];validate23.errors = [{instancePath:instancePath+"/platforms",schemaPath:"#/properties/platforms/uniqueItems",keyword:"uniqueItems",params:{i: i9, j: j4},message:"must NOT have duplicate items (items ## "+j4+" and "+i9+" are identical)"}];return false;break;}indices3[item3] = i9;}}}}}else {validate23.errors = [{instancePath:instancePath+"/platforms",schemaPath:"#/properties/platforms/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid3 = _errs37 === errors;}else {var valid3 = true;}if(valid3){if(data.repo !== undefined){let data15 = data.repo;const _errs41 = errors;const _errs42 = errors;if(errors === _errs42){if(errors === _errs42){if(typeof data15 === "string"){if(func6(data15) > 2048){validate23.errors = [{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data15) < 1){validate23.errors = [{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}else {if(!(formats12(data15))){validate23.errors = [{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/format",keyword:"format",params:{format: "uri"},message:"must match format \""+"uri"+"\""}];return false;}}}}else {validate23.errors = [{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid3 = _errs41 === errors;}else {var valid3 = true;}if(valid3){if(data.defaultStatus !== undefined){let data16 = data.defaultStatus;const _errs44 = errors;if(typeof data16 !== "string"){validate23.errors = [{instancePath:instancePath+"/defaultStatus",schemaPath:"#/definitions/status/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data16 === "affected") || (data16 === "unaffected")) || (data16 === "unknown"))){validate23.errors = [{instancePath:instancePath+"/defaultStatus",schemaPath:"#/definitions/status/enum",keyword:"enum",params:{allowedValues: schema38.enum},message:"must be equal to one of the allowed values"}];return false;}var valid3 = _errs44 === errors;}else {var valid3 = true;}if(valid3){if(data.versions !== undefined){let data17 = data.versions;const _errs47 = errors;if(errors === _errs47){if(Array.isArray(data17)){if(data17.length < 1){validate23.errors = [{instancePath:instancePath+"/versions",schemaPath:"#/properties/versions/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid18 = true;const len5 = data17.length;for(let i10=0; i10 2){const err6 = {instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/oneOf/0/maxProperties",keyword:"maxProperties",params:{limit: 2},message:"must NOT have more than 2 items"};if(vErrors === null){vErrors = [err6];}else {vErrors.push(err6);}errors++;}else {let missing5;if(((data18.version === undefined) && (missing5 = "version")) || ((data18.status === undefined) && (missing5 = "status"))){const err7 = {instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/oneOf/0/required",keyword:"required",params:{missingProperty: missing5},message:"must have required property '"+missing5+"'"};if(vErrors === null){vErrors = [err7];}else {vErrors.push(err7);}errors++;}}}var _valid2 = _errs52 === errors;if(_valid2){valid19 = true;passing0 = 0;}const _errs53 = errors;if(data18 && typeof data18 == "object" && !Array.isArray(data18)){if(Object.keys(data18).length > 3){const err8 = {instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/oneOf/1/maxProperties",keyword:"maxProperties",params:{limit: 3},message:"must NOT have more than 3 items"};if(vErrors === null){vErrors = [err8];}else {vErrors.push(err8);}errors++;}else {let missing6;if((((data18.version === undefined) && (missing6 = "version")) || ((data18.status === undefined) && (missing6 = "status"))) || ((data18.versionType === undefined) && (missing6 = "versionType"))){const err9 = {instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/oneOf/1/required",keyword:"required",params:{missingProperty: missing6},message:"must have required property '"+missing6+"'"};if(vErrors === null){vErrors = [err9];}else {vErrors.push(err9);}errors++;}}}var _valid2 = _errs53 === errors;if(_valid2 && valid19){valid19 = false;passing0 = [passing0, 1];}else {if(_valid2){valid19 = true;passing0 = 1;}const _errs54 = errors;if(data18 && typeof data18 == "object" && !Array.isArray(data18)){let missing7;if(((((data18.version === undefined) && (missing7 = "version")) || ((data18.status === undefined) && (missing7 = "status"))) || ((data18.versionType === undefined) && (missing7 = "versionType"))) || ((data18.lessThan === undefined) && (missing7 = "lessThan"))){const err10 = {instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/oneOf/2/required",keyword:"required",params:{missingProperty: missing7},message:"must have required property '"+missing7+"'"};if(vErrors === null){vErrors = [err10];}else {vErrors.push(err10);}errors++;}}var _valid2 = _errs54 === errors;if(_valid2 && valid19){valid19 = false;passing0 = [passing0, 2];}else {if(_valid2){valid19 = true;passing0 = 2;}const _errs55 = errors;if(data18 && typeof data18 == "object" && !Array.isArray(data18)){let missing8;if(((((data18.version === undefined) && (missing8 = "version")) || ((data18.status === undefined) && (missing8 = "status"))) || ((data18.versionType === undefined) && (missing8 = "versionType"))) || ((data18.lessThanOrEqual === undefined) && (missing8 = "lessThanOrEqual"))){const err11 = {instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/oneOf/3/required",keyword:"required",params:{missingProperty: missing8},message:"must have required property '"+missing8+"'"};if(vErrors === null){vErrors = [err11];}else {vErrors.push(err11);}errors++;}}var _valid2 = _errs55 === errors;if(_valid2 && valid19){valid19 = false;passing0 = [passing0, 3];}else {if(_valid2){valid19 = true;passing0 = 3;}}}}if(!valid19){const err12 = {instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/oneOf",keyword:"oneOf",params:{passingSchemas: passing0},message:"must match exactly one schema in oneOf"};if(vErrors === null){vErrors = [err12];}else {vErrors.push(err12);}errors++;validate23.errors = vErrors;return false;}else {errors = _errs51;if(vErrors !== null){if(_errs51){vErrors.length = _errs51;}else {vErrors = null;}}}if(errors === _errs49){if(data18 && typeof data18 == "object" && !Array.isArray(data18)){const _errs56 = errors;for(const key1 in data18){if(!((((((key1 === "version") || (key1 === "status")) || (key1 === "versionType")) || (key1 === "lessThan")) || (key1 === "lessThanOrEqual")) || (key1 === "changes"))){validate23.errors = [{instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key1},message:"must NOT have additional properties"}];return false;break;}}if(_errs56 === errors){if(data18.version !== undefined){let data19 = data18.version;const _errs57 = errors;const _errs58 = errors;if(errors === _errs58){if(typeof data19 === "string"){if(func6(data19) > 1024){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/version",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit: 1024},message:"must NOT have more than 1024 characters"}];return false;}else {if(func6(data19) < 1){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/version",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/version",schemaPath:"#/definitions/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid20 = _errs57 === errors;}else {var valid20 = true;}if(valid20){if(data18.status !== undefined){let data20 = data18.status;const _errs60 = errors;if(typeof data20 !== "string"){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/status",schemaPath:"#/definitions/status/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data20 === "affected") || (data20 === "unaffected")) || (data20 === "unknown"))){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/status",schemaPath:"#/definitions/status/enum",keyword:"enum",params:{allowedValues: schema38.enum},message:"must be equal to one of the allowed values"}];return false;}var valid20 = _errs60 === errors;}else {var valid20 = true;}if(valid20){if(data18.versionType !== undefined){let data21 = data18.versionType;const _errs63 = errors;if(errors === _errs63){if(typeof data21 === "string"){if(func6(data21) > 128){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/versionType",schemaPath:"#/properties/versions/items/properties/versionType/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data21) < 1){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/versionType",schemaPath:"#/properties/versions/items/properties/versionType/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/versionType",schemaPath:"#/properties/versions/items/properties/versionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid20 = _errs63 === errors;}else {var valid20 = true;}if(valid20){if(data18.lessThan !== undefined){let data22 = data18.lessThan;const _errs65 = errors;const _errs66 = errors;if(errors === _errs66){if(typeof data22 === "string"){if(func6(data22) > 1024){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/lessThan",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit: 1024},message:"must NOT have more than 1024 characters"}];return false;}else {if(func6(data22) < 1){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/lessThan",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/lessThan",schemaPath:"#/definitions/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid20 = _errs65 === errors;}else {var valid20 = true;}if(valid20){if(data18.lessThanOrEqual !== undefined){let data23 = data18.lessThanOrEqual;const _errs68 = errors;const _errs69 = errors;if(errors === _errs69){if(typeof data23 === "string"){if(func6(data23) > 1024){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/lessThanOrEqual",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit: 1024},message:"must NOT have more than 1024 characters"}];return false;}else {if(func6(data23) < 1){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/lessThanOrEqual",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/lessThanOrEqual",schemaPath:"#/definitions/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid20 = _errs68 === errors;}else {var valid20 = true;}if(valid20){if(data18.changes !== undefined){let data24 = data18.changes;const _errs71 = errors;if(errors === _errs71){if(Array.isArray(data24)){if(data24.length < 1){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes",schemaPath:"#/properties/versions/items/properties/changes/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid25 = true;const len6 = data24.length;for(let i11=0; i11 1024){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes/" + i11+"/at",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit: 1024},message:"must NOT have more than 1024 characters"}];return false;}else {if(func6(data26) < 1){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes/" + i11+"/at",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes/" + i11+"/at",schemaPath:"#/definitions/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid26 = _errs76 === errors;}else {var valid26 = true;}if(valid26){if(data25.status !== undefined){let data27 = data25.status;const _errs79 = errors;if(typeof data27 !== "string"){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes/" + i11+"/status",schemaPath:"#/definitions/status/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data27 === "affected") || (data27 === "unaffected")) || (data27 === "unknown"))){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes/" + i11+"/status",schemaPath:"#/definitions/status/enum",keyword:"enum",params:{allowedValues: schema38.enum},message:"must be equal to one of the allowed values"}];return false;}var valid26 = _errs79 === errors;}else {var valid26 = true;}}}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes/" + i11,schemaPath:"#/properties/versions/items/properties/changes/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid25 = _errs73 === errors;if(!valid25){break;}}if(valid25){let i12 = data24.length;let j5;if(i12 > 1){outer1:for(;i12--;){for(j5 = i12; j5--;){if(func0(data24[i12], data24[j5])){validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes",schemaPath:"#/properties/versions/items/properties/changes/uniqueItems",keyword:"uniqueItems",params:{i: i12, j: j5},message:"must NOT have duplicate items (items ## "+j5+" and "+i12+" are identical)"}];return false;break outer1;}}}}}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10+"/changes",schemaPath:"#/properties/versions/items/properties/changes/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid20 = _errs71 === errors;}else {var valid20 = true;}}}}}}}}else {validate23.errors = [{instancePath:instancePath+"/versions/" + i10,schemaPath:"#/properties/versions/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid18 = _errs49 === errors;if(!valid18){break;}}if(valid18){let i13 = data17.length;let j6;if(i13 > 1){outer2:for(;i13--;){for(j6 = i13; j6--;){if(func0(data17[i13], data17[j6])){validate23.errors = [{instancePath:instancePath+"/versions",schemaPath:"#/properties/versions/uniqueItems",keyword:"uniqueItems",params:{i: i13, j: j6},message:"must NOT have duplicate items (items ## "+j6+" and "+i13+" are identical)"}];return false;break outer2;}}}}}}}else {validate23.errors = [{instancePath:instancePath+"/versions",schemaPath:"#/properties/versions/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid3 = _errs47 === errors;}else {var valid3 = true;}}}}}}}}}}}}}else {validate23.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate23.errors = vErrors;return errors === 0;}function validate22(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate22.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 2048){validate28.errors = [{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data0) < 1){validate28.errors = [{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}else {if(!(formats12(data0))){validate28.errors = [{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/format",keyword:"format",params:{format: "uri"},message:"must match format \""+"uri"+"\""}];return false;}}}}else {validate28.errors = [{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs2 === errors;}else {var valid0 = true;}if(valid0){if(data.name !== undefined){let data1 = data.name;const _errs5 = errors;if(errors === _errs5){if(typeof data1 === "string"){if(func6(data1) > 512){validate28.errors = [{instancePath:instancePath+"/name",schemaPath:"#/properties/name/maxLength",keyword:"maxLength",params:{limit: 512},message:"must NOT have more than 512 characters"}];return false;}else {if(func6(data1) < 1){validate28.errors = [{instancePath:instancePath+"/name",schemaPath:"#/properties/name/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate28.errors = [{instancePath:instancePath+"/name",schemaPath:"#/properties/name/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs5 === errors;}else {var valid0 = true;}if(valid0){if(data.tags !== undefined){let data2 = data.tags;const _errs7 = errors;if(errors === _errs7){if(Array.isArray(data2)){if(data2.length < 1){validate28.errors = [{instancePath:instancePath+"/tags",schemaPath:"#/properties/tags/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid2 = true;const len0 = data2.length;for(let i0=0; i0 128){const err0 = {instancePath:instancePath+"/tags/" + i0,schemaPath:"#/definitions/tagExtension/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"};if(vErrors === null){vErrors = [err0];}else {vErrors.push(err0);}errors++;}else {if(func6(data3) < 2){const err1 = {instancePath:instancePath+"/tags/" + i0,schemaPath:"#/definitions/tagExtension/minLength",keyword:"minLength",params:{limit: 2},message:"must NOT have fewer than 2 characters"};if(vErrors === null){vErrors = [err1];}else {vErrors.push(err1);}errors++;}else {if(!pattern17.test(data3)){const err2 = {instancePath:instancePath+"/tags/" + i0,schemaPath:"#/definitions/tagExtension/pattern",keyword:"pattern",params:{pattern: "^x_.*$"},message:"must match pattern \""+"^x_.*$"+"\""};if(vErrors === null){vErrors = [err2];}else {vErrors.push(err2);}errors++;}}}}else {const err3 = {instancePath:instancePath+"/tags/" + i0,schemaPath:"#/definitions/tagExtension/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err3];}else {vErrors.push(err3);}errors++;}}var _valid0 = _errs11 === errors;if(_valid0){valid3 = true;passing0 = 0;}const _errs15 = errors;if(typeof data3 !== "string"){const err4 = {instancePath:instancePath+"/tags/" + i0,schemaPath:"#/properties/tags/items/oneOf/1/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err4];}else {vErrors.push(err4);}errors++;}if(!(((((((((((((((((((data3 === "broken-link") || (data3 === "customer-entitlement")) || (data3 === "exploit")) || (data3 === "government-resource")) || (data3 === "issue-tracking")) || (data3 === "mailing-list")) || (data3 === "mitigation")) || (data3 === "not-applicable")) || (data3 === "patch")) || (data3 === "permissions-required")) || (data3 === "media-coverage")) || (data3 === "product")) || (data3 === "related")) || (data3 === "release-notes")) || (data3 === "signature")) || (data3 === "technical-description")) || (data3 === "third-party-advisory")) || (data3 === "vendor-advisory")) || (data3 === "vdb-entry"))){const err5 = {instancePath:instancePath+"/tags/" + i0,schemaPath:"#/properties/tags/items/oneOf/1/enum",keyword:"enum",params:{allowedValues: schema48.properties.tags.items.oneOf[1].enum},message:"must be equal to one of the allowed values"};if(vErrors === null){vErrors = [err5];}else {vErrors.push(err5);}errors++;}var _valid0 = _errs15 === errors;if(_valid0 && valid3){valid3 = false;passing0 = [passing0, 1];}else {if(_valid0){valid3 = true;passing0 = 1;}}if(!valid3){const err6 = {instancePath:instancePath+"/tags/" + i0,schemaPath:"#/properties/tags/items/oneOf",keyword:"oneOf",params:{passingSchemas: passing0},message:"must match exactly one schema in oneOf"};if(vErrors === null){vErrors = [err6];}else {vErrors.push(err6);}errors++;validate28.errors = vErrors;return false;}else {errors = _errs10;if(vErrors !== null){if(_errs10){vErrors.length = _errs10;}else {vErrors = null;}}}var valid2 = _errs9 === errors;if(!valid2){break;}}if(valid2){let i1 = data2.length;let j0;if(i1 > 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data2[i1], data2[j0])){validate28.errors = [{instancePath:instancePath+"/tags",schemaPath:"#/properties/tags/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate28.errors = [{instancePath:instancePath+"/tags",schemaPath:"#/properties/tags/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid0 = _errs7 === errors;}else {var valid0 = true;}}}}}}else {validate28.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate28.errors = vErrors;return errors === 0;}function validate27(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length > 512){validate27.errors = [{instancePath,schemaPath:"#/maxItems",keyword:"maxItems",params:{limit: 512},message:"must NOT have more than 512 items"}];return false;}else {if(data.length < 1){validate27.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate27.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}}else {validate27.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate27.errors = vErrors;return errors === 0;}function validate26(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate26.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 4096){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/description",schemaPath:"#/items/properties/descriptions/items/properties/description/maxLength",keyword:"maxLength",params:{limit: 4096},message:"must NOT have more than 4096 characters"}];return false;}else {if(func6(data4) < 1){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/description",schemaPath:"#/items/properties/descriptions/items/properties/description/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/description",schemaPath:"#/items/properties/descriptions/items/properties/description/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs12 === errors;}else {var valid3 = true;}if(valid3){if(data2.cweId !== undefined){let data5 = data2.cweId;const _errs14 = errors;if(errors === _errs14){if(typeof data5 === "string"){if(func6(data5) > 9){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/maxLength",keyword:"maxLength",params:{limit: 9},message:"must NOT have more than 9 characters"}];return false;}else {if(func6(data5) < 5){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/minLength",keyword:"minLength",params:{limit: 5},message:"must NOT have fewer than 5 characters"}];return false;}else {if(!pattern16.test(data5)){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/pattern",keyword:"pattern",params:{pattern: "^CWE-[1-9][0-9]*$"},message:"must match pattern \""+"^CWE-[1-9][0-9]*$"+"\""}];return false;}}}}else {validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs14 === errors;}else {var valid3 = true;}if(valid3){if(data2.type !== undefined){let data6 = data2.type;const _errs16 = errors;if(errors === _errs16){if(typeof data6 === "string"){if(func6(data6) > 128){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/type",schemaPath:"#/items/properties/descriptions/items/properties/type/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data6) < 1){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/type",schemaPath:"#/items/properties/descriptions/items/properties/type/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/type",schemaPath:"#/items/properties/descriptions/items/properties/type/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid3 = _errs16 === errors;}else {var valid3 = true;}if(valid3){if(data2.references !== undefined){const _errs18 = errors;if(!(validate27(data2.references, {instancePath:instancePath+"/" + i0+"/descriptions/" + i1+"/references",parentData:data2,parentDataProperty:"references",rootData}))){vErrors = vErrors === null ? validate27.errors : vErrors.concat(validate27.errors);errors = vErrors.length;}var valid3 = _errs18 === errors;}else {var valid3 = true;}}}}}}}}else {validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions/" + i1,schemaPath:"#/items/properties/descriptions/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid2 = _errs6 === errors;if(!valid2){break;}}if(valid2){let i2 = data1.length;let j0;if(i2 > 1){outer0:for(;i2--;){for(j0 = i2; j0--;){if(func0(data1[i2], data1[j0])){validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions",schemaPath:"#/items/properties/descriptions/uniqueItems",keyword:"uniqueItems",params:{i: i2, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0;}}}}}}}else {validate26.errors = [{instancePath:instancePath+"/" + i0+"/descriptions",schemaPath:"#/items/properties/descriptions/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}}}}}else {validate26.errors = [{instancePath:instancePath+"/" + i0,schemaPath:"#/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid0 = _errs1 === errors;if(!valid0){break;}}if(valid0){let i3 = data.length;let j1;if(i3 > 1){outer1:for(;i3--;){for(j1 = i3; j1--;){if(func0(data[i3], data[j1])){validate26.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i3, j: j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1;}}}}}}}else {validate26.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate26.errors = vErrors;return errors === 0;}const schema51 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["descriptions"],"properties":{"capecId":{"type":"string","minLength":7,"maxLength":11,"pattern":"^CAPEC-[1-9][0-9]{0,4}$"},"descriptions":{"$ref":"#/definitions/descriptions"}},"additionalProperties":false}};const pattern18 = new RegExp("^CAPEC-[1-9][0-9]{0,4}$", "u");function validate33(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate33.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 11){validate33.errors = [{instancePath:instancePath+"/" + i0+"/capecId",schemaPath:"#/items/properties/capecId/maxLength",keyword:"maxLength",params:{limit: 11},message:"must NOT have more than 11 characters"}];return false;}else {if(func6(data1) < 7){validate33.errors = [{instancePath:instancePath+"/" + i0+"/capecId",schemaPath:"#/items/properties/capecId/minLength",keyword:"minLength",params:{limit: 7},message:"must NOT have fewer than 7 characters"}];return false;}else {if(!pattern18.test(data1)){validate33.errors = [{instancePath:instancePath+"/" + i0+"/capecId",schemaPath:"#/items/properties/capecId/pattern",keyword:"pattern",params:{pattern: "^CAPEC-[1-9][0-9]{0,4}$"},message:"must match pattern \""+"^CAPEC-[1-9][0-9]{0,4}$"+"\""}];return false;}}}}else {validate33.errors = [{instancePath:instancePath+"/" + i0+"/capecId",schemaPath:"#/items/properties/capecId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid1 = _errs4 === errors;}else {var valid1 = true;}if(valid1){if(data0.descriptions !== undefined){const _errs6 = errors;if(!(validate16(data0.descriptions, {instancePath:instancePath+"/" + i0+"/descriptions",parentData:data0,parentDataProperty:"descriptions",rootData}))){vErrors = vErrors === null ? validate16.errors : vErrors.concat(validate16.errors);errors = vErrors.length;}var valid1 = _errs6 === errors;}else {var valid1 = true;}}}}}else {validate33.errors = [{instancePath:instancePath+"/" + i0,schemaPath:"#/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid0 = _errs1 === errors;if(!valid0){break;}}if(valid0){let i1 = data.length;let j0;if(i1 > 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate33.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate33.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate33.errors = vErrors;return errors === 0;}const schema52 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","anyOf":[{"required":["cvssV4_0"]},{"required":["cvssV3_1"]},{"required":["cvssV3_0"]},{"required":["cvssV2_0"]},{"required":["other"]}],"properties":{"format":{"type":"string","minLength":1,"maxLength":64},"scenarios":{"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","properties":{"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","default":"GENERAL","minLength":1,"maxLength":4096}},"required":["lang","value"],"additionalProperties":false}},"cvssV4_0":{"$schema":"http://json-schema.org/draft-07/schema#","type":"object","definitions":{"attackVectorType":{"type":"string","enum":["NETWORK","ADJACENT","LOCAL","PHYSICAL"]},"modifiedAttackVectorType":{"type":"string","enum":["NETWORK","ADJACENT","LOCAL","PHYSICAL","NOT_DEFINED"],"default":"NOT_DEFINED"},"attackComplexityType":{"type":"string","enum":["HIGH","LOW"]},"modifiedAttackComplexityType":{"type":"string","enum":["HIGH","LOW","NOT_DEFINED"],"default":"NOT_DEFINED"},"attackRequirementsType":{"type":"string","enum":["NONE","PRESENT"]},"modifiedAttackRequirementsType":{"type":"string","enum":["NONE","PRESENT","NOT_DEFINED"],"default":"NOT_DEFINED"},"privilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE"]},"modifiedPrivilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"],"default":"NOT_DEFINED"},"userInteractionType":{"type":"string","enum":["NONE","PASSIVE","ACTIVE"]},"modifiedUserInteractionType":{"type":"string","enum":["NONE","PASSIVE","ACTIVE","NOT_DEFINED"],"default":"NOT_DEFINED"},"vulnCiaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedVulnCiaType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"subCiaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedSubCType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"modifiedSubIaType":{"type":"string","enum":["NONE","LOW","HIGH","SAFETY","NOT_DEFINED"],"default":"NOT_DEFINED"},"exploitMaturityType":{"type":"string","enum":["UNREPORTED","PROOF_OF_CONCEPT","ATTACKED","NOT_DEFINED"],"default":"NOT_DEFINED"},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"safetyType":{"type":"string","enum":["NEGLIGIBLE","PRESENT","NOT_DEFINED"],"default":"NOT_DEFINED"},"automatableType":{"type":"string","enum":["NO","YES","NOT_DEFINED"],"default":"NOT_DEFINED"},"recoveryType":{"type":"string","enum":["AUTOMATIC","USER","IRRECOVERABLE","NOT_DEFINED"],"default":"NOT_DEFINED"},"valueDensityType":{"type":"string","enum":["DIFFUSE","CONCENTRATED","NOT_DEFINED"],"default":"NOT_DEFINED"},"vulnerabilityResponseEffortType":{"type":"string","enum":["LOW","MODERATE","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"},"providerUrgencyType":{"type":"string","enum":["CLEAR","GREEN","AMBER","RED","NOT_DEFINED"],"default":"NOT_DEFINED"},"scoreType":{"type":"number","minimum":0,"maximum":10,"multipleOf":0.1},"noneScoreType":{"type":"number","minimum":0,"maximum":0},"lowScoreType":{"type":"number","minimum":0.1,"maximum":3.9,"multipleOf":0.1},"mediumScoreType":{"type":"number","minimum":4,"maximum":6.9,"multipleOf":0.1},"highScoreType":{"type":"number","minimum":7,"maximum":8.9,"multipleOf":0.1},"criticalScoreType":{"type":"number","minimum":9,"maximum":10,"multipleOf":0.1},"severityType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]},"noneSeverityType":{"const":"NONE"},"lowSeverityType":{"const":"LOW"},"mediumSeverityType":{"const":"MEDIUM"},"highSeverityType":{"const":"HIGH"},"criticalSeverityType":{"const":"CRITICAL"}},"properties":{"version":{"type":"string","enum":["4.0"]},"vectorString":{"type":"string","pattern":"^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType"},"attackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType"},"attackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType"},"attackRequirements":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType"},"privilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType"},"userInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType"},"vulnConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"},"vulnIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"},"vulnAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType"},"subConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"},"subIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"},"subAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType"},"exploitMaturity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType"},"modifiedAttackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType"},"modifiedAttackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType"},"modifiedAttackRequirements":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType"},"modifiedPrivilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType"},"modifiedUserInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType"},"modifiedVulnConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"},"modifiedVulnIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"},"modifiedVulnAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType"},"modifiedSubConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType"},"modifiedSubIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType"},"modifiedSubAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType"},"Safety":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType"},"Automatable":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType"},"Recovery":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType"},"valueDensity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType"},"vulnerabilityResponseEffort":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType"},"providerUrgency":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType"}},"allOf":[{"anyOf":[{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType"}}},{"properties":{"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType"}}}]},{"anyOf":[{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType"}}},{"properties":{"threatScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType"},"threatSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType"}}}]},{"anyOf":[{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType"}}},{"properties":{"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType"}}}]}],"required":["version","vectorString","baseScore","baseSeverity"],"additionalProperties":false},"cvssV3_1":{"$schema":"http://json-schema.org/draft-07/schema#","type":"object","definitions":{"attackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},"modifiedAttackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},"attackComplexityType":{"type":"string","enum":["HIGH","LOW"]},"modifiedAttackComplexityType":{"type":"string","enum":["HIGH","LOW","NOT_DEFINED"]},"privilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE"]},"modifiedPrivilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"]},"userInteractionType":{"type":"string","enum":["NONE","REQUIRED"]},"modifiedUserInteractionType":{"type":"string","enum":["NONE","REQUIRED","NOT_DEFINED"]},"scopeType":{"type":"string","enum":["UNCHANGED","CHANGED"]},"modifiedScopeType":{"type":"string","enum":["UNCHANGED","CHANGED","NOT_DEFINED"]},"ciaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedCiaType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"]},"exploitCodeMaturityType":{"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},"remediationLevelType":{"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},"confidenceType":{"type":"string","enum":["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]},"scoreType":{"type":"number","minimum":0,"maximum":10},"severityType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},"properties":{"version":{"type":"string","enum":["3.1"]},"vectorString":{"type":"string","pattern":"^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},"attackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType"},"attackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType"},"privilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType"},"userInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType"},"scope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType"},"confidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},"integrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},"availabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},"exploitCodeMaturity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType"},"remediationLevel":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType"},"reportConfidence":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType"},"temporalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},"temporalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},"modifiedAttackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType"},"modifiedAttackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType"},"modifiedPrivilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType"},"modifiedUserInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType"},"modifiedScope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType"},"modifiedConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},"modifiedIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},"modifiedAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"}},"required":["version","vectorString","baseScore","baseSeverity"],"additionalProperties":false},"cvssV3_0":{"$schema":"http://json-schema.org/draft-04/schema#","type":"object","definitions":{"attackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},"modifiedAttackVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},"attackComplexityType":{"type":"string","enum":["HIGH","LOW"]},"modifiedAttackComplexityType":{"type":"string","enum":["HIGH","LOW","NOT_DEFINED"]},"privilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE"]},"modifiedPrivilegesRequiredType":{"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"]},"userInteractionType":{"type":"string","enum":["NONE","REQUIRED"]},"modifiedUserInteractionType":{"type":"string","enum":["NONE","REQUIRED","NOT_DEFINED"]},"scopeType":{"type":"string","enum":["UNCHANGED","CHANGED"]},"modifiedScopeType":{"type":"string","enum":["UNCHANGED","CHANGED","NOT_DEFINED"]},"ciaType":{"type":"string","enum":["NONE","LOW","HIGH"]},"modifiedCiaType":{"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"]},"exploitCodeMaturityType":{"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},"remediationLevelType":{"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},"confidenceType":{"type":"string","enum":["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]},"scoreType":{"type":"number","minimum":0,"maximum":10},"severityType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},"properties":{"version":{"type":"string","enum":["3.0"]},"vectorString":{"type":"string","pattern":"^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},"attackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType"},"attackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType"},"privilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType"},"userInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType"},"scope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType"},"confidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},"integrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},"availabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},"baseSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},"exploitCodeMaturity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType"},"remediationLevel":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType"},"reportConfidence":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType"},"temporalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},"temporalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},"modifiedAttackVector":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType"},"modifiedAttackComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType"},"modifiedPrivilegesRequired":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType"},"modifiedUserInteraction":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType"},"modifiedScope":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType"},"modifiedConfidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},"modifiedIntegrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},"modifiedAvailabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},"environmentalSeverity":{"$ref":"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"}},"required":["version","vectorString","baseScore","baseSeverity"],"additionalProperties":false},"cvssV2_0":{"$schema":"http://json-schema.org/draft-04/schema#","type":"object","definitions":{"accessVectorType":{"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL"]},"accessComplexityType":{"type":"string","enum":["HIGH","MEDIUM","LOW"]},"authenticationType":{"type":"string","enum":["MULTIPLE","SINGLE","NONE"]},"ciaType":{"type":"string","enum":["NONE","PARTIAL","COMPLETE"]},"exploitabilityType":{"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},"remediationLevelType":{"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},"reportConfidenceType":{"type":"string","enum":["UNCONFIRMED","UNCORROBORATED","CONFIRMED","NOT_DEFINED"]},"collateralDamagePotentialType":{"type":"string","enum":["NONE","LOW","LOW_MEDIUM","MEDIUM_HIGH","HIGH","NOT_DEFINED"]},"targetDistributionType":{"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","NOT_DEFINED"]},"ciaRequirementType":{"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]},"scoreType":{"type":"number","minimum":0,"maximum":10}},"properties":{"version":{"type":"string","enum":["2.0"]},"vectorString":{"type":"string","pattern":"^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"},"accessVector":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType"},"accessComplexity":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType"},"authentication":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType"},"confidentialityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},"integrityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},"availabilityImpact":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},"baseScore":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},"exploitability":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType"},"remediationLevel":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType"},"reportConfidence":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType"},"temporalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},"collateralDamagePotential":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType"},"targetDistribution":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType"},"confidentialityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},"integrityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},"availabilityRequirement":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},"environmentalScore":{"$ref":"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"}},"required":["version","vectorString","baseScore"],"additionalProperties":false},"other":{"type":"object","required":["type","content"],"properties":{"type":{"type":"string","minLength":1,"maxLength":128},"content":{"type":"object","$comment":"additionalProperties are allowed here, since this construct supports arbitrary JSON.","minProperties":1}},"additionalProperties":false}},"additionalProperties":false}};const schema54 = {"type":"number","minimum":0,"maximum":0};const schema55 = {"const":"NONE"};const schema56 = {"type":"number","minimum":0.1,"maximum":3.9,"multipleOf":0.1};const schema57 = {"const":"LOW"};const schema58 = {"type":"number","minimum":4,"maximum":6.9,"multipleOf":0.1};const schema59 = {"const":"MEDIUM"};const schema60 = {"type":"number","minimum":7,"maximum":8.9,"multipleOf":0.1};const schema61 = {"const":"HIGH"};const schema62 = {"type":"number","minimum":9,"maximum":10,"multipleOf":0.1};const schema63 = {"const":"CRITICAL"};const schema84 = {"type":"number","minimum":0,"maximum":10,"multipleOf":0.1};const schema85 = {"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]};const schema86 = {"type":"string","enum":["NETWORK","ADJACENT","LOCAL","PHYSICAL"]};const schema87 = {"type":"string","enum":["HIGH","LOW"]};const schema88 = {"type":"string","enum":["NONE","PRESENT"]};const schema89 = {"type":"string","enum":["HIGH","LOW","NONE"]};const schema90 = {"type":"string","enum":["NONE","PASSIVE","ACTIVE"]};const schema91 = {"type":"string","enum":["NONE","LOW","HIGH"]};const schema94 = {"type":"string","enum":["NONE","LOW","HIGH"]};const schema97 = {"type":"string","enum":["UNREPORTED","PROOF_OF_CONCEPT","ATTACKED","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema98 = {"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema101 = {"type":"string","enum":["NETWORK","ADJACENT","LOCAL","PHYSICAL","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema102 = {"type":"string","enum":["HIGH","LOW","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema103 = {"type":"string","enum":["NONE","PRESENT","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema104 = {"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema105 = {"type":"string","enum":["NONE","PASSIVE","ACTIVE","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema106 = {"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema109 = {"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema110 = {"type":"string","enum":["NONE","LOW","HIGH","SAFETY","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema112 = {"type":"string","enum":["NEGLIGIBLE","PRESENT","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema113 = {"type":"string","enum":["NO","YES","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema114 = {"type":"string","enum":["AUTOMATIC","USER","IRRECOVERABLE","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema115 = {"type":"string","enum":["DIFFUSE","CONCENTRATED","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema116 = {"type":"string","enum":["LOW","MODERATE","HIGH","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema117 = {"type":"string","enum":["CLEAR","GREEN","AMBER","RED","NOT_DEFINED"],"default":"NOT_DEFINED"};const schema118 = {"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]};const schema119 = {"type":"string","enum":["HIGH","LOW"]};const schema120 = {"type":"string","enum":["HIGH","LOW","NONE"]};const schema121 = {"type":"string","enum":["NONE","REQUIRED"]};const schema122 = {"type":"string","enum":["UNCHANGED","CHANGED"]};const schema123 = {"type":"string","enum":["NONE","LOW","HIGH"]};const schema126 = {"type":"number","minimum":0,"maximum":10};const schema127 = {"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]};const schema128 = {"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]};const schema129 = {"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]};const schema130 = {"type":"string","enum":["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]};const schema133 = {"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]};const schema136 = {"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]};const schema137 = {"type":"string","enum":["HIGH","LOW","NOT_DEFINED"]};const schema138 = {"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"]};const schema139 = {"type":"string","enum":["NONE","REQUIRED","NOT_DEFINED"]};const schema140 = {"type":"string","enum":["UNCHANGED","CHANGED","NOT_DEFINED"]};const schema141 = {"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"]};const schema146 = {"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]};const schema147 = {"type":"string","enum":["HIGH","LOW"]};const schema148 = {"type":"string","enum":["HIGH","LOW","NONE"]};const schema149 = {"type":"string","enum":["NONE","REQUIRED"]};const schema150 = {"type":"string","enum":["UNCHANGED","CHANGED"]};const schema151 = {"type":"string","enum":["NONE","LOW","HIGH"]};const schema154 = {"type":"number","minimum":0,"maximum":10};const schema155 = {"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","CRITICAL"]};const schema156 = {"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]};const schema157 = {"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]};const schema158 = {"type":"string","enum":["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]};const schema161 = {"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]};const schema164 = {"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]};const schema165 = {"type":"string","enum":["HIGH","LOW","NOT_DEFINED"]};const schema166 = {"type":"string","enum":["HIGH","LOW","NONE","NOT_DEFINED"]};const schema167 = {"type":"string","enum":["NONE","REQUIRED","NOT_DEFINED"]};const schema168 = {"type":"string","enum":["UNCHANGED","CHANGED","NOT_DEFINED"]};const schema169 = {"type":"string","enum":["NONE","LOW","HIGH","NOT_DEFINED"]};const schema174 = {"type":"string","enum":["NETWORK","ADJACENT_NETWORK","LOCAL"]};const schema175 = {"type":"string","enum":["HIGH","MEDIUM","LOW"]};const schema176 = {"type":"string","enum":["MULTIPLE","SINGLE","NONE"]};const schema177 = {"type":"string","enum":["NONE","PARTIAL","COMPLETE"]};const schema180 = {"type":"number","minimum":0,"maximum":10};const schema181 = {"type":"string","enum":["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]};const schema182 = {"type":"string","enum":["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]};const schema183 = {"type":"string","enum":["UNCONFIRMED","UNCORROBORATED","CONFIRMED","NOT_DEFINED"]};const schema185 = {"type":"string","enum":["NONE","LOW","LOW_MEDIUM","MEDIUM_HIGH","HIGH","NOT_DEFINED"]};const schema186 = {"type":"string","enum":["NONE","LOW","MEDIUM","HIGH","NOT_DEFINED"]};const schema187 = {"type":"string","enum":["LOW","MEDIUM","HIGH","NOT_DEFINED"]};const pattern20 = new RegExp("^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$", "u");const pattern21 = new RegExp("^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$", "u");const pattern22 = new RegExp("^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$", "u");const pattern23 = new RegExp("^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$", "u");function validate36(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate36.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 64){validate36.errors = [{instancePath:instancePath+"/" + i0+"/format",schemaPath:"#/items/properties/format/maxLength",keyword:"maxLength",params:{limit: 64},message:"must NOT have more than 64 characters"}];return false;}else {if(func6(data1) < 1){validate36.errors = [{instancePath:instancePath+"/" + i0+"/format",schemaPath:"#/items/properties/format/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/format",schemaPath:"#/items/properties/format/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid2 = _errs10 === errors;}else {var valid2 = true;}if(valid2){if(data0.scenarios !== undefined){let data2 = data0.scenarios;const _errs12 = errors;if(errors === _errs12){if(Array.isArray(data2)){if(data2.length < 1){validate36.errors = [{instancePath:instancePath+"/" + i0+"/scenarios",schemaPath:"#/items/properties/scenarios/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid3 = true;const len1 = data2.length;for(let i1=0; i1 4096){validate36.errors = [{instancePath:instancePath+"/" + i0+"/scenarios/" + i1+"/value",schemaPath:"#/items/properties/scenarios/items/properties/value/maxLength",keyword:"maxLength",params:{limit: 4096},message:"must NOT have more than 4096 characters"}];return false;}else {if(func6(data5) < 1){validate36.errors = [{instancePath:instancePath+"/" + i0+"/scenarios/" + i1+"/value",schemaPath:"#/items/properties/scenarios/items/properties/value/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/scenarios/" + i1+"/value",schemaPath:"#/items/properties/scenarios/items/properties/value/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid4 = _errs20 === errors;}else {var valid4 = true;}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/scenarios/" + i1,schemaPath:"#/items/properties/scenarios/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid3 = _errs14 === errors;if(!valid3){break;}}if(valid3){let i2 = data2.length;let j0;if(i2 > 1){outer0:for(;i2--;){for(j0 = i2; j0--;){if(func0(data2[i2], data2[j0])){validate36.errors = [{instancePath:instancePath+"/" + i0+"/scenarios",schemaPath:"#/items/properties/scenarios/uniqueItems",keyword:"uniqueItems",params:{i: i2, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0;}}}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/scenarios",schemaPath:"#/items/properties/scenarios/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid2 = _errs12 === errors;}else {var valid2 = true;}if(valid2){if(data0.cvssV4_0 !== undefined){let data6 = data0.cvssV4_0;const _errs22 = errors;const _errs24 = errors;const _errs25 = errors;let valid8 = false;const _errs26 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.baseScore !== undefined){let data7 = data6.baseScore;const _errs27 = errors;const _errs28 = errors;if(errors === _errs28){if((typeof data7 == "number") && (isFinite(data7))){if(data7 > 0 || isNaN(data7)){const err6 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 0},message:"must be <= 0"};if(vErrors === null){vErrors = [err6];}else {vErrors.push(err6);}errors++;}else {if(data7 < 0 || isNaN(data7)){const err7 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"};if(vErrors === null){vErrors = [err7];}else {vErrors.push(err7);}errors++;}}}else {const err8 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err8];}else {vErrors.push(err8);}errors++;}}var valid9 = _errs27 === errors;}else {var valid9 = true;}if(valid9){if(data6.baseSeverity !== undefined){const _errs30 = errors;if("NONE" !== data6.baseSeverity){const err9 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType/const",keyword:"const",params:{allowedValue: "NONE"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err9];}else {vErrors.push(err9);}errors++;}var valid9 = _errs30 === errors;}else {var valid9 = true;}}}var _valid1 = _errs26 === errors;valid8 = valid8 || _valid1;if(!valid8){const _errs32 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.baseScore !== undefined){let data9 = data6.baseScore;const _errs33 = errors;const _errs34 = errors;if(errors === _errs34){if((typeof data9 == "number") && (isFinite(data9))){if(data9 > 3.9 || isNaN(data9)){const err10 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 3.9},message:"must be <= 3.9"};if(vErrors === null){vErrors = [err10];}else {vErrors.push(err10);}errors++;}else {if(data9 < 0.1 || isNaN(data9)){const err11 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0.1},message:"must be >= 0.1"};if(vErrors === null){vErrors = [err11];}else {vErrors.push(err11);}errors++;}else {let res0;if((0.1 === 0 || (res0 = data9/0.1, res0 !== parseInt(res0)))){const err12 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err12];}else {vErrors.push(err12);}errors++;}}}}else {const err13 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err13];}else {vErrors.push(err13);}errors++;}}var valid12 = _errs33 === errors;}else {var valid12 = true;}if(valid12){if(data6.baseSeverity !== undefined){const _errs36 = errors;if("LOW" !== data6.baseSeverity){const err14 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType/const",keyword:"const",params:{allowedValue: "LOW"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err14];}else {vErrors.push(err14);}errors++;}var valid12 = _errs36 === errors;}else {var valid12 = true;}}}var _valid1 = _errs32 === errors;valid8 = valid8 || _valid1;if(!valid8){const _errs38 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.baseScore !== undefined){let data11 = data6.baseScore;const _errs39 = errors;const _errs40 = errors;if(errors === _errs40){if((typeof data11 == "number") && (isFinite(data11))){if(data11 > 6.9 || isNaN(data11)){const err15 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 6.9},message:"must be <= 6.9"};if(vErrors === null){vErrors = [err15];}else {vErrors.push(err15);}errors++;}else {if(data11 < 4 || isNaN(data11)){const err16 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 4},message:"must be >= 4"};if(vErrors === null){vErrors = [err16];}else {vErrors.push(err16);}errors++;}else {let res1;if((0.1 === 0 || (res1 = data11/0.1, res1 !== parseInt(res1)))){const err17 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err17];}else {vErrors.push(err17);}errors++;}}}}else {const err18 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err18];}else {vErrors.push(err18);}errors++;}}var valid15 = _errs39 === errors;}else {var valid15 = true;}if(valid15){if(data6.baseSeverity !== undefined){const _errs42 = errors;if("MEDIUM" !== data6.baseSeverity){const err19 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType/const",keyword:"const",params:{allowedValue: "MEDIUM"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err19];}else {vErrors.push(err19);}errors++;}var valid15 = _errs42 === errors;}else {var valid15 = true;}}}var _valid1 = _errs38 === errors;valid8 = valid8 || _valid1;if(!valid8){const _errs44 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.baseScore !== undefined){let data13 = data6.baseScore;const _errs45 = errors;const _errs46 = errors;if(errors === _errs46){if((typeof data13 == "number") && (isFinite(data13))){if(data13 > 8.9 || isNaN(data13)){const err20 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 8.9},message:"must be <= 8.9"};if(vErrors === null){vErrors = [err20];}else {vErrors.push(err20);}errors++;}else {if(data13 < 7 || isNaN(data13)){const err21 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 7},message:"must be >= 7"};if(vErrors === null){vErrors = [err21];}else {vErrors.push(err21);}errors++;}else {let res2;if((0.1 === 0 || (res2 = data13/0.1, res2 !== parseInt(res2)))){const err22 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err22];}else {vErrors.push(err22);}errors++;}}}}else {const err23 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err23];}else {vErrors.push(err23);}errors++;}}var valid18 = _errs45 === errors;}else {var valid18 = true;}if(valid18){if(data6.baseSeverity !== undefined){const _errs48 = errors;if("HIGH" !== data6.baseSeverity){const err24 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType/const",keyword:"const",params:{allowedValue: "HIGH"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err24];}else {vErrors.push(err24);}errors++;}var valid18 = _errs48 === errors;}else {var valid18 = true;}}}var _valid1 = _errs44 === errors;valid8 = valid8 || _valid1;if(!valid8){const _errs50 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.baseScore !== undefined){let data15 = data6.baseScore;const _errs51 = errors;const _errs52 = errors;if(errors === _errs52){if((typeof data15 == "number") && (isFinite(data15))){if(data15 > 10 || isNaN(data15)){const err25 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"};if(vErrors === null){vErrors = [err25];}else {vErrors.push(err25);}errors++;}else {if(data15 < 9 || isNaN(data15)){const err26 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 9},message:"must be >= 9"};if(vErrors === null){vErrors = [err26];}else {vErrors.push(err26);}errors++;}else {let res3;if((0.1 === 0 || (res3 = data15/0.1, res3 !== parseInt(res3)))){const err27 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err27];}else {vErrors.push(err27);}errors++;}}}}else {const err28 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err28];}else {vErrors.push(err28);}errors++;}}var valid21 = _errs51 === errors;}else {var valid21 = true;}if(valid21){if(data6.baseSeverity !== undefined){const _errs54 = errors;if("CRITICAL" !== data6.baseSeverity){const err29 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType/const",keyword:"const",params:{allowedValue: "CRITICAL"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err29];}else {vErrors.push(err29);}errors++;}var valid21 = _errs54 === errors;}else {var valid21 = true;}}}var _valid1 = _errs50 === errors;valid8 = valid8 || _valid1;}}}}if(!valid8){const err30 = {instancePath:instancePath+"/" + i0+"/cvssV4_0",schemaPath:"#/items/properties/cvssV4_0/allOf/0/anyOf",keyword:"anyOf",params:{},message:"must match a schema in anyOf"};if(vErrors === null){vErrors = [err30];}else {vErrors.push(err30);}errors++;validate36.errors = vErrors;return false;}else {errors = _errs25;if(vErrors !== null){if(_errs25){vErrors.length = _errs25;}else {vErrors = null;}}}var valid7 = _errs24 === errors;if(valid7){const _errs56 = errors;const _errs57 = errors;let valid24 = false;const _errs58 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.threatScore !== undefined){let data17 = data6.threatScore;const _errs59 = errors;const _errs60 = errors;if(errors === _errs60){if((typeof data17 == "number") && (isFinite(data17))){if(data17 > 0 || isNaN(data17)){const err31 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 0},message:"must be <= 0"};if(vErrors === null){vErrors = [err31];}else {vErrors.push(err31);}errors++;}else {if(data17 < 0 || isNaN(data17)){const err32 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"};if(vErrors === null){vErrors = [err32];}else {vErrors.push(err32);}errors++;}}}else {const err33 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err33];}else {vErrors.push(err33);}errors++;}}var valid25 = _errs59 === errors;}else {var valid25 = true;}if(valid25){if(data6.threatSeverity !== undefined){const _errs62 = errors;if("NONE" !== data6.threatSeverity){const err34 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType/const",keyword:"const",params:{allowedValue: "NONE"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err34];}else {vErrors.push(err34);}errors++;}var valid25 = _errs62 === errors;}else {var valid25 = true;}}}var _valid2 = _errs58 === errors;valid24 = valid24 || _valid2;if(!valid24){const _errs64 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.threatScore !== undefined){let data19 = data6.threatScore;const _errs65 = errors;const _errs66 = errors;if(errors === _errs66){if((typeof data19 == "number") && (isFinite(data19))){if(data19 > 3.9 || isNaN(data19)){const err35 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 3.9},message:"must be <= 3.9"};if(vErrors === null){vErrors = [err35];}else {vErrors.push(err35);}errors++;}else {if(data19 < 0.1 || isNaN(data19)){const err36 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0.1},message:"must be >= 0.1"};if(vErrors === null){vErrors = [err36];}else {vErrors.push(err36);}errors++;}else {let res4;if((0.1 === 0 || (res4 = data19/0.1, res4 !== parseInt(res4)))){const err37 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err37];}else {vErrors.push(err37);}errors++;}}}}else {const err38 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err38];}else {vErrors.push(err38);}errors++;}}var valid28 = _errs65 === errors;}else {var valid28 = true;}if(valid28){if(data6.threatSeverity !== undefined){const _errs68 = errors;if("LOW" !== data6.threatSeverity){const err39 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType/const",keyword:"const",params:{allowedValue: "LOW"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err39];}else {vErrors.push(err39);}errors++;}var valid28 = _errs68 === errors;}else {var valid28 = true;}}}var _valid2 = _errs64 === errors;valid24 = valid24 || _valid2;if(!valid24){const _errs70 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.threatScore !== undefined){let data21 = data6.threatScore;const _errs71 = errors;const _errs72 = errors;if(errors === _errs72){if((typeof data21 == "number") && (isFinite(data21))){if(data21 > 6.9 || isNaN(data21)){const err40 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 6.9},message:"must be <= 6.9"};if(vErrors === null){vErrors = [err40];}else {vErrors.push(err40);}errors++;}else {if(data21 < 4 || isNaN(data21)){const err41 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 4},message:"must be >= 4"};if(vErrors === null){vErrors = [err41];}else {vErrors.push(err41);}errors++;}else {let res5;if((0.1 === 0 || (res5 = data21/0.1, res5 !== parseInt(res5)))){const err42 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err42];}else {vErrors.push(err42);}errors++;}}}}else {const err43 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err43];}else {vErrors.push(err43);}errors++;}}var valid31 = _errs71 === errors;}else {var valid31 = true;}if(valid31){if(data6.threatSeverity !== undefined){const _errs74 = errors;if("MEDIUM" !== data6.threatSeverity){const err44 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType/const",keyword:"const",params:{allowedValue: "MEDIUM"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err44];}else {vErrors.push(err44);}errors++;}var valid31 = _errs74 === errors;}else {var valid31 = true;}}}var _valid2 = _errs70 === errors;valid24 = valid24 || _valid2;if(!valid24){const _errs76 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.threatScore !== undefined){let data23 = data6.threatScore;const _errs77 = errors;const _errs78 = errors;if(errors === _errs78){if((typeof data23 == "number") && (isFinite(data23))){if(data23 > 8.9 || isNaN(data23)){const err45 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 8.9},message:"must be <= 8.9"};if(vErrors === null){vErrors = [err45];}else {vErrors.push(err45);}errors++;}else {if(data23 < 7 || isNaN(data23)){const err46 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 7},message:"must be >= 7"};if(vErrors === null){vErrors = [err46];}else {vErrors.push(err46);}errors++;}else {let res6;if((0.1 === 0 || (res6 = data23/0.1, res6 !== parseInt(res6)))){const err47 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err47];}else {vErrors.push(err47);}errors++;}}}}else {const err48 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err48];}else {vErrors.push(err48);}errors++;}}var valid34 = _errs77 === errors;}else {var valid34 = true;}if(valid34){if(data6.threatSeverity !== undefined){const _errs80 = errors;if("HIGH" !== data6.threatSeverity){const err49 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType/const",keyword:"const",params:{allowedValue: "HIGH"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err49];}else {vErrors.push(err49);}errors++;}var valid34 = _errs80 === errors;}else {var valid34 = true;}}}var _valid2 = _errs76 === errors;valid24 = valid24 || _valid2;if(!valid24){const _errs82 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.threatScore !== undefined){let data25 = data6.threatScore;const _errs83 = errors;const _errs84 = errors;if(errors === _errs84){if((typeof data25 == "number") && (isFinite(data25))){if(data25 > 10 || isNaN(data25)){const err50 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"};if(vErrors === null){vErrors = [err50];}else {vErrors.push(err50);}errors++;}else {if(data25 < 9 || isNaN(data25)){const err51 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 9},message:"must be >= 9"};if(vErrors === null){vErrors = [err51];}else {vErrors.push(err51);}errors++;}else {let res7;if((0.1 === 0 || (res7 = data25/0.1, res7 !== parseInt(res7)))){const err52 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err52];}else {vErrors.push(err52);}errors++;}}}}else {const err53 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err53];}else {vErrors.push(err53);}errors++;}}var valid37 = _errs83 === errors;}else {var valid37 = true;}if(valid37){if(data6.threatSeverity !== undefined){const _errs86 = errors;if("CRITICAL" !== data6.threatSeverity){const err54 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/threatSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType/const",keyword:"const",params:{allowedValue: "CRITICAL"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err54];}else {vErrors.push(err54);}errors++;}var valid37 = _errs86 === errors;}else {var valid37 = true;}}}var _valid2 = _errs82 === errors;valid24 = valid24 || _valid2;}}}}if(!valid24){const err55 = {instancePath:instancePath+"/" + i0+"/cvssV4_0",schemaPath:"#/items/properties/cvssV4_0/allOf/1/anyOf",keyword:"anyOf",params:{},message:"must match a schema in anyOf"};if(vErrors === null){vErrors = [err55];}else {vErrors.push(err55);}errors++;validate36.errors = vErrors;return false;}else {errors = _errs57;if(vErrors !== null){if(_errs57){vErrors.length = _errs57;}else {vErrors = null;}}}var valid7 = _errs56 === errors;if(valid7){const _errs88 = errors;const _errs89 = errors;let valid40 = false;const _errs90 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.environmentalScore !== undefined){let data27 = data6.environmentalScore;const _errs91 = errors;const _errs92 = errors;if(errors === _errs92){if((typeof data27 == "number") && (isFinite(data27))){if(data27 > 0 || isNaN(data27)){const err56 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 0},message:"must be <= 0"};if(vErrors === null){vErrors = [err56];}else {vErrors.push(err56);}errors++;}else {if(data27 < 0 || isNaN(data27)){const err57 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"};if(vErrors === null){vErrors = [err57];}else {vErrors.push(err57);}errors++;}}}else {const err58 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err58];}else {vErrors.push(err58);}errors++;}}var valid41 = _errs91 === errors;}else {var valid41 = true;}if(valid41){if(data6.environmentalSeverity !== undefined){const _errs94 = errors;if("NONE" !== data6.environmentalSeverity){const err59 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/noneSeverityType/const",keyword:"const",params:{allowedValue: "NONE"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err59];}else {vErrors.push(err59);}errors++;}var valid41 = _errs94 === errors;}else {var valid41 = true;}}}var _valid3 = _errs90 === errors;valid40 = valid40 || _valid3;if(!valid40){const _errs96 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.environmentalScore !== undefined){let data29 = data6.environmentalScore;const _errs97 = errors;const _errs98 = errors;if(errors === _errs98){if((typeof data29 == "number") && (isFinite(data29))){if(data29 > 3.9 || isNaN(data29)){const err60 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 3.9},message:"must be <= 3.9"};if(vErrors === null){vErrors = [err60];}else {vErrors.push(err60);}errors++;}else {if(data29 < 0.1 || isNaN(data29)){const err61 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0.1},message:"must be >= 0.1"};if(vErrors === null){vErrors = [err61];}else {vErrors.push(err61);}errors++;}else {let res8;if((0.1 === 0 || (res8 = data29/0.1, res8 !== parseInt(res8)))){const err62 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err62];}else {vErrors.push(err62);}errors++;}}}}else {const err63 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err63];}else {vErrors.push(err63);}errors++;}}var valid44 = _errs97 === errors;}else {var valid44 = true;}if(valid44){if(data6.environmentalSeverity !== undefined){const _errs100 = errors;if("LOW" !== data6.environmentalSeverity){const err64 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/lowSeverityType/const",keyword:"const",params:{allowedValue: "LOW"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err64];}else {vErrors.push(err64);}errors++;}var valid44 = _errs100 === errors;}else {var valid44 = true;}}}var _valid3 = _errs96 === errors;valid40 = valid40 || _valid3;if(!valid40){const _errs102 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.environmentalScore !== undefined){let data31 = data6.environmentalScore;const _errs103 = errors;const _errs104 = errors;if(errors === _errs104){if((typeof data31 == "number") && (isFinite(data31))){if(data31 > 6.9 || isNaN(data31)){const err65 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 6.9},message:"must be <= 6.9"};if(vErrors === null){vErrors = [err65];}else {vErrors.push(err65);}errors++;}else {if(data31 < 4 || isNaN(data31)){const err66 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 4},message:"must be >= 4"};if(vErrors === null){vErrors = [err66];}else {vErrors.push(err66);}errors++;}else {let res9;if((0.1 === 0 || (res9 = data31/0.1, res9 !== parseInt(res9)))){const err67 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err67];}else {vErrors.push(err67);}errors++;}}}}else {const err68 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err68];}else {vErrors.push(err68);}errors++;}}var valid47 = _errs103 === errors;}else {var valid47 = true;}if(valid47){if(data6.environmentalSeverity !== undefined){const _errs106 = errors;if("MEDIUM" !== data6.environmentalSeverity){const err69 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/mediumSeverityType/const",keyword:"const",params:{allowedValue: "MEDIUM"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err69];}else {vErrors.push(err69);}errors++;}var valid47 = _errs106 === errors;}else {var valid47 = true;}}}var _valid3 = _errs102 === errors;valid40 = valid40 || _valid3;if(!valid40){const _errs108 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.environmentalScore !== undefined){let data33 = data6.environmentalScore;const _errs109 = errors;const _errs110 = errors;if(errors === _errs110){if((typeof data33 == "number") && (isFinite(data33))){if(data33 > 8.9 || isNaN(data33)){const err70 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 8.9},message:"must be <= 8.9"};if(vErrors === null){vErrors = [err70];}else {vErrors.push(err70);}errors++;}else {if(data33 < 7 || isNaN(data33)){const err71 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 7},message:"must be >= 7"};if(vErrors === null){vErrors = [err71];}else {vErrors.push(err71);}errors++;}else {let res10;if((0.1 === 0 || (res10 = data33/0.1, res10 !== parseInt(res10)))){const err72 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err72];}else {vErrors.push(err72);}errors++;}}}}else {const err73 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err73];}else {vErrors.push(err73);}errors++;}}var valid50 = _errs109 === errors;}else {var valid50 = true;}if(valid50){if(data6.environmentalSeverity !== undefined){const _errs112 = errors;if("HIGH" !== data6.environmentalSeverity){const err74 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/highSeverityType/const",keyword:"const",params:{allowedValue: "HIGH"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err74];}else {vErrors.push(err74);}errors++;}var valid50 = _errs112 === errors;}else {var valid50 = true;}}}var _valid3 = _errs108 === errors;valid40 = valid40 || _valid3;if(!valid40){const _errs114 = errors;if(data6 && typeof data6 == "object" && !Array.isArray(data6)){if(data6.environmentalScore !== undefined){let data35 = data6.environmentalScore;const _errs115 = errors;const _errs116 = errors;if(errors === _errs116){if((typeof data35 == "number") && (isFinite(data35))){if(data35 > 10 || isNaN(data35)){const err75 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"};if(vErrors === null){vErrors = [err75];}else {vErrors.push(err75);}errors++;}else {if(data35 < 9 || isNaN(data35)){const err76 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 9},message:"must be >= 9"};if(vErrors === null){vErrors = [err76];}else {vErrors.push(err76);}errors++;}else {let res11;if((0.1 === 0 || (res11 = data35/0.1, res11 !== parseInt(res11)))){const err77 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"};if(vErrors === null){vErrors = [err77];}else {vErrors.push(err77);}errors++;}}}}else {const err78 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalScoreType/type",keyword:"type",params:{type: "number"},message:"must be number"};if(vErrors === null){vErrors = [err78];}else {vErrors.push(err78);}errors++;}}var valid53 = _errs115 === errors;}else {var valid53 = true;}if(valid53){if(data6.environmentalSeverity !== undefined){const _errs118 = errors;if("CRITICAL" !== data6.environmentalSeverity){const err79 = {instancePath:instancePath+"/" + i0+"/cvssV4_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/criticalSeverityType/const",keyword:"const",params:{allowedValue: "CRITICAL"},message:"must be equal to constant"};if(vErrors === null){vErrors = [err79];}else {vErrors.push(err79);}errors++;}var valid53 = _errs118 === errors;}else {var valid53 = true;}}}var _valid3 = _errs114 === errors;valid40 = valid40 || _valid3;}}}}if(!valid40){const err80 = {instancePath:instancePath+"/" + i0+"/cvssV4_0",schemaPath:"#/items/properties/cvssV4_0/allOf/2/anyOf",keyword:"anyOf",params:{},message:"must match a schema in anyOf"};if(vErrors === null){vErrors = [err80];}else {vErrors.push(err80);}errors++;validate36.errors = vErrors;return false;}else {errors = _errs89;if(vErrors !== null){if(_errs89){vErrors.length = _errs89;}else {vErrors = null;}}}var valid7 = _errs88 === errors;}}if(errors === _errs22){if(data6 && typeof data6 == "object" && !Array.isArray(data6)){let missing6;if(((((data6.version === undefined) && (missing6 = "version")) || ((data6.vectorString === undefined) && (missing6 = "vectorString"))) || ((data6.baseScore === undefined) && (missing6 = "baseScore"))) || ((data6.baseSeverity === undefined) && (missing6 = "baseSeverity"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0",schemaPath:"#/items/properties/cvssV4_0/required",keyword:"required",params:{missingProperty: missing6},message:"must have required property '"+missing6+"'"}];return false;}else {const _errs120 = errors;for(const key2 in data6){if(!(func5.call(schema52.items.properties.cvssV4_0.properties, key2))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0",schemaPath:"#/items/properties/cvssV4_0/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key2},message:"must NOT have additional properties"}];return false;break;}}if(_errs120 === errors){if(data6.version !== undefined){let data37 = data6.version;const _errs121 = errors;if(typeof data37 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/version",schemaPath:"#/items/properties/cvssV4_0/properties/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(data37 === "4.0")){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/version",schemaPath:"#/items/properties/cvssV4_0/properties/version/enum",keyword:"enum",params:{allowedValues: schema52.items.properties.cvssV4_0.properties.version.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs121 === errors;}else {var valid56 = true;}if(valid56){if(data6.vectorString !== undefined){let data38 = data6.vectorString;const _errs123 = errors;if(errors === _errs123){if(typeof data38 === "string"){if(!pattern20.test(data38)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vectorString",schemaPath:"#/items/properties/cvssV4_0/properties/vectorString/pattern",keyword:"pattern",params:{pattern: "^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$"},message:"must match pattern \""+"^CVSS:4[.]0/AV:[NALP]/AC:[LH]/AT:[NP]/PR:[NLH]/UI:[NPA]/VC:[HLN]/VI:[HLN]/VA:[HLN]/SC:[HLN]/SI:[HLN]/SA:[HLN](/E:[XAPU])?(/CR:[XHML])?(/IR:[XHML])?(/AR:[XHML])?(/MAV:[XNALP])?(/MAC:[XLH])?(/MAT:[XNP])?(/MPR:[XNLH])?(/MUI:[XNPA])?(/MVC:[XNLH])?(/MVI:[XNLH])?(/MVA:[XNLH])?(/MSC:[XNLH])?(/MSI:[XNLHS])?(/MSA:[XNLHS])?(/S:[XNP])?(/AU:[XNY])?(/R:[XAUI])?(/V:[XDC])?(/RE:[XLMH])?(/U:(X|Clear|Green|Amber|Red))?$"+"\""}];return false;}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vectorString",schemaPath:"#/items/properties/cvssV4_0/properties/vectorString/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid56 = _errs123 === errors;}else {var valid56 = true;}if(valid56){if(data6.baseScore !== undefined){let data39 = data6.baseScore;const _errs125 = errors;const _errs126 = errors;if(errors === _errs126){if((typeof data39 == "number") && (isFinite(data39))){if(data39 > 10 || isNaN(data39)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data39 < 0 || isNaN(data39)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}else {let res12;if((0.1 === 0 || (res12 = data39/0.1, res12 !== parseInt(res12)))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType/multipleOf",keyword:"multipleOf",params:{multipleOf: 0.1},message:"must be multiple of 0.1"}];return false;}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid56 = _errs125 === errors;}else {var valid56 = true;}if(valid56){if(data6.baseSeverity !== undefined){let data40 = data6.baseSeverity;const _errs128 = errors;if(typeof data40 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data40 === "NONE") || (data40 === "LOW")) || (data40 === "MEDIUM")) || (data40 === "HIGH")) || (data40 === "CRITICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/severityType/enum",keyword:"enum",params:{allowedValues: schema85.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs128 === errors;}else {var valid56 = true;}if(valid56){if(data6.attackVector !== undefined){let data41 = data6.attackVector;const _errs131 = errors;if(typeof data41 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data41 === "NETWORK") || (data41 === "ADJACENT")) || (data41 === "LOCAL")) || (data41 === "PHYSICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackVectorType/enum",keyword:"enum",params:{allowedValues: schema86.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs131 === errors;}else {var valid56 = true;}if(valid56){if(data6.attackComplexity !== undefined){let data42 = data6.attackComplexity;const _errs134 = errors;if(typeof data42 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data42 === "HIGH") || (data42 === "LOW"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackComplexityType/enum",keyword:"enum",params:{allowedValues: schema87.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs134 === errors;}else {var valid56 = true;}if(valid56){if(data6.attackRequirements !== undefined){let data43 = data6.attackRequirements;const _errs137 = errors;if(typeof data43 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/attackRequirements",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data43 === "NONE") || (data43 === "PRESENT"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/attackRequirements",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/attackRequirementsType/enum",keyword:"enum",params:{allowedValues: schema88.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs137 === errors;}else {var valid56 = true;}if(valid56){if(data6.privilegesRequired !== undefined){let data44 = data6.privilegesRequired;const _errs140 = errors;if(typeof data44 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data44 === "HIGH") || (data44 === "LOW")) || (data44 === "NONE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/privilegesRequiredType/enum",keyword:"enum",params:{allowedValues: schema89.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs140 === errors;}else {var valid56 = true;}if(valid56){if(data6.userInteraction !== undefined){let data45 = data6.userInteraction;const _errs143 = errors;if(typeof data45 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data45 === "NONE") || (data45 === "PASSIVE")) || (data45 === "ACTIVE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/userInteractionType/enum",keyword:"enum",params:{allowedValues: schema90.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs143 === errors;}else {var valid56 = true;}if(valid56){if(data6.vulnConfidentialityImpact !== undefined){let data46 = data6.vulnConfidentialityImpact;const _errs146 = errors;if(typeof data46 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data46 === "NONE") || (data46 === "LOW")) || (data46 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType/enum",keyword:"enum",params:{allowedValues: schema91.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs146 === errors;}else {var valid56 = true;}if(valid56){if(data6.vulnIntegrityImpact !== undefined){let data47 = data6.vulnIntegrityImpact;const _errs149 = errors;if(typeof data47 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data47 === "NONE") || (data47 === "LOW")) || (data47 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType/enum",keyword:"enum",params:{allowedValues: schema91.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs149 === errors;}else {var valid56 = true;}if(valid56){if(data6.vulnAvailabilityImpact !== undefined){let data48 = data6.vulnAvailabilityImpact;const _errs152 = errors;if(typeof data48 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data48 === "NONE") || (data48 === "LOW")) || (data48 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnCiaType/enum",keyword:"enum",params:{allowedValues: schema91.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs152 === errors;}else {var valid56 = true;}if(valid56){if(data6.subConfidentialityImpact !== undefined){let data49 = data6.subConfidentialityImpact;const _errs155 = errors;if(typeof data49 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/subConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data49 === "NONE") || (data49 === "LOW")) || (data49 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/subConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType/enum",keyword:"enum",params:{allowedValues: schema94.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs155 === errors;}else {var valid56 = true;}if(valid56){if(data6.subIntegrityImpact !== undefined){let data50 = data6.subIntegrityImpact;const _errs158 = errors;if(typeof data50 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/subIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data50 === "NONE") || (data50 === "LOW")) || (data50 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/subIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType/enum",keyword:"enum",params:{allowedValues: schema94.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs158 === errors;}else {var valid56 = true;}if(valid56){if(data6.subAvailabilityImpact !== undefined){let data51 = data6.subAvailabilityImpact;const _errs161 = errors;if(typeof data51 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/subAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data51 === "NONE") || (data51 === "LOW")) || (data51 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/subAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/subCiaType/enum",keyword:"enum",params:{allowedValues: schema94.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs161 === errors;}else {var valid56 = true;}if(valid56){if(data6.exploitMaturity !== undefined){let data52 = data6.exploitMaturity;const _errs164 = errors;if(typeof data52 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/exploitMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data52 === "UNREPORTED") || (data52 === "PROOF_OF_CONCEPT")) || (data52 === "ATTACKED")) || (data52 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/exploitMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/exploitMaturityType/enum",keyword:"enum",params:{allowedValues: schema97.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs164 === errors;}else {var valid56 = true;}if(valid56){if(data6.confidentialityRequirement !== undefined){let data53 = data6.confidentialityRequirement;const _errs167 = errors;if(typeof data53 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data53 === "LOW") || (data53 === "MEDIUM")) || (data53 === "HIGH")) || (data53 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema98.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs167 === errors;}else {var valid56 = true;}if(valid56){if(data6.integrityRequirement !== undefined){let data54 = data6.integrityRequirement;const _errs170 = errors;if(typeof data54 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data54 === "LOW") || (data54 === "MEDIUM")) || (data54 === "HIGH")) || (data54 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema98.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs170 === errors;}else {var valid56 = true;}if(valid56){if(data6.availabilityRequirement !== undefined){let data55 = data6.availabilityRequirement;const _errs173 = errors;if(typeof data55 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data55 === "LOW") || (data55 === "MEDIUM")) || (data55 === "HIGH")) || (data55 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema98.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs173 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedAttackVector !== undefined){let data56 = data6.modifiedAttackVector;const _errs176 = errors;if(typeof data56 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data56 === "NETWORK") || (data56 === "ADJACENT")) || (data56 === "LOCAL")) || (data56 === "PHYSICAL")) || (data56 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackVectorType/enum",keyword:"enum",params:{allowedValues: schema101.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs176 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedAttackComplexity !== undefined){let data57 = data6.modifiedAttackComplexity;const _errs179 = errors;if(typeof data57 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data57 === "HIGH") || (data57 === "LOW")) || (data57 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackComplexityType/enum",keyword:"enum",params:{allowedValues: schema102.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs179 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedAttackRequirements !== undefined){let data58 = data6.modifiedAttackRequirements;const _errs182 = errors;if(typeof data58 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedAttackRequirements",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data58 === "NONE") || (data58 === "PRESENT")) || (data58 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedAttackRequirements",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedAttackRequirementsType/enum",keyword:"enum",params:{allowedValues: schema103.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs182 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedPrivilegesRequired !== undefined){let data59 = data6.modifiedPrivilegesRequired;const _errs185 = errors;if(typeof data59 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data59 === "HIGH") || (data59 === "LOW")) || (data59 === "NONE")) || (data59 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedPrivilegesRequiredType/enum",keyword:"enum",params:{allowedValues: schema104.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs185 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedUserInteraction !== undefined){let data60 = data6.modifiedUserInteraction;const _errs188 = errors;if(typeof data60 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data60 === "NONE") || (data60 === "PASSIVE")) || (data60 === "ACTIVE")) || (data60 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedUserInteractionType/enum",keyword:"enum",params:{allowedValues: schema105.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs188 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedVulnConfidentialityImpact !== undefined){let data61 = data6.modifiedVulnConfidentialityImpact;const _errs191 = errors;if(typeof data61 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedVulnConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data61 === "NONE") || (data61 === "LOW")) || (data61 === "HIGH")) || (data61 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedVulnConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType/enum",keyword:"enum",params:{allowedValues: schema106.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs191 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedVulnIntegrityImpact !== undefined){let data62 = data6.modifiedVulnIntegrityImpact;const _errs194 = errors;if(typeof data62 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedVulnIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data62 === "NONE") || (data62 === "LOW")) || (data62 === "HIGH")) || (data62 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedVulnIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType/enum",keyword:"enum",params:{allowedValues: schema106.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs194 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedVulnAvailabilityImpact !== undefined){let data63 = data6.modifiedVulnAvailabilityImpact;const _errs197 = errors;if(typeof data63 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedVulnAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data63 === "NONE") || (data63 === "LOW")) || (data63 === "HIGH")) || (data63 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedVulnAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedVulnCiaType/enum",keyword:"enum",params:{allowedValues: schema106.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs197 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedSubConfidentialityImpact !== undefined){let data64 = data6.modifiedSubConfidentialityImpact;const _errs200 = errors;if(typeof data64 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedSubConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data64 === "NONE") || (data64 === "LOW")) || (data64 === "HIGH")) || (data64 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedSubConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubCType/enum",keyword:"enum",params:{allowedValues: schema109.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs200 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedSubIntegrityImpact !== undefined){let data65 = data6.modifiedSubIntegrityImpact;const _errs203 = errors;if(typeof data65 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedSubIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data65 === "NONE") || (data65 === "LOW")) || (data65 === "HIGH")) || (data65 === "SAFETY")) || (data65 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedSubIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType/enum",keyword:"enum",params:{allowedValues: schema110.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs203 === errors;}else {var valid56 = true;}if(valid56){if(data6.modifiedSubAvailabilityImpact !== undefined){let data66 = data6.modifiedSubAvailabilityImpact;const _errs206 = errors;if(typeof data66 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedSubAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data66 === "NONE") || (data66 === "LOW")) || (data66 === "HIGH")) || (data66 === "SAFETY")) || (data66 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/modifiedSubAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/modifiedSubIaType/enum",keyword:"enum",params:{allowedValues: schema110.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs206 === errors;}else {var valid56 = true;}if(valid56){if(data6.Safety !== undefined){let data67 = data6.Safety;const _errs209 = errors;if(typeof data67 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/Safety",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data67 === "NEGLIGIBLE") || (data67 === "PRESENT")) || (data67 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/Safety",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/safetyType/enum",keyword:"enum",params:{allowedValues: schema112.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs209 === errors;}else {var valid56 = true;}if(valid56){if(data6.Automatable !== undefined){let data68 = data6.Automatable;const _errs212 = errors;if(typeof data68 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/Automatable",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data68 === "NO") || (data68 === "YES")) || (data68 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/Automatable",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/automatableType/enum",keyword:"enum",params:{allowedValues: schema113.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs212 === errors;}else {var valid56 = true;}if(valid56){if(data6.Recovery !== undefined){let data69 = data6.Recovery;const _errs215 = errors;if(typeof data69 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/Recovery",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data69 === "AUTOMATIC") || (data69 === "USER")) || (data69 === "IRRECOVERABLE")) || (data69 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/Recovery",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/recoveryType/enum",keyword:"enum",params:{allowedValues: schema114.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs215 === errors;}else {var valid56 = true;}if(valid56){if(data6.valueDensity !== undefined){let data70 = data6.valueDensity;const _errs218 = errors;if(typeof data70 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/valueDensity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data70 === "DIFFUSE") || (data70 === "CONCENTRATED")) || (data70 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/valueDensity",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/valueDensityType/enum",keyword:"enum",params:{allowedValues: schema115.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs218 === errors;}else {var valid56 = true;}if(valid56){if(data6.vulnerabilityResponseEffort !== undefined){let data71 = data6.vulnerabilityResponseEffort;const _errs221 = errors;if(typeof data71 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnerabilityResponseEffort",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data71 === "LOW") || (data71 === "MODERATE")) || (data71 === "HIGH")) || (data71 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/vulnerabilityResponseEffort",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/vulnerabilityResponseEffortType/enum",keyword:"enum",params:{allowedValues: schema116.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs221 === errors;}else {var valid56 = true;}if(valid56){if(data6.providerUrgency !== undefined){let data72 = data6.providerUrgency;const _errs224 = errors;if(typeof data72 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/providerUrgency",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data72 === "CLEAR") || (data72 === "GREEN")) || (data72 === "AMBER")) || (data72 === "RED")) || (data72 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0/providerUrgency",schemaPath:"#/definitions/metrics/items/properties/cvssV4_0/definitions/providerUrgencyType/enum",keyword:"enum",params:{allowedValues: schema117.enum},message:"must be equal to one of the allowed values"}];return false;}var valid56 = _errs224 === errors;}else {var valid56 = true;}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV4_0",schemaPath:"#/items/properties/cvssV4_0/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid2 = _errs22 === errors;}else {var valid2 = true;}if(valid2){if(data0.cvssV3_1 !== undefined){let data73 = data0.cvssV3_1;const _errs227 = errors;if(errors === _errs227){if(data73 && typeof data73 == "object" && !Array.isArray(data73)){let missing7;if(((((data73.version === undefined) && (missing7 = "version")) || ((data73.vectorString === undefined) && (missing7 = "vectorString"))) || ((data73.baseScore === undefined) && (missing7 = "baseScore"))) || ((data73.baseSeverity === undefined) && (missing7 = "baseSeverity"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1",schemaPath:"#/items/properties/cvssV3_1/required",keyword:"required",params:{missingProperty: missing7},message:"must have required property '"+missing7+"'"}];return false;}else {const _errs229 = errors;for(const key3 in data73){if(!(func5.call(schema52.items.properties.cvssV3_1.properties, key3))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1",schemaPath:"#/items/properties/cvssV3_1/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key3},message:"must NOT have additional properties"}];return false;break;}}if(_errs229 === errors){if(data73.version !== undefined){let data74 = data73.version;const _errs230 = errors;if(typeof data74 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/version",schemaPath:"#/items/properties/cvssV3_1/properties/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(data74 === "3.1")){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/version",schemaPath:"#/items/properties/cvssV3_1/properties/version/enum",keyword:"enum",params:{allowedValues: schema52.items.properties.cvssV3_1.properties.version.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs230 === errors;}else {var valid91 = true;}if(valid91){if(data73.vectorString !== undefined){let data75 = data73.vectorString;const _errs232 = errors;if(errors === _errs232){if(typeof data75 === "string"){if(!pattern21.test(data75)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/vectorString",schemaPath:"#/items/properties/cvssV3_1/properties/vectorString/pattern",keyword:"pattern",params:{pattern: "^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},message:"must match pattern \""+"^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"+"\""}];return false;}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/vectorString",schemaPath:"#/items/properties/cvssV3_1/properties/vectorString/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid91 = _errs232 === errors;}else {var valid91 = true;}if(valid91){if(data73.attackVector !== undefined){let data76 = data73.attackVector;const _errs234 = errors;if(typeof data76 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data76 === "NETWORK") || (data76 === "ADJACENT_NETWORK")) || (data76 === "LOCAL")) || (data76 === "PHYSICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType/enum",keyword:"enum",params:{allowedValues: schema118.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs234 === errors;}else {var valid91 = true;}if(valid91){if(data73.attackComplexity !== undefined){let data77 = data73.attackComplexity;const _errs237 = errors;if(typeof data77 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data77 === "HIGH") || (data77 === "LOW"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType/enum",keyword:"enum",params:{allowedValues: schema119.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs237 === errors;}else {var valid91 = true;}if(valid91){if(data73.privilegesRequired !== undefined){let data78 = data73.privilegesRequired;const _errs240 = errors;if(typeof data78 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data78 === "HIGH") || (data78 === "LOW")) || (data78 === "NONE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType/enum",keyword:"enum",params:{allowedValues: schema120.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs240 === errors;}else {var valid91 = true;}if(valid91){if(data73.userInteraction !== undefined){let data79 = data73.userInteraction;const _errs243 = errors;if(typeof data79 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data79 === "NONE") || (data79 === "REQUIRED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType/enum",keyword:"enum",params:{allowedValues: schema121.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs243 === errors;}else {var valid91 = true;}if(valid91){if(data73.scope !== undefined){let data80 = data73.scope;const _errs246 = errors;if(typeof data80 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data80 === "UNCHANGED") || (data80 === "CHANGED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType/enum",keyword:"enum",params:{allowedValues: schema122.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs246 === errors;}else {var valid91 = true;}if(valid91){if(data73.confidentialityImpact !== undefined){let data81 = data73.confidentialityImpact;const _errs249 = errors;if(typeof data81 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data81 === "NONE") || (data81 === "LOW")) || (data81 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema123.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs249 === errors;}else {var valid91 = true;}if(valid91){if(data73.integrityImpact !== undefined){let data82 = data73.integrityImpact;const _errs252 = errors;if(typeof data82 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data82 === "NONE") || (data82 === "LOW")) || (data82 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema123.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs252 === errors;}else {var valid91 = true;}if(valid91){if(data73.availabilityImpact !== undefined){let data83 = data73.availabilityImpact;const _errs255 = errors;if(typeof data83 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data83 === "NONE") || (data83 === "LOW")) || (data83 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema123.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs255 === errors;}else {var valid91 = true;}if(valid91){if(data73.baseScore !== undefined){let data84 = data73.baseScore;const _errs258 = errors;const _errs259 = errors;if(errors === _errs259){if((typeof data84 == "number") && (isFinite(data84))){if(data84 > 10 || isNaN(data84)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data84 < 0 || isNaN(data84)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid91 = _errs258 === errors;}else {var valid91 = true;}if(valid91){if(data73.baseSeverity !== undefined){let data85 = data73.baseSeverity;const _errs261 = errors;if(typeof data85 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data85 === "NONE") || (data85 === "LOW")) || (data85 === "MEDIUM")) || (data85 === "HIGH")) || (data85 === "CRITICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/enum",keyword:"enum",params:{allowedValues: schema127.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs261 === errors;}else {var valid91 = true;}if(valid91){if(data73.exploitCodeMaturity !== undefined){let data86 = data73.exploitCodeMaturity;const _errs264 = errors;if(typeof data86 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data86 === "UNPROVEN") || (data86 === "PROOF_OF_CONCEPT")) || (data86 === "FUNCTIONAL")) || (data86 === "HIGH")) || (data86 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType/enum",keyword:"enum",params:{allowedValues: schema128.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs264 === errors;}else {var valid91 = true;}if(valid91){if(data73.remediationLevel !== undefined){let data87 = data73.remediationLevel;const _errs267 = errors;if(typeof data87 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data87 === "OFFICIAL_FIX") || (data87 === "TEMPORARY_FIX")) || (data87 === "WORKAROUND")) || (data87 === "UNAVAILABLE")) || (data87 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType/enum",keyword:"enum",params:{allowedValues: schema129.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs267 === errors;}else {var valid91 = true;}if(valid91){if(data73.reportConfidence !== undefined){let data88 = data73.reportConfidence;const _errs270 = errors;if(typeof data88 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data88 === "UNKNOWN") || (data88 === "REASONABLE")) || (data88 === "CONFIRMED")) || (data88 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType/enum",keyword:"enum",params:{allowedValues: schema130.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs270 === errors;}else {var valid91 = true;}if(valid91){if(data73.temporalScore !== undefined){let data89 = data73.temporalScore;const _errs273 = errors;const _errs274 = errors;if(errors === _errs274){if((typeof data89 == "number") && (isFinite(data89))){if(data89 > 10 || isNaN(data89)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data89 < 0 || isNaN(data89)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid91 = _errs273 === errors;}else {var valid91 = true;}if(valid91){if(data73.temporalSeverity !== undefined){let data90 = data73.temporalSeverity;const _errs276 = errors;if(typeof data90 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data90 === "NONE") || (data90 === "LOW")) || (data90 === "MEDIUM")) || (data90 === "HIGH")) || (data90 === "CRITICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/enum",keyword:"enum",params:{allowedValues: schema127.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs276 === errors;}else {var valid91 = true;}if(valid91){if(data73.confidentialityRequirement !== undefined){let data91 = data73.confidentialityRequirement;const _errs279 = errors;if(typeof data91 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data91 === "LOW") || (data91 === "MEDIUM")) || (data91 === "HIGH")) || (data91 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema133.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs279 === errors;}else {var valid91 = true;}if(valid91){if(data73.integrityRequirement !== undefined){let data92 = data73.integrityRequirement;const _errs282 = errors;if(typeof data92 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data92 === "LOW") || (data92 === "MEDIUM")) || (data92 === "HIGH")) || (data92 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema133.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs282 === errors;}else {var valid91 = true;}if(valid91){if(data73.availabilityRequirement !== undefined){let data93 = data73.availabilityRequirement;const _errs285 = errors;if(typeof data93 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data93 === "LOW") || (data93 === "MEDIUM")) || (data93 === "HIGH")) || (data93 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema133.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs285 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedAttackVector !== undefined){let data94 = data73.modifiedAttackVector;const _errs288 = errors;if(typeof data94 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data94 === "NETWORK") || (data94 === "ADJACENT_NETWORK")) || (data94 === "LOCAL")) || (data94 === "PHYSICAL")) || (data94 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType/enum",keyword:"enum",params:{allowedValues: schema136.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs288 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedAttackComplexity !== undefined){let data95 = data73.modifiedAttackComplexity;const _errs291 = errors;if(typeof data95 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data95 === "HIGH") || (data95 === "LOW")) || (data95 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType/enum",keyword:"enum",params:{allowedValues: schema137.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs291 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedPrivilegesRequired !== undefined){let data96 = data73.modifiedPrivilegesRequired;const _errs294 = errors;if(typeof data96 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data96 === "HIGH") || (data96 === "LOW")) || (data96 === "NONE")) || (data96 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType/enum",keyword:"enum",params:{allowedValues: schema138.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs294 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedUserInteraction !== undefined){let data97 = data73.modifiedUserInteraction;const _errs297 = errors;if(typeof data97 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data97 === "NONE") || (data97 === "REQUIRED")) || (data97 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType/enum",keyword:"enum",params:{allowedValues: schema139.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs297 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedScope !== undefined){let data98 = data73.modifiedScope;const _errs300 = errors;if(typeof data98 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data98 === "UNCHANGED") || (data98 === "CHANGED")) || (data98 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType/enum",keyword:"enum",params:{allowedValues: schema140.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs300 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedConfidentialityImpact !== undefined){let data99 = data73.modifiedConfidentialityImpact;const _errs303 = errors;if(typeof data99 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data99 === "NONE") || (data99 === "LOW")) || (data99 === "HIGH")) || (data99 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues: schema141.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs303 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedIntegrityImpact !== undefined){let data100 = data73.modifiedIntegrityImpact;const _errs306 = errors;if(typeof data100 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data100 === "NONE") || (data100 === "LOW")) || (data100 === "HIGH")) || (data100 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues: schema141.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs306 === errors;}else {var valid91 = true;}if(valid91){if(data73.modifiedAvailabilityImpact !== undefined){let data101 = data73.modifiedAvailabilityImpact;const _errs309 = errors;if(typeof data101 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data101 === "NONE") || (data101 === "LOW")) || (data101 === "HIGH")) || (data101 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues: schema141.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs309 === errors;}else {var valid91 = true;}if(valid91){if(data73.environmentalScore !== undefined){let data102 = data73.environmentalScore;const _errs312 = errors;const _errs313 = errors;if(errors === _errs313){if((typeof data102 == "number") && (isFinite(data102))){if(data102 > 10 || isNaN(data102)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data102 < 0 || isNaN(data102)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid91 = _errs312 === errors;}else {var valid91 = true;}if(valid91){if(data73.environmentalSeverity !== undefined){let data103 = data73.environmentalSeverity;const _errs315 = errors;if(typeof data103 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data103 === "NONE") || (data103 === "LOW")) || (data103 === "MEDIUM")) || (data103 === "HIGH")) || (data103 === "CRITICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/enum",keyword:"enum",params:{allowedValues: schema127.enum},message:"must be equal to one of the allowed values"}];return false;}var valid91 = _errs315 === errors;}else {var valid91 = true;}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_1",schemaPath:"#/items/properties/cvssV3_1/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid2 = _errs227 === errors;}else {var valid2 = true;}if(valid2){if(data0.cvssV3_0 !== undefined){let data104 = data0.cvssV3_0;const _errs318 = errors;if(errors === _errs318){if(data104 && typeof data104 == "object" && !Array.isArray(data104)){let missing8;if(((((data104.version === undefined) && (missing8 = "version")) || ((data104.vectorString === undefined) && (missing8 = "vectorString"))) || ((data104.baseScore === undefined) && (missing8 = "baseScore"))) || ((data104.baseSeverity === undefined) && (missing8 = "baseSeverity"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0",schemaPath:"#/items/properties/cvssV3_0/required",keyword:"required",params:{missingProperty: missing8},message:"must have required property '"+missing8+"'"}];return false;}else {const _errs320 = errors;for(const key4 in data104){if(!(func5.call(schema52.items.properties.cvssV3_0.properties, key4))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0",schemaPath:"#/items/properties/cvssV3_0/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key4},message:"must NOT have additional properties"}];return false;break;}}if(_errs320 === errors){if(data104.version !== undefined){let data105 = data104.version;const _errs321 = errors;if(typeof data105 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/version",schemaPath:"#/items/properties/cvssV3_0/properties/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(data105 === "3.0")){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/version",schemaPath:"#/items/properties/cvssV3_0/properties/version/enum",keyword:"enum",params:{allowedValues: schema52.items.properties.cvssV3_0.properties.version.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs321 === errors;}else {var valid120 = true;}if(valid120){if(data104.vectorString !== undefined){let data106 = data104.vectorString;const _errs323 = errors;if(errors === _errs323){if(typeof data106 === "string"){if(!pattern22.test(data106)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/vectorString",schemaPath:"#/items/properties/cvssV3_0/properties/vectorString/pattern",keyword:"pattern",params:{pattern: "^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},message:"must match pattern \""+"^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"+"\""}];return false;}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/vectorString",schemaPath:"#/items/properties/cvssV3_0/properties/vectorString/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid120 = _errs323 === errors;}else {var valid120 = true;}if(valid120){if(data104.attackVector !== undefined){let data107 = data104.attackVector;const _errs325 = errors;if(typeof data107 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data107 === "NETWORK") || (data107 === "ADJACENT_NETWORK")) || (data107 === "LOCAL")) || (data107 === "PHYSICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType/enum",keyword:"enum",params:{allowedValues: schema146.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs325 === errors;}else {var valid120 = true;}if(valid120){if(data104.attackComplexity !== undefined){let data108 = data104.attackComplexity;const _errs328 = errors;if(typeof data108 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data108 === "HIGH") || (data108 === "LOW"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType/enum",keyword:"enum",params:{allowedValues: schema147.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs328 === errors;}else {var valid120 = true;}if(valid120){if(data104.privilegesRequired !== undefined){let data109 = data104.privilegesRequired;const _errs331 = errors;if(typeof data109 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data109 === "HIGH") || (data109 === "LOW")) || (data109 === "NONE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType/enum",keyword:"enum",params:{allowedValues: schema148.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs331 === errors;}else {var valid120 = true;}if(valid120){if(data104.userInteraction !== undefined){let data110 = data104.userInteraction;const _errs334 = errors;if(typeof data110 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data110 === "NONE") || (data110 === "REQUIRED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType/enum",keyword:"enum",params:{allowedValues: schema149.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs334 === errors;}else {var valid120 = true;}if(valid120){if(data104.scope !== undefined){let data111 = data104.scope;const _errs337 = errors;if(typeof data111 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((data111 === "UNCHANGED") || (data111 === "CHANGED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType/enum",keyword:"enum",params:{allowedValues: schema150.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs337 === errors;}else {var valid120 = true;}if(valid120){if(data104.confidentialityImpact !== undefined){let data112 = data104.confidentialityImpact;const _errs340 = errors;if(typeof data112 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data112 === "NONE") || (data112 === "LOW")) || (data112 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema151.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs340 === errors;}else {var valid120 = true;}if(valid120){if(data104.integrityImpact !== undefined){let data113 = data104.integrityImpact;const _errs343 = errors;if(typeof data113 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data113 === "NONE") || (data113 === "LOW")) || (data113 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema151.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs343 === errors;}else {var valid120 = true;}if(valid120){if(data104.availabilityImpact !== undefined){let data114 = data104.availabilityImpact;const _errs346 = errors;if(typeof data114 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data114 === "NONE") || (data114 === "LOW")) || (data114 === "HIGH"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema151.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs346 === errors;}else {var valid120 = true;}if(valid120){if(data104.baseScore !== undefined){let data115 = data104.baseScore;const _errs349 = errors;const _errs350 = errors;if(errors === _errs350){if((typeof data115 == "number") && (isFinite(data115))){if(data115 > 10 || isNaN(data115)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data115 < 0 || isNaN(data115)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid120 = _errs349 === errors;}else {var valid120 = true;}if(valid120){if(data104.baseSeverity !== undefined){let data116 = data104.baseSeverity;const _errs352 = errors;if(typeof data116 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data116 === "NONE") || (data116 === "LOW")) || (data116 === "MEDIUM")) || (data116 === "HIGH")) || (data116 === "CRITICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/enum",keyword:"enum",params:{allowedValues: schema155.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs352 === errors;}else {var valid120 = true;}if(valid120){if(data104.exploitCodeMaturity !== undefined){let data117 = data104.exploitCodeMaturity;const _errs355 = errors;if(typeof data117 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data117 === "UNPROVEN") || (data117 === "PROOF_OF_CONCEPT")) || (data117 === "FUNCTIONAL")) || (data117 === "HIGH")) || (data117 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType/enum",keyword:"enum",params:{allowedValues: schema156.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs355 === errors;}else {var valid120 = true;}if(valid120){if(data104.remediationLevel !== undefined){let data118 = data104.remediationLevel;const _errs358 = errors;if(typeof data118 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data118 === "OFFICIAL_FIX") || (data118 === "TEMPORARY_FIX")) || (data118 === "WORKAROUND")) || (data118 === "UNAVAILABLE")) || (data118 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType/enum",keyword:"enum",params:{allowedValues: schema157.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs358 === errors;}else {var valid120 = true;}if(valid120){if(data104.reportConfidence !== undefined){let data119 = data104.reportConfidence;const _errs361 = errors;if(typeof data119 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data119 === "UNKNOWN") || (data119 === "REASONABLE")) || (data119 === "CONFIRMED")) || (data119 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType/enum",keyword:"enum",params:{allowedValues: schema158.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs361 === errors;}else {var valid120 = true;}if(valid120){if(data104.temporalScore !== undefined){let data120 = data104.temporalScore;const _errs364 = errors;const _errs365 = errors;if(errors === _errs365){if((typeof data120 == "number") && (isFinite(data120))){if(data120 > 10 || isNaN(data120)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data120 < 0 || isNaN(data120)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid120 = _errs364 === errors;}else {var valid120 = true;}if(valid120){if(data104.temporalSeverity !== undefined){let data121 = data104.temporalSeverity;const _errs367 = errors;if(typeof data121 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data121 === "NONE") || (data121 === "LOW")) || (data121 === "MEDIUM")) || (data121 === "HIGH")) || (data121 === "CRITICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/enum",keyword:"enum",params:{allowedValues: schema155.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs367 === errors;}else {var valid120 = true;}if(valid120){if(data104.confidentialityRequirement !== undefined){let data122 = data104.confidentialityRequirement;const _errs370 = errors;if(typeof data122 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data122 === "LOW") || (data122 === "MEDIUM")) || (data122 === "HIGH")) || (data122 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema161.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs370 === errors;}else {var valid120 = true;}if(valid120){if(data104.integrityRequirement !== undefined){let data123 = data104.integrityRequirement;const _errs373 = errors;if(typeof data123 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data123 === "LOW") || (data123 === "MEDIUM")) || (data123 === "HIGH")) || (data123 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema161.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs373 === errors;}else {var valid120 = true;}if(valid120){if(data104.availabilityRequirement !== undefined){let data124 = data104.availabilityRequirement;const _errs376 = errors;if(typeof data124 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data124 === "LOW") || (data124 === "MEDIUM")) || (data124 === "HIGH")) || (data124 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema161.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs376 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedAttackVector !== undefined){let data125 = data104.modifiedAttackVector;const _errs379 = errors;if(typeof data125 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data125 === "NETWORK") || (data125 === "ADJACENT_NETWORK")) || (data125 === "LOCAL")) || (data125 === "PHYSICAL")) || (data125 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType/enum",keyword:"enum",params:{allowedValues: schema164.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs379 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedAttackComplexity !== undefined){let data126 = data104.modifiedAttackComplexity;const _errs382 = errors;if(typeof data126 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data126 === "HIGH") || (data126 === "LOW")) || (data126 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType/enum",keyword:"enum",params:{allowedValues: schema165.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs382 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedPrivilegesRequired !== undefined){let data127 = data104.modifiedPrivilegesRequired;const _errs385 = errors;if(typeof data127 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data127 === "HIGH") || (data127 === "LOW")) || (data127 === "NONE")) || (data127 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType/enum",keyword:"enum",params:{allowedValues: schema166.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs385 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedUserInteraction !== undefined){let data128 = data104.modifiedUserInteraction;const _errs388 = errors;if(typeof data128 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data128 === "NONE") || (data128 === "REQUIRED")) || (data128 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType/enum",keyword:"enum",params:{allowedValues: schema167.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs388 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedScope !== undefined){let data129 = data104.modifiedScope;const _errs391 = errors;if(typeof data129 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data129 === "UNCHANGED") || (data129 === "CHANGED")) || (data129 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType/enum",keyword:"enum",params:{allowedValues: schema168.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs391 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedConfidentialityImpact !== undefined){let data130 = data104.modifiedConfidentialityImpact;const _errs394 = errors;if(typeof data130 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data130 === "NONE") || (data130 === "LOW")) || (data130 === "HIGH")) || (data130 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues: schema169.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs394 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedIntegrityImpact !== undefined){let data131 = data104.modifiedIntegrityImpact;const _errs397 = errors;if(typeof data131 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data131 === "NONE") || (data131 === "LOW")) || (data131 === "HIGH")) || (data131 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues: schema169.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs397 === errors;}else {var valid120 = true;}if(valid120){if(data104.modifiedAvailabilityImpact !== undefined){let data132 = data104.modifiedAvailabilityImpact;const _errs400 = errors;if(typeof data132 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data132 === "NONE") || (data132 === "LOW")) || (data132 === "HIGH")) || (data132 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues: schema169.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs400 === errors;}else {var valid120 = true;}if(valid120){if(data104.environmentalScore !== undefined){let data133 = data104.environmentalScore;const _errs403 = errors;const _errs404 = errors;if(errors === _errs404){if((typeof data133 == "number") && (isFinite(data133))){if(data133 > 10 || isNaN(data133)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data133 < 0 || isNaN(data133)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid120 = _errs403 === errors;}else {var valid120 = true;}if(valid120){if(data104.environmentalSeverity !== undefined){let data134 = data104.environmentalSeverity;const _errs406 = errors;if(typeof data134 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data134 === "NONE") || (data134 === "LOW")) || (data134 === "MEDIUM")) || (data134 === "HIGH")) || (data134 === "CRITICAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/enum",keyword:"enum",params:{allowedValues: schema155.enum},message:"must be equal to one of the allowed values"}];return false;}var valid120 = _errs406 === errors;}else {var valid120 = true;}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV3_0",schemaPath:"#/items/properties/cvssV3_0/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid2 = _errs318 === errors;}else {var valid2 = true;}if(valid2){if(data0.cvssV2_0 !== undefined){let data135 = data0.cvssV2_0;const _errs409 = errors;if(errors === _errs409){if(data135 && typeof data135 == "object" && !Array.isArray(data135)){let missing9;if((((data135.version === undefined) && (missing9 = "version")) || ((data135.vectorString === undefined) && (missing9 = "vectorString"))) || ((data135.baseScore === undefined) && (missing9 = "baseScore"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0",schemaPath:"#/items/properties/cvssV2_0/required",keyword:"required",params:{missingProperty: missing9},message:"must have required property '"+missing9+"'"}];return false;}else {const _errs411 = errors;for(const key5 in data135){if(!(func5.call(schema52.items.properties.cvssV2_0.properties, key5))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0",schemaPath:"#/items/properties/cvssV2_0/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key5},message:"must NOT have additional properties"}];return false;break;}}if(_errs411 === errors){if(data135.version !== undefined){let data136 = data135.version;const _errs412 = errors;if(typeof data136 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/version",schemaPath:"#/items/properties/cvssV2_0/properties/version/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(data136 === "2.0")){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/version",schemaPath:"#/items/properties/cvssV2_0/properties/version/enum",keyword:"enum",params:{allowedValues: schema52.items.properties.cvssV2_0.properties.version.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs412 === errors;}else {var valid149 = true;}if(valid149){if(data135.vectorString !== undefined){let data137 = data135.vectorString;const _errs414 = errors;if(errors === _errs414){if(typeof data137 === "string"){if(!pattern23.test(data137)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/vectorString",schemaPath:"#/items/properties/cvssV2_0/properties/vectorString/pattern",keyword:"pattern",params:{pattern: "^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"},message:"must match pattern \""+"^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"+"\""}];return false;}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/vectorString",schemaPath:"#/items/properties/cvssV2_0/properties/vectorString/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid149 = _errs414 === errors;}else {var valid149 = true;}if(valid149){if(data135.accessVector !== undefined){let data138 = data135.accessVector;const _errs416 = errors;if(typeof data138 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/accessVector",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data138 === "NETWORK") || (data138 === "ADJACENT_NETWORK")) || (data138 === "LOCAL"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/accessVector",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType/enum",keyword:"enum",params:{allowedValues: schema174.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs416 === errors;}else {var valid149 = true;}if(valid149){if(data135.accessComplexity !== undefined){let data139 = data135.accessComplexity;const _errs419 = errors;if(typeof data139 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/accessComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data139 === "HIGH") || (data139 === "MEDIUM")) || (data139 === "LOW"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/accessComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType/enum",keyword:"enum",params:{allowedValues: schema175.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs419 === errors;}else {var valid149 = true;}if(valid149){if(data135.authentication !== undefined){let data140 = data135.authentication;const _errs422 = errors;if(typeof data140 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/authentication",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data140 === "MULTIPLE") || (data140 === "SINGLE")) || (data140 === "NONE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/authentication",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType/enum",keyword:"enum",params:{allowedValues: schema176.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs422 === errors;}else {var valid149 = true;}if(valid149){if(data135.confidentialityImpact !== undefined){let data141 = data135.confidentialityImpact;const _errs425 = errors;if(typeof data141 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data141 === "NONE") || (data141 === "PARTIAL")) || (data141 === "COMPLETE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema177.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs425 === errors;}else {var valid149 = true;}if(valid149){if(data135.integrityImpact !== undefined){let data142 = data135.integrityImpact;const _errs428 = errors;if(typeof data142 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data142 === "NONE") || (data142 === "PARTIAL")) || (data142 === "COMPLETE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema177.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs428 === errors;}else {var valid149 = true;}if(valid149){if(data135.availabilityImpact !== undefined){let data143 = data135.availabilityImpact;const _errs431 = errors;if(typeof data143 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((data143 === "NONE") || (data143 === "PARTIAL")) || (data143 === "COMPLETE"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues: schema177.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs431 === errors;}else {var valid149 = true;}if(valid149){if(data135.baseScore !== undefined){let data144 = data135.baseScore;const _errs434 = errors;const _errs435 = errors;if(errors === _errs435){if((typeof data144 == "number") && (isFinite(data144))){if(data144 > 10 || isNaN(data144)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data144 < 0 || isNaN(data144)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid149 = _errs434 === errors;}else {var valid149 = true;}if(valid149){if(data135.exploitability !== undefined){let data145 = data135.exploitability;const _errs437 = errors;if(typeof data145 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/exploitability",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data145 === "UNPROVEN") || (data145 === "PROOF_OF_CONCEPT")) || (data145 === "FUNCTIONAL")) || (data145 === "HIGH")) || (data145 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/exploitability",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType/enum",keyword:"enum",params:{allowedValues: schema181.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs437 === errors;}else {var valid149 = true;}if(valid149){if(data135.remediationLevel !== undefined){let data146 = data135.remediationLevel;const _errs440 = errors;if(typeof data146 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data146 === "OFFICIAL_FIX") || (data146 === "TEMPORARY_FIX")) || (data146 === "WORKAROUND")) || (data146 === "UNAVAILABLE")) || (data146 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType/enum",keyword:"enum",params:{allowedValues: schema182.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs440 === errors;}else {var valid149 = true;}if(valid149){if(data135.reportConfidence !== undefined){let data147 = data135.reportConfidence;const _errs443 = errors;if(typeof data147 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data147 === "UNCONFIRMED") || (data147 === "UNCORROBORATED")) || (data147 === "CONFIRMED")) || (data147 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType/enum",keyword:"enum",params:{allowedValues: schema183.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs443 === errors;}else {var valid149 = true;}if(valid149){if(data135.temporalScore !== undefined){let data148 = data135.temporalScore;const _errs446 = errors;const _errs447 = errors;if(errors === _errs447){if((typeof data148 == "number") && (isFinite(data148))){if(data148 > 10 || isNaN(data148)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data148 < 0 || isNaN(data148)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid149 = _errs446 === errors;}else {var valid149 = true;}if(valid149){if(data135.collateralDamagePotential !== undefined){let data149 = data135.collateralDamagePotential;const _errs449 = errors;if(typeof data149 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/collateralDamagePotential",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((((data149 === "NONE") || (data149 === "LOW")) || (data149 === "LOW_MEDIUM")) || (data149 === "MEDIUM_HIGH")) || (data149 === "HIGH")) || (data149 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/collateralDamagePotential",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType/enum",keyword:"enum",params:{allowedValues: schema185.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs449 === errors;}else {var valid149 = true;}if(valid149){if(data135.targetDistribution !== undefined){let data150 = data135.targetDistribution;const _errs452 = errors;if(typeof data150 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/targetDistribution",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(((((data150 === "NONE") || (data150 === "LOW")) || (data150 === "MEDIUM")) || (data150 === "HIGH")) || (data150 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/targetDistribution",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType/enum",keyword:"enum",params:{allowedValues: schema186.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs452 === errors;}else {var valid149 = true;}if(valid149){if(data135.confidentialityRequirement !== undefined){let data151 = data135.confidentialityRequirement;const _errs455 = errors;if(typeof data151 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data151 === "LOW") || (data151 === "MEDIUM")) || (data151 === "HIGH")) || (data151 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema187.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs455 === errors;}else {var valid149 = true;}if(valid149){if(data135.integrityRequirement !== undefined){let data152 = data135.integrityRequirement;const _errs458 = errors;if(typeof data152 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data152 === "LOW") || (data152 === "MEDIUM")) || (data152 === "HIGH")) || (data152 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema187.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs458 === errors;}else {var valid149 = true;}if(valid149){if(data135.availabilityRequirement !== undefined){let data153 = data135.availabilityRequirement;const _errs461 = errors;if(typeof data153 !== "string"){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((data153 === "LOW") || (data153 === "MEDIUM")) || (data153 === "HIGH")) || (data153 === "NOT_DEFINED"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues: schema187.enum},message:"must be equal to one of the allowed values"}];return false;}var valid149 = _errs461 === errors;}else {var valid149 = true;}if(valid149){if(data135.environmentalScore !== undefined){let data154 = data135.environmentalScore;const _errs464 = errors;const _errs465 = errors;if(errors === _errs465){if((typeof data154 == "number") && (isFinite(data154))){if(data154 > 10 || isNaN(data154)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison: "<=", limit: 10},message:"must be <= 10"}];return false;}else {if(data154 < 0 || isNaN(data154)){validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison: ">=", limit: 0},message:"must be >= 0"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/type",keyword:"type",params:{type: "number"},message:"must be number"}];return false;}}var valid149 = _errs464 === errors;}else {var valid149 = true;}}}}}}}}}}}}}}}}}}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/cvssV2_0",schemaPath:"#/items/properties/cvssV2_0/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid2 = _errs409 === errors;}else {var valid2 = true;}if(valid2){if(data0.other !== undefined){let data155 = data0.other;const _errs467 = errors;if(errors === _errs467){if(data155 && typeof data155 == "object" && !Array.isArray(data155)){let missing10;if(((data155.type === undefined) && (missing10 = "type")) || ((data155.content === undefined) && (missing10 = "content"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/other",schemaPath:"#/items/properties/other/required",keyword:"required",params:{missingProperty: missing10},message:"must have required property '"+missing10+"'"}];return false;}else {const _errs469 = errors;for(const key6 in data155){if(!((key6 === "type") || (key6 === "content"))){validate36.errors = [{instancePath:instancePath+"/" + i0+"/other",schemaPath:"#/items/properties/other/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key6},message:"must NOT have additional properties"}];return false;break;}}if(_errs469 === errors){if(data155.type !== undefined){let data156 = data155.type;const _errs470 = errors;if(errors === _errs470){if(typeof data156 === "string"){if(func6(data156) > 128){validate36.errors = [{instancePath:instancePath+"/" + i0+"/other/type",schemaPath:"#/items/properties/other/properties/type/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data156) < 1){validate36.errors = [{instancePath:instancePath+"/" + i0+"/other/type",schemaPath:"#/items/properties/other/properties/type/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/other/type",schemaPath:"#/items/properties/other/properties/type/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid167 = _errs470 === errors;}else {var valid167 = true;}if(valid167){if(data155.content !== undefined){let data157 = data155.content;const _errs472 = errors;if(errors === _errs472){if(data157 && typeof data157 == "object" && !Array.isArray(data157)){if(Object.keys(data157).length < 1){validate36.errors = [{instancePath:instancePath+"/" + i0+"/other/content",schemaPath:"#/items/properties/other/properties/content/minProperties",keyword:"minProperties",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/other/content",schemaPath:"#/items/properties/other/properties/content/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid167 = _errs472 === errors;}else {var valid167 = true;}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0+"/other",schemaPath:"#/items/properties/other/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid2 = _errs467 === errors;}else {var valid2 = true;}}}}}}}}}else {validate36.errors = [{instancePath:instancePath+"/" + i0,schemaPath:"#/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid0 = _errs1 === errors;if(!valid0){break;}}if(valid0){let i3 = data.length;let j1;if(i3 > 1){outer1:for(;i3--;){for(j1 = i3; j1--;){if(func0(data[i3], data[j1])){validate36.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i3, j: j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1;}}}}}}}else {validate36.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate36.errors = vErrors;return errors === 0;}const schema191 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}};function validate38(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate38.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate38.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate38.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate38.errors = vErrors;return errors === 0;}const schema192 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}};function validate41(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate41.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate41.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate41.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate41.errors = vErrors;return errors === 0;}const schema193 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}};function validate44(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate44.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate44.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate44.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate44.errors = vErrors;return errors === 0;}const schema194 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/description"}};function validate47(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate47.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate47.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate47.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate47.errors = vErrors;return errors === 0;}const schema195 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","required":["time","lang","value"],"properties":{"time":{"$ref":"#/definitions/timestamp"},"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","minLength":1,"maxLength":4096}},"additionalProperties":false}};function validate50(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate50.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 4096){validate50.errors = [{instancePath:instancePath+"/" + i0+"/value",schemaPath:"#/items/properties/value/maxLength",keyword:"maxLength",params:{limit: 4096},message:"must NOT have more than 4096 characters"}];return false;}else {if(func6(data3) < 1){validate50.errors = [{instancePath:instancePath+"/" + i0+"/value",schemaPath:"#/items/properties/value/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate50.errors = [{instancePath:instancePath+"/" + i0+"/value",schemaPath:"#/items/properties/value/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid1 = _errs10 === errors;}else {var valid1 = true;}}}}}}else {validate50.errors = [{instancePath:instancePath+"/" + i0,schemaPath:"#/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid0 = _errs1 === errors;if(!valid0){break;}}if(valid0){let i1 = data.length;let j0;if(i1 > 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate50.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate50.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate50.errors = vErrors;return errors === 0;}const schema198 = {"type":"array","minItems":1,"uniqueItems":true,"items":{"type":"object","properties":{"lang":{"$ref":"#/definitions/language"},"value":{"type":"string","minLength":1,"maxLength":4096},"user":{"$ref":"#/definitions/uuidType"},"type":{"type":"string","default":"finder","enum":["finder","reporter","analyst","coordinator","remediation developer","remediation reviewer","remediation verifier","tool","sponsor","other"]}},"additionalProperties":false,"required":["lang","value"]}};function validate52(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate52.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 4096){validate52.errors = [{instancePath:instancePath+"/" + i0+"/value",schemaPath:"#/items/properties/value/maxLength",keyword:"maxLength",params:{limit: 4096},message:"must NOT have more than 4096 characters"}];return false;}else {if(func6(data2) < 1){validate52.errors = [{instancePath:instancePath+"/" + i0+"/value",schemaPath:"#/items/properties/value/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate52.errors = [{instancePath:instancePath+"/" + i0+"/value",schemaPath:"#/items/properties/value/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid1 = _errs7 === errors;}else {var valid1 = true;}if(valid1){if(data0.user !== undefined){let data3 = data0.user;const _errs9 = errors;const _errs10 = errors;if(errors === _errs10){if(typeof data3 === "string"){if(!pattern2.test(data3)){validate52.errors = [{instancePath:instancePath+"/" + i0+"/user",schemaPath:"#/definitions/uuidType/pattern",keyword:"pattern",params:{pattern: "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:"must match pattern \""+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+"\""}];return false;}}else {validate52.errors = [{instancePath:instancePath+"/" + i0+"/user",schemaPath:"#/definitions/uuidType/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid1 = _errs9 === errors;}else {var valid1 = true;}if(valid1){if(data0.type !== undefined){let data4 = data0.type;const _errs12 = errors;if(typeof data4 !== "string"){validate52.errors = [{instancePath:instancePath+"/" + i0+"/type",schemaPath:"#/items/properties/type/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!((((((((((data4 === "finder") || (data4 === "reporter")) || (data4 === "analyst")) || (data4 === "coordinator")) || (data4 === "remediation developer")) || (data4 === "remediation reviewer")) || (data4 === "remediation verifier")) || (data4 === "tool")) || (data4 === "sponsor")) || (data4 === "other"))){validate52.errors = [{instancePath:instancePath+"/" + i0+"/type",schemaPath:"#/items/properties/type/enum",keyword:"enum",params:{allowedValues: schema198.items.properties.type.enum},message:"must be equal to one of the allowed values"}];return false;}var valid1 = _errs12 === errors;}else {var valid1 = true;}}}}}}}else {validate52.errors = [{instancePath:instancePath+"/" + i0,schemaPath:"#/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid0 = _errs1 === errors;if(!valid0){break;}}if(valid0){let i1 = data.length;let j0;if(i1 > 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate52.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate52.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate52.errors = vErrors;return errors === 0;}const schema202 = {"type":"array","uniqueItems":true,"minItems":1,"items":{"oneOf":[{"$ref":"#/definitions/tagExtension"},{"$schema":"http://json-schema.org/draft-07/schema#","$id":"https://cve.mitre.org/cve/v5_00/tags/cna/","type":"string","enum":["unsupported-when-assigned","exclusively-hosted-service","disputed"]}]}};function validate54(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate54.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 128){const err0 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"};if(vErrors === null){vErrors = [err0];}else {vErrors.push(err0);}errors++;}else {if(func6(data0) < 2){const err1 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/minLength",keyword:"minLength",params:{limit: 2},message:"must NOT have fewer than 2 characters"};if(vErrors === null){vErrors = [err1];}else {vErrors.push(err1);}errors++;}else {if(!pattern17.test(data0)){const err2 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/pattern",keyword:"pattern",params:{pattern: "^x_.*$"},message:"must match pattern \""+"^x_.*$"+"\""};if(vErrors === null){vErrors = [err2];}else {vErrors.push(err2);}errors++;}}}}else {const err3 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err3];}else {vErrors.push(err3);}errors++;}}var _valid0 = _errs3 === errors;if(_valid0){valid1 = true;passing0 = 0;}const _errs7 = errors;if(typeof data0 !== "string"){const err4 = {instancePath:instancePath+"/" + i0,schemaPath:"#/items/oneOf/1/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err4];}else {vErrors.push(err4);}errors++;}if(!(((data0 === "unsupported-when-assigned") || (data0 === "exclusively-hosted-service")) || (data0 === "disputed"))){const err5 = {instancePath:instancePath+"/" + i0,schemaPath:"#/items/oneOf/1/enum",keyword:"enum",params:{allowedValues: schema202.items.oneOf[1].enum},message:"must be equal to one of the allowed values"};if(vErrors === null){vErrors = [err5];}else {vErrors.push(err5);}errors++;}var _valid0 = _errs7 === errors;if(_valid0 && valid1){valid1 = false;passing0 = [passing0, 1];}else {if(_valid0){valid1 = true;passing0 = 1;}}if(!valid1){const err6 = {instancePath:instancePath+"/" + i0,schemaPath:"#/items/oneOf",keyword:"oneOf",params:{passingSchemas: passing0},message:"must match exactly one schema in oneOf"};if(vErrors === null){vErrors = [err6];}else {vErrors.push(err6);}errors++;validate54.errors = vErrors;return false;}else {errors = _errs2;if(vErrors !== null){if(_errs2){vErrors.length = _errs2;}else {vErrors = null;}}}var valid0 = _errs1 === errors;if(!valid0){break;}}if(valid0){let i1 = data.length;let j0;if(i1 > 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate54.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate54.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate54.errors = vErrors;return errors === 0;}function validate13(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if(((((data.providerMetadata === undefined) && (missing0 = "providerMetadata")) || ((data.descriptions === undefined) && (missing0 = "descriptions"))) || ((data.affected === undefined) && (missing0 = "affected"))) || ((data.references === undefined) && (missing0 = "references"))){validate13.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {const _errs2 = errors;for(const key0 in data){if(!((func5.call(schema22.properties, key0)) || (pattern7.test(key0)))){validate13.errors = [{instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"}];return false;break;}}if(_errs2 === errors){if(data.providerMetadata !== undefined){const _errs3 = errors;if(!(validate14(data.providerMetadata, {instancePath:instancePath+"/providerMetadata",parentData:data,parentDataProperty:"providerMetadata",rootData}))){vErrors = vErrors === null ? validate14.errors : vErrors.concat(validate14.errors);errors = vErrors.length;}var valid0 = _errs3 === errors;}else {var valid0 = true;}if(valid0){if(data.dateAssigned !== undefined){let data1 = data.dateAssigned;const _errs4 = errors;const _errs5 = errors;if(errors === _errs5){if(errors === _errs5){if(typeof data1 === "string"){if(!pattern4.test(data1)){validate13.errors = [{instancePath:instancePath+"/dateAssigned",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data1))){validate13.errors = [{instancePath:instancePath+"/dateAssigned",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/dateAssigned",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs4 === errors;}else {var valid0 = true;}if(valid0){if(data.datePublic !== undefined){let data2 = data.datePublic;const _errs7 = errors;const _errs8 = errors;if(errors === _errs8){if(errors === _errs8){if(typeof data2 === "string"){if(!pattern4.test(data2)){validate13.errors = [{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data2))){validate13.errors = [{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs7 === errors;}else {var valid0 = true;}if(valid0){if(data.title !== undefined){let data3 = data.title;const _errs10 = errors;if(errors === _errs10){if(typeof data3 === "string"){if(func6(data3) > 256){validate13.errors = [{instancePath:instancePath+"/title",schemaPath:"#/properties/title/maxLength",keyword:"maxLength",params:{limit: 256},message:"must NOT have more than 256 characters"}];return false;}else {if(func6(data3) < 1){validate13.errors = [{instancePath:instancePath+"/title",schemaPath:"#/properties/title/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/title",schemaPath:"#/properties/title/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs10 === errors;}else {var valid0 = true;}if(valid0){if(data.descriptions !== undefined){const _errs12 = errors;if(!(validate16(data.descriptions, {instancePath:instancePath+"/descriptions",parentData:data,parentDataProperty:"descriptions",rootData}))){vErrors = vErrors === null ? validate16.errors : vErrors.concat(validate16.errors);errors = vErrors.length;}var valid0 = _errs12 === errors;}else {var valid0 = true;}if(valid0){if(data.affected !== undefined){const _errs13 = errors;if(!(validate22(data.affected, {instancePath:instancePath+"/affected",parentData:data,parentDataProperty:"affected",rootData}))){vErrors = vErrors === null ? validate22.errors : vErrors.concat(validate22.errors);errors = vErrors.length;}var valid0 = _errs13 === errors;}else {var valid0 = true;}if(valid0){if(data.problemTypes !== undefined){const _errs14 = errors;if(!(validate26(data.problemTypes, {instancePath:instancePath+"/problemTypes",parentData:data,parentDataProperty:"problemTypes",rootData}))){vErrors = vErrors === null ? validate26.errors : vErrors.concat(validate26.errors);errors = vErrors.length;}var valid0 = _errs14 === errors;}else {var valid0 = true;}if(valid0){if(data.references !== undefined){const _errs15 = errors;if(!(validate27(data.references, {instancePath:instancePath+"/references",parentData:data,parentDataProperty:"references",rootData}))){vErrors = vErrors === null ? validate27.errors : vErrors.concat(validate27.errors);errors = vErrors.length;}var valid0 = _errs15 === errors;}else {var valid0 = true;}if(valid0){if(data.impacts !== undefined){const _errs16 = errors;if(!(validate33(data.impacts, {instancePath:instancePath+"/impacts",parentData:data,parentDataProperty:"impacts",rootData}))){vErrors = vErrors === null ? validate33.errors : vErrors.concat(validate33.errors);errors = vErrors.length;}var valid0 = _errs16 === errors;}else {var valid0 = true;}if(valid0){if(data.metrics !== undefined){const _errs17 = errors;if(!(validate36(data.metrics, {instancePath:instancePath+"/metrics",parentData:data,parentDataProperty:"metrics",rootData}))){vErrors = vErrors === null ? validate36.errors : vErrors.concat(validate36.errors);errors = vErrors.length;}var valid0 = _errs17 === errors;}else {var valid0 = true;}if(valid0){if(data.configurations !== undefined){const _errs18 = errors;if(!(validate38(data.configurations, {instancePath:instancePath+"/configurations",parentData:data,parentDataProperty:"configurations",rootData}))){vErrors = vErrors === null ? validate38.errors : vErrors.concat(validate38.errors);errors = vErrors.length;}var valid0 = _errs18 === errors;}else {var valid0 = true;}if(valid0){if(data.workarounds !== undefined){const _errs19 = errors;if(!(validate41(data.workarounds, {instancePath:instancePath+"/workarounds",parentData:data,parentDataProperty:"workarounds",rootData}))){vErrors = vErrors === null ? validate41.errors : vErrors.concat(validate41.errors);errors = vErrors.length;}var valid0 = _errs19 === errors;}else {var valid0 = true;}if(valid0){if(data.solutions !== undefined){const _errs20 = errors;if(!(validate44(data.solutions, {instancePath:instancePath+"/solutions",parentData:data,parentDataProperty:"solutions",rootData}))){vErrors = vErrors === null ? validate44.errors : vErrors.concat(validate44.errors);errors = vErrors.length;}var valid0 = _errs20 === errors;}else {var valid0 = true;}if(valid0){if(data.exploits !== undefined){const _errs21 = errors;if(!(validate47(data.exploits, {instancePath:instancePath+"/exploits",parentData:data,parentDataProperty:"exploits",rootData}))){vErrors = vErrors === null ? validate47.errors : vErrors.concat(validate47.errors);errors = vErrors.length;}var valid0 = _errs21 === errors;}else {var valid0 = true;}if(valid0){if(data.timeline !== undefined){const _errs22 = errors;if(!(validate50(data.timeline, {instancePath:instancePath+"/timeline",parentData:data,parentDataProperty:"timeline",rootData}))){vErrors = vErrors === null ? validate50.errors : vErrors.concat(validate50.errors);errors = vErrors.length;}var valid0 = _errs22 === errors;}else {var valid0 = true;}if(valid0){if(data.credits !== undefined){const _errs23 = errors;if(!(validate52(data.credits, {instancePath:instancePath+"/credits",parentData:data,parentDataProperty:"credits",rootData}))){vErrors = vErrors === null ? validate52.errors : vErrors.concat(validate52.errors);errors = vErrors.length;}var valid0 = _errs23 === errors;}else {var valid0 = true;}if(valid0){if(data.source !== undefined){let data16 = data.source;const _errs24 = errors;const _errs25 = errors;if(errors === _errs25){if(data16 && typeof data16 == "object" && !Array.isArray(data16)){if(Object.keys(data16).length < 1){validate13.errors = [{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/minProperties",keyword:"minProperties",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}}else {validate13.errors = [{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid0 = _errs24 === errors;}else {var valid0 = true;}if(valid0){if(data.tags !== undefined){const _errs27 = errors;if(!(validate54(data.tags, {instancePath:instancePath+"/tags",parentData:data,parentDataProperty:"tags",rootData}))){vErrors = vErrors === null ? validate54.errors : vErrors.concat(validate54.errors);errors = vErrors.length;}var valid0 = _errs27 === errors;}else {var valid0 = true;}if(valid0){if(data.taxonomyMappings !== undefined){let data18 = data.taxonomyMappings;const _errs28 = errors;const _errs29 = errors;if(errors === _errs29){if(Array.isArray(data18)){if(data18.length < 1){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid5 = true;const len0 = data18.length;for(let i0=0; i0 128){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data20) < 1){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid6 = _errs34 === errors;}else {var valid6 = true;}if(valid6){if(data19.taxonomyVersion !== undefined){let data21 = data19.taxonomyVersion;const _errs36 = errors;if(errors === _errs36){if(typeof data21 === "string"){if(func6(data21) > 128){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data21) < 1){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid6 = _errs36 === errors;}else {var valid6 = true;}if(valid6){if(data19.taxonomyRelations !== undefined){let data22 = data19.taxonomyRelations;const _errs38 = errors;if(errors === _errs38){if(Array.isArray(data22)){if(data22.length < 1){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid7 = true;const len1 = data22.length;for(let i1=0; i1 2048){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data24) < 1){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid8 = _errs43 === errors;}else {var valid8 = true;}if(valid8){if(data23.relationshipName !== undefined){let data25 = data23.relationshipName;const _errs45 = errors;if(errors === _errs45){if(typeof data25 === "string"){if(func6(data25) > 128){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data25) < 1){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid8 = _errs45 === errors;}else {var valid8 = true;}if(valid8){if(data23.relationshipValue !== undefined){let data26 = data23.relationshipValue;const _errs47 = errors;if(errors === _errs47){if(typeof data26 === "string"){if(func6(data26) > 2048){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data26) < 1){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid8 = _errs47 === errors;}else {var valid8 = true;}}}}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1,schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid7 = _errs40 === errors;if(!valid7){break;}}if(valid7){let i2 = data22.length;let j0;if(i2 > 1){outer0:for(;i2--;){for(j0 = i2; j0--;){if(func0(data22[i2], data22[j0])){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/uniqueItems",keyword:"uniqueItems",params:{i: i2, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0;}}}}}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid6 = _errs38 === errors;}else {var valid6 = true;}}}}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0,schemaPath:"#/definitions/taxonomyMappings/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid5 = _errs31 === errors;if(!valid5){break;}}if(valid5){let i3 = data18.length;let j1;if(i3 > 1){outer1:for(;i3--;){for(j1 = i3; j1--;){if(func0(data18[i3], data18[j1])){validate13.errors = [{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/uniqueItems",keyword:"uniqueItems",params:{i: i3, j: j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1;}}}}}}}else {validate13.errors = [{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid0 = _errs28 === errors;}else {var valid0 = true;}}}}}}}}}}}}}}}}}}}}}}else {validate13.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate13.errors = vErrors;return errors === 0;}const schema205 = {"type":"object","properties":{"providerMetadata":{"$ref":"#/definitions/providerMetadata"},"datePublic":{"$ref":"#/definitions/timestamp"},"title":{"type":"string","minLength":1,"maxLength":256},"descriptions":{"$ref":"#/definitions/descriptions"},"affected":{"$ref":"#/definitions/affected"},"problemTypes":{"$ref":"#/definitions/problemTypes"},"references":{"$ref":"#/definitions/references"},"impacts":{"$ref":"#/definitions/impacts"},"metrics":{"$ref":"#/definitions/metrics"},"configurations":{"$ref":"#/definitions/configurations"},"workarounds":{"$ref":"#/definitions/workarounds"},"solutions":{"$ref":"#/definitions/solutions"},"exploits":{"$ref":"#/definitions/exploits"},"timeline":{"$ref":"#/definitions/timeline"},"credits":{"$ref":"#/definitions/credits"},"source":{"$ref":"#/definitions/source"},"tags":{"$ref":"#/definitions/adpTags"},"taxonomyMappings":{"$ref":"#/definitions/taxonomyMappings"}},"required":["providerMetadata"],"minProperties":2,"patternProperties":{"^x_[^.]*$":{}},"$comment":"The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.","additionalProperties":false};const schema208 = {"type":"array","uniqueItems":true,"minItems":1,"items":{"oneOf":[{"$ref":"#/definitions/tagExtension"},{"$schema":"http://json-schema.org/draft-07/schema#","$id":"https://cve.mitre.org/cve/v5_00/tags/adp/","type":"string","enum":["disputed"]}]}};function validate71(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(Array.isArray(data)){if(data.length < 1){validate71.errors = [{instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid0 = true;const len0 = data.length;for(let i0=0; i0 128){const err0 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"};if(vErrors === null){vErrors = [err0];}else {vErrors.push(err0);}errors++;}else {if(func6(data0) < 2){const err1 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/minLength",keyword:"minLength",params:{limit: 2},message:"must NOT have fewer than 2 characters"};if(vErrors === null){vErrors = [err1];}else {vErrors.push(err1);}errors++;}else {if(!pattern17.test(data0)){const err2 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/pattern",keyword:"pattern",params:{pattern: "^x_.*$"},message:"must match pattern \""+"^x_.*$"+"\""};if(vErrors === null){vErrors = [err2];}else {vErrors.push(err2);}errors++;}}}}else {const err3 = {instancePath:instancePath+"/" + i0,schemaPath:"#/definitions/tagExtension/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err3];}else {vErrors.push(err3);}errors++;}}var _valid0 = _errs3 === errors;if(_valid0){valid1 = true;passing0 = 0;}const _errs7 = errors;if(typeof data0 !== "string"){const err4 = {instancePath:instancePath+"/" + i0,schemaPath:"#/items/oneOf/1/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err4];}else {vErrors.push(err4);}errors++;}if(!(data0 === "disputed")){const err5 = {instancePath:instancePath+"/" + i0,schemaPath:"#/items/oneOf/1/enum",keyword:"enum",params:{allowedValues: schema208.items.oneOf[1].enum},message:"must be equal to one of the allowed values"};if(vErrors === null){vErrors = [err5];}else {vErrors.push(err5);}errors++;}var _valid0 = _errs7 === errors;if(_valid0 && valid1){valid1 = false;passing0 = [passing0, 1];}else {if(_valid0){valid1 = true;passing0 = 1;}}if(!valid1){const err6 = {instancePath:instancePath+"/" + i0,schemaPath:"#/items/oneOf",keyword:"oneOf",params:{passingSchemas: passing0},message:"must match exactly one schema in oneOf"};if(vErrors === null){vErrors = [err6];}else {vErrors.push(err6);}errors++;validate71.errors = vErrors;return false;}else {errors = _errs2;if(vErrors !== null){if(_errs2){vErrors.length = _errs2;}else {vErrors = null;}}}var valid0 = _errs1 === errors;if(!valid0){break;}}if(valid0){let i1 = data.length;let j0;if(i1 > 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data[i1], data[j0])){validate71.errors = [{instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate71.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}validate71.errors = vErrors;return errors === 0;}function validate57(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){if(Object.keys(data).length < 2){validate57.errors = [{instancePath,schemaPath:"#/minProperties",keyword:"minProperties",params:{limit: 2},message:"must NOT have fewer than 2 items"}];return false;}else {let missing0;if((data.providerMetadata === undefined) && (missing0 = "providerMetadata")){validate57.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {const _errs2 = errors;for(const key0 in data){if(!((func5.call(schema205.properties, key0)) || (pattern7.test(key0)))){validate57.errors = [{instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"}];return false;break;}}if(_errs2 === errors){if(data.providerMetadata !== undefined){const _errs3 = errors;if(!(validate14(data.providerMetadata, {instancePath:instancePath+"/providerMetadata",parentData:data,parentDataProperty:"providerMetadata",rootData}))){vErrors = vErrors === null ? validate14.errors : vErrors.concat(validate14.errors);errors = vErrors.length;}var valid0 = _errs3 === errors;}else {var valid0 = true;}if(valid0){if(data.datePublic !== undefined){let data1 = data.datePublic;const _errs4 = errors;const _errs5 = errors;if(errors === _errs5){if(errors === _errs5){if(typeof data1 === "string"){if(!pattern4.test(data1)){validate57.errors = [{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data1))){validate57.errors = [{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate57.errors = [{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs4 === errors;}else {var valid0 = true;}if(valid0){if(data.title !== undefined){let data2 = data.title;const _errs7 = errors;if(errors === _errs7){if(typeof data2 === "string"){if(func6(data2) > 256){validate57.errors = [{instancePath:instancePath+"/title",schemaPath:"#/properties/title/maxLength",keyword:"maxLength",params:{limit: 256},message:"must NOT have more than 256 characters"}];return false;}else {if(func6(data2) < 1){validate57.errors = [{instancePath:instancePath+"/title",schemaPath:"#/properties/title/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate57.errors = [{instancePath:instancePath+"/title",schemaPath:"#/properties/title/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs7 === errors;}else {var valid0 = true;}if(valid0){if(data.descriptions !== undefined){const _errs9 = errors;if(!(validate16(data.descriptions, {instancePath:instancePath+"/descriptions",parentData:data,parentDataProperty:"descriptions",rootData}))){vErrors = vErrors === null ? validate16.errors : vErrors.concat(validate16.errors);errors = vErrors.length;}var valid0 = _errs9 === errors;}else {var valid0 = true;}if(valid0){if(data.affected !== undefined){const _errs10 = errors;if(!(validate22(data.affected, {instancePath:instancePath+"/affected",parentData:data,parentDataProperty:"affected",rootData}))){vErrors = vErrors === null ? validate22.errors : vErrors.concat(validate22.errors);errors = vErrors.length;}var valid0 = _errs10 === errors;}else {var valid0 = true;}if(valid0){if(data.problemTypes !== undefined){const _errs11 = errors;if(!(validate26(data.problemTypes, {instancePath:instancePath+"/problemTypes",parentData:data,parentDataProperty:"problemTypes",rootData}))){vErrors = vErrors === null ? validate26.errors : vErrors.concat(validate26.errors);errors = vErrors.length;}var valid0 = _errs11 === errors;}else {var valid0 = true;}if(valid0){if(data.references !== undefined){const _errs12 = errors;if(!(validate27(data.references, {instancePath:instancePath+"/references",parentData:data,parentDataProperty:"references",rootData}))){vErrors = vErrors === null ? validate27.errors : vErrors.concat(validate27.errors);errors = vErrors.length;}var valid0 = _errs12 === errors;}else {var valid0 = true;}if(valid0){if(data.impacts !== undefined){const _errs13 = errors;if(!(validate33(data.impacts, {instancePath:instancePath+"/impacts",parentData:data,parentDataProperty:"impacts",rootData}))){vErrors = vErrors === null ? validate33.errors : vErrors.concat(validate33.errors);errors = vErrors.length;}var valid0 = _errs13 === errors;}else {var valid0 = true;}if(valid0){if(data.metrics !== undefined){const _errs14 = errors;if(!(validate36(data.metrics, {instancePath:instancePath+"/metrics",parentData:data,parentDataProperty:"metrics",rootData}))){vErrors = vErrors === null ? validate36.errors : vErrors.concat(validate36.errors);errors = vErrors.length;}var valid0 = _errs14 === errors;}else {var valid0 = true;}if(valid0){if(data.configurations !== undefined){const _errs15 = errors;if(!(validate38(data.configurations, {instancePath:instancePath+"/configurations",parentData:data,parentDataProperty:"configurations",rootData}))){vErrors = vErrors === null ? validate38.errors : vErrors.concat(validate38.errors);errors = vErrors.length;}var valid0 = _errs15 === errors;}else {var valid0 = true;}if(valid0){if(data.workarounds !== undefined){const _errs16 = errors;if(!(validate41(data.workarounds, {instancePath:instancePath+"/workarounds",parentData:data,parentDataProperty:"workarounds",rootData}))){vErrors = vErrors === null ? validate41.errors : vErrors.concat(validate41.errors);errors = vErrors.length;}var valid0 = _errs16 === errors;}else {var valid0 = true;}if(valid0){if(data.solutions !== undefined){const _errs17 = errors;if(!(validate44(data.solutions, {instancePath:instancePath+"/solutions",parentData:data,parentDataProperty:"solutions",rootData}))){vErrors = vErrors === null ? validate44.errors : vErrors.concat(validate44.errors);errors = vErrors.length;}var valid0 = _errs17 === errors;}else {var valid0 = true;}if(valid0){if(data.exploits !== undefined){const _errs18 = errors;if(!(validate47(data.exploits, {instancePath:instancePath+"/exploits",parentData:data,parentDataProperty:"exploits",rootData}))){vErrors = vErrors === null ? validate47.errors : vErrors.concat(validate47.errors);errors = vErrors.length;}var valid0 = _errs18 === errors;}else {var valid0 = true;}if(valid0){if(data.timeline !== undefined){const _errs19 = errors;if(!(validate50(data.timeline, {instancePath:instancePath+"/timeline",parentData:data,parentDataProperty:"timeline",rootData}))){vErrors = vErrors === null ? validate50.errors : vErrors.concat(validate50.errors);errors = vErrors.length;}var valid0 = _errs19 === errors;}else {var valid0 = true;}if(valid0){if(data.credits !== undefined){const _errs20 = errors;if(!(validate52(data.credits, {instancePath:instancePath+"/credits",parentData:data,parentDataProperty:"credits",rootData}))){vErrors = vErrors === null ? validate52.errors : vErrors.concat(validate52.errors);errors = vErrors.length;}var valid0 = _errs20 === errors;}else {var valid0 = true;}if(valid0){if(data.source !== undefined){let data15 = data.source;const _errs21 = errors;const _errs22 = errors;if(errors === _errs22){if(data15 && typeof data15 == "object" && !Array.isArray(data15)){if(Object.keys(data15).length < 1){validate57.errors = [{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/minProperties",keyword:"minProperties",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}}else {validate57.errors = [{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid0 = _errs21 === errors;}else {var valid0 = true;}if(valid0){if(data.tags !== undefined){const _errs24 = errors;if(!(validate71(data.tags, {instancePath:instancePath+"/tags",parentData:data,parentDataProperty:"tags",rootData}))){vErrors = vErrors === null ? validate71.errors : vErrors.concat(validate71.errors);errors = vErrors.length;}var valid0 = _errs24 === errors;}else {var valid0 = true;}if(valid0){if(data.taxonomyMappings !== undefined){let data17 = data.taxonomyMappings;const _errs25 = errors;const _errs26 = errors;if(errors === _errs26){if(Array.isArray(data17)){if(data17.length < 1){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid4 = true;const len0 = data17.length;for(let i0=0; i0 128){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data19) < 1){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid5 = _errs31 === errors;}else {var valid5 = true;}if(valid5){if(data18.taxonomyVersion !== undefined){let data20 = data18.taxonomyVersion;const _errs33 = errors;if(errors === _errs33){if(typeof data20 === "string"){if(func6(data20) > 128){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data20) < 1){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid5 = _errs33 === errors;}else {var valid5 = true;}if(valid5){if(data18.taxonomyRelations !== undefined){let data21 = data18.taxonomyRelations;const _errs35 = errors;if(errors === _errs35){if(Array.isArray(data21)){if(data21.length < 1){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid6 = true;const len1 = data21.length;for(let i1=0; i1 2048){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data23) < 1){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid7 = _errs40 === errors;}else {var valid7 = true;}if(valid7){if(data22.relationshipName !== undefined){let data24 = data22.relationshipName;const _errs42 = errors;if(errors === _errs42){if(typeof data24 === "string"){if(func6(data24) > 128){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/maxLength",keyword:"maxLength",params:{limit: 128},message:"must NOT have more than 128 characters"}];return false;}else {if(func6(data24) < 1){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid7 = _errs42 === errors;}else {var valid7 = true;}if(valid7){if(data22.relationshipValue !== undefined){let data25 = data22.relationshipValue;const _errs44 = errors;if(errors === _errs44){if(typeof data25 === "string"){if(func6(data25) > 2048){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/maxLength",keyword:"maxLength",params:{limit: 2048},message:"must NOT have more than 2048 characters"}];return false;}else {if(func6(data25) < 1){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/minLength",keyword:"minLength",params:{limit: 1},message:"must NOT have fewer than 1 characters"}];return false;}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid7 = _errs44 === errors;}else {var valid7 = true;}}}}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations/" + i1,schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid6 = _errs37 === errors;if(!valid6){break;}}if(valid6){let i2 = data21.length;let j0;if(i2 > 1){outer0:for(;i2--;){for(j0 = i2; j0--;){if(func0(data21[i2], data21[j0])){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/uniqueItems",keyword:"uniqueItems",params:{i: i2, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0;}}}}}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid5 = _errs35 === errors;}else {var valid5 = true;}}}}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings/" + i0,schemaPath:"#/definitions/taxonomyMappings/items/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}var valid4 = _errs28 === errors;if(!valid4){break;}}if(valid4){let i3 = data17.length;let j1;if(i3 > 1){outer1:for(;i3--;){for(j1 = i3; j1--;){if(func0(data17[i3], data17[j1])){validate57.errors = [{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/uniqueItems",keyword:"uniqueItems",params:{i: i3, j: j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1;}}}}}}}else {validate57.errors = [{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid0 = _errs25 === errors;}else {var valid0 = true;}}}}}}}}}}}}}}}}}}}}}}else {validate57.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate57.errors = vErrors;return errors === 0;}const schema213 = {"type":"object","required":["cveId","assignerOrgId","state"],"properties":{"cveId":{"$ref":"#/definitions/cveId"},"assignerOrgId":{"$ref":"#/definitions/orgId"},"assignerShortName":{"$ref":"#/definitions/shortName"},"serial":{"type":"integer","minimum":1},"dateUpdated":{"$ref":"#/definitions/timestamp"},"datePublished":{"$ref":"#/definitions/timestamp"},"dateRejected":{"$ref":"#/definitions/timestamp"},"state":{"type":"string","enum":["REJECTED"]},"dateReserved":{"$ref":"#/definitions/timestamp"}},"additionalProperties":false};function validate74(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if((((data.cveId === undefined) && (missing0 = "cveId")) || ((data.assignerOrgId === undefined) && (missing0 = "assignerOrgId"))) || ((data.state === undefined) && (missing0 = "state"))){validate74.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {const _errs1 = errors;for(const key0 in data){if(!(func5.call(schema213.properties, key0))){validate74.errors = [{instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"}];return false;break;}}if(_errs1 === errors){if(data.cveId !== undefined){let data0 = data.cveId;const _errs2 = errors;const _errs3 = errors;if(errors === _errs3){if(typeof data0 === "string"){if(!pattern1.test(data0)){validate74.errors = [{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/pattern",keyword:"pattern",params:{pattern: "^CVE-[0-9]{4}-[0-9]{4,19}$"},message:"must match pattern \""+"^CVE-[0-9]{4}-[0-9]{4,19}$"+"\""}];return false;}}else {validate74.errors = [{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs2 === errors;}else {var valid0 = true;}if(valid0){if(data.assignerOrgId !== undefined){let data1 = data.assignerOrgId;const _errs5 = errors;const _errs6 = errors;if(errors === _errs6){if(typeof data1 === "string"){if(!pattern2.test(data1)){validate74.errors = [{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/pattern",keyword:"pattern",params:{pattern: "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:"must match pattern \""+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+"\""}];return false;}}else {validate74.errors = [{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs5 === errors;}else {var valid0 = true;}if(valid0){if(data.assignerShortName !== undefined){let data2 = data.assignerShortName;const _errs8 = errors;const _errs9 = errors;if(errors === _errs9){if(typeof data2 === "string"){if(func6(data2) > 32){validate74.errors = [{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/maxLength",keyword:"maxLength",params:{limit: 32},message:"must NOT have more than 32 characters"}];return false;}else {if(func6(data2) < 2){validate74.errors = [{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/minLength",keyword:"minLength",params:{limit: 2},message:"must NOT have fewer than 2 characters"}];return false;}}}else {validate74.errors = [{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}var valid0 = _errs8 === errors;}else {var valid0 = true;}if(valid0){if(data.serial !== undefined){let data3 = data.serial;const _errs11 = errors;if(!(((typeof data3 == "number") && (!(data3 % 1) && !isNaN(data3))) && (isFinite(data3)))){validate74.errors = [{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/type",keyword:"type",params:{type: "integer"},message:"must be integer"}];return false;}if(errors === _errs11){if((typeof data3 == "number") && (isFinite(data3))){if(data3 < 1 || isNaN(data3)){validate74.errors = [{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/minimum",keyword:"minimum",params:{comparison: ">=", limit: 1},message:"must be >= 1"}];return false;}}}var valid0 = _errs11 === errors;}else {var valid0 = true;}if(valid0){if(data.dateUpdated !== undefined){let data4 = data.dateUpdated;const _errs13 = errors;const _errs14 = errors;if(errors === _errs14){if(errors === _errs14){if(typeof data4 === "string"){if(!pattern4.test(data4)){validate74.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data4))){validate74.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate74.errors = [{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs13 === errors;}else {var valid0 = true;}if(valid0){if(data.datePublished !== undefined){let data5 = data.datePublished;const _errs16 = errors;const _errs17 = errors;if(errors === _errs17){if(errors === _errs17){if(typeof data5 === "string"){if(!pattern4.test(data5)){validate74.errors = [{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data5))){validate74.errors = [{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate74.errors = [{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs16 === errors;}else {var valid0 = true;}if(valid0){if(data.dateRejected !== undefined){let data6 = data.dateRejected;const _errs19 = errors;const _errs20 = errors;if(errors === _errs20){if(errors === _errs20){if(typeof data6 === "string"){if(!pattern4.test(data6)){validate74.errors = [{instancePath:instancePath+"/dateRejected",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data6))){validate74.errors = [{instancePath:instancePath+"/dateRejected",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate74.errors = [{instancePath:instancePath+"/dateRejected",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs19 === errors;}else {var valid0 = true;}if(valid0){if(data.state !== undefined){let data7 = data.state;const _errs22 = errors;if(typeof data7 !== "string"){validate74.errors = [{instancePath:instancePath+"/state",schemaPath:"#/properties/state/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}if(!(data7 === "REJECTED")){validate74.errors = [{instancePath:instancePath+"/state",schemaPath:"#/properties/state/enum",keyword:"enum",params:{allowedValues: schema213.properties.state.enum},message:"must be equal to one of the allowed values"}];return false;}var valid0 = _errs22 === errors;}else {var valid0 = true;}if(valid0){if(data.dateReserved !== undefined){let data8 = data.dateReserved;const _errs24 = errors;const _errs25 = errors;if(errors === _errs25){if(errors === _errs25){if(typeof data8 === "string"){if(!pattern4.test(data8)){validate74.errors = [{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern: "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:"must match pattern \""+"^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+"\""}];return false;}else {if(!(formats0.validate(data8))){validate74.errors = [{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format: "date-time"},message:"must match format \""+"date-time"+"\""}];return false;}}}else {validate74.errors = [{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type: "string"},message:"must be string"}];return false;}}}var valid0 = _errs24 === errors;}else {var valid0 = true;}}}}}}}}}}}}else {validate74.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate74.errors = vErrors;return errors === 0;}const schema221 = {"type":"object","properties":{"providerMetadata":{"$ref":"#/definitions/providerMetadata"},"rejectedReasons":{"$ref":"#/definitions/descriptions"},"replacedBy":{"type":"array","minItems":1,"uniqueItems":true,"items":{"$ref":"#/definitions/cveId"}}},"required":["providerMetadata","rejectedReasons"],"patternProperties":{"^x_[^.]*$":{}},"$comment":"The character . is restricted in names allowed by patternProperties to work-around naming limitations in some common implementations.","additionalProperties":false};function validate76(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){let vErrors = null;let errors = 0;if(errors === 0){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if(((data.providerMetadata === undefined) && (missing0 = "providerMetadata")) || ((data.rejectedReasons === undefined) && (missing0 = "rejectedReasons"))){validate76.errors = [{instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"}];return false;}else {const _errs2 = errors;for(const key0 in data){if(!((((key0 === "providerMetadata") || (key0 === "rejectedReasons")) || (key0 === "replacedBy")) || (pattern7.test(key0)))){validate76.errors = [{instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"}];return false;break;}}if(_errs2 === errors){if(data.providerMetadata !== undefined){const _errs3 = errors;if(!(validate14(data.providerMetadata, {instancePath:instancePath+"/providerMetadata",parentData:data,parentDataProperty:"providerMetadata",rootData}))){vErrors = vErrors === null ? validate14.errors : vErrors.concat(validate14.errors);errors = vErrors.length;}var valid0 = _errs3 === errors;}else {var valid0 = true;}if(valid0){if(data.rejectedReasons !== undefined){const _errs4 = errors;if(!(validate16(data.rejectedReasons, {instancePath:instancePath+"/rejectedReasons",parentData:data,parentDataProperty:"rejectedReasons",rootData}))){vErrors = vErrors === null ? validate16.errors : vErrors.concat(validate16.errors);errors = vErrors.length;}var valid0 = _errs4 === errors;}else {var valid0 = true;}if(valid0){if(data.replacedBy !== undefined){let data2 = data.replacedBy;const _errs5 = errors;if(errors === _errs5){if(Array.isArray(data2)){if(data2.length < 1){validate76.errors = [{instancePath:instancePath+"/replacedBy",schemaPath:"#/properties/replacedBy/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"}];return false;}else {var valid1 = true;const len0 = data2.length;for(let i0=0; i0 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data2[i1], data2[j0])){validate76.errors = [{instancePath:instancePath+"/replacedBy",schemaPath:"#/properties/replacedBy/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0;}}}}}}}else {validate76.errors = [{instancePath:instancePath+"/replacedBy",schemaPath:"#/properties/replacedBy/type",keyword:"type",params:{type: "array"},message:"must be array"}];return false;}}var valid0 = _errs5 === errors;}else {var valid0 = true;}}}}}}else {validate76.errors = [{instancePath,schemaPath:"#/type",keyword:"type",params:{type: "object"},message:"must be object"}];return false;}}validate76.errors = vErrors;return errors === 0;}function validate10(data, {instancePath="", parentData, parentDataProperty, rootData=data}={}){/*# sourceURL="https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_bundled.json" */;let vErrors = null;let errors = 0;const _errs0 = errors;let valid0 = false;let passing0 = null;const _errs1 = errors;if(errors === _errs1){if(data && typeof data == "object" && !Array.isArray(data)){let missing0;if(((((data.dataType === undefined) && (missing0 = "dataType")) || ((data.dataVersion === undefined) && (missing0 = "dataVersion"))) || ((data.cveMetadata === undefined) && (missing0 = "cveMetadata"))) || ((data.containers === undefined) && (missing0 = "containers"))){const err0 = {instancePath,schemaPath:"#/oneOf/0/required",keyword:"required",params:{missingProperty: missing0},message:"must have required property '"+missing0+"'"};if(vErrors === null){vErrors = [err0];}else {vErrors.push(err0);}errors++;}else {const _errs3 = errors;for(const key0 in data){if(!((((key0 === "dataType") || (key0 === "dataVersion")) || (key0 === "cveMetadata")) || (key0 === "containers"))){const err1 = {instancePath,schemaPath:"#/oneOf/0/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key0},message:"must NOT have additional properties"};if(vErrors === null){vErrors = [err1];}else {vErrors.push(err1);}errors++;break;}}if(_errs3 === errors){if(data.dataType !== undefined){let data0 = data.dataType;const _errs4 = errors;if(typeof data0 !== "string"){const err2 = {instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err2];}else {vErrors.push(err2);}errors++;}if(!(data0 === "CVE_RECORD")){const err3 = {instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/enum",keyword:"enum",params:{allowedValues: schema12.enum},message:"must be equal to one of the allowed values"};if(vErrors === null){vErrors = [err3];}else {vErrors.push(err3);}errors++;}var valid1 = _errs4 === errors;}else {var valid1 = true;}if(valid1){if(data.dataVersion !== undefined){let data1 = data.dataVersion;const _errs7 = errors;const _errs8 = errors;if(errors === _errs8){if(typeof data1 === "string"){if(!pattern0.test(data1)){const err4 = {instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/pattern",keyword:"pattern",params:{pattern: "^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$"},message:"must match pattern \""+"^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$"+"\""};if(vErrors === null){vErrors = [err4];}else {vErrors.push(err4);}errors++;}}else {const err5 = {instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err5];}else {vErrors.push(err5);}errors++;}}var valid1 = _errs7 === errors;}else {var valid1 = true;}if(valid1){if(data.cveMetadata !== undefined){const _errs10 = errors;if(!(validate11(data.cveMetadata, {instancePath:instancePath+"/cveMetadata",parentData:data,parentDataProperty:"cveMetadata",rootData}))){vErrors = vErrors === null ? validate11.errors : vErrors.concat(validate11.errors);errors = vErrors.length;}var valid1 = _errs10 === errors;}else {var valid1 = true;}if(valid1){if(data.containers !== undefined){let data3 = data.containers;const _errs11 = errors;if(errors === _errs11){if(data3 && typeof data3 == "object" && !Array.isArray(data3)){let missing1;if((data3.cna === undefined) && (missing1 = "cna")){const err6 = {instancePath:instancePath+"/containers",schemaPath:"#/oneOf/0/properties/containers/required",keyword:"required",params:{missingProperty: missing1},message:"must have required property '"+missing1+"'"};if(vErrors === null){vErrors = [err6];}else {vErrors.push(err6);}errors++;}else {const _errs13 = errors;for(const key1 in data3){if(!((key1 === "cna") || (key1 === "adp"))){const err7 = {instancePath:instancePath+"/containers",schemaPath:"#/oneOf/0/properties/containers/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key1},message:"must NOT have additional properties"};if(vErrors === null){vErrors = [err7];}else {vErrors.push(err7);}errors++;break;}}if(_errs13 === errors){if(data3.cna !== undefined){const _errs14 = errors;if(!(validate13(data3.cna, {instancePath:instancePath+"/containers/cna",parentData:data3,parentDataProperty:"cna",rootData}))){vErrors = vErrors === null ? validate13.errors : vErrors.concat(validate13.errors);errors = vErrors.length;}var valid4 = _errs14 === errors;}else {var valid4 = true;}if(valid4){if(data3.adp !== undefined){let data5 = data3.adp;const _errs15 = errors;if(errors === _errs15){if(Array.isArray(data5)){if(data5.length < 1){const err8 = {instancePath:instancePath+"/containers/adp",schemaPath:"#/oneOf/0/properties/containers/properties/adp/minItems",keyword:"minItems",params:{limit: 1},message:"must NOT have fewer than 1 items"};if(vErrors === null){vErrors = [err8];}else {vErrors.push(err8);}errors++;}else {var valid5 = true;const len0 = data5.length;for(let i0=0; i0 1){outer0:for(;i1--;){for(j0 = i1; j0--;){if(func0(data5[i1], data5[j0])){const err9 = {instancePath:instancePath+"/containers/adp",schemaPath:"#/oneOf/0/properties/containers/properties/adp/uniqueItems",keyword:"uniqueItems",params:{i: i1, j: j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"};if(vErrors === null){vErrors = [err9];}else {vErrors.push(err9);}errors++;break outer0;}}}}}}}else {const err10 = {instancePath:instancePath+"/containers/adp",schemaPath:"#/oneOf/0/properties/containers/properties/adp/type",keyword:"type",params:{type: "array"},message:"must be array"};if(vErrors === null){vErrors = [err10];}else {vErrors.push(err10);}errors++;}}var valid4 = _errs15 === errors;}else {var valid4 = true;}}}}}else {const err11 = {instancePath:instancePath+"/containers",schemaPath:"#/oneOf/0/properties/containers/type",keyword:"type",params:{type: "object"},message:"must be object"};if(vErrors === null){vErrors = [err11];}else {vErrors.push(err11);}errors++;}}var valid1 = _errs11 === errors;}else {var valid1 = true;}}}}}}}else {const err12 = {instancePath,schemaPath:"#/oneOf/0/type",keyword:"type",params:{type: "object"},message:"must be object"};if(vErrors === null){vErrors = [err12];}else {vErrors.push(err12);}errors++;}}var _valid0 = _errs1 === errors;if(_valid0){valid0 = true;passing0 = 0;}const _errs18 = errors;if(errors === _errs18){if(data && typeof data == "object" && !Array.isArray(data)){let missing2;if(((((data.dataType === undefined) && (missing2 = "dataType")) || ((data.dataVersion === undefined) && (missing2 = "dataVersion"))) || ((data.cveMetadata === undefined) && (missing2 = "cveMetadata"))) || ((data.containers === undefined) && (missing2 = "containers"))){const err13 = {instancePath,schemaPath:"#/oneOf/1/required",keyword:"required",params:{missingProperty: missing2},message:"must have required property '"+missing2+"'"};if(vErrors === null){vErrors = [err13];}else {vErrors.push(err13);}errors++;}else {const _errs20 = errors;for(const key2 in data){if(!((((key2 === "dataType") || (key2 === "dataVersion")) || (key2 === "cveMetadata")) || (key2 === "containers"))){const err14 = {instancePath,schemaPath:"#/oneOf/1/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key2},message:"must NOT have additional properties"};if(vErrors === null){vErrors = [err14];}else {vErrors.push(err14);}errors++;break;}}if(_errs20 === errors){if(data.dataType !== undefined){let data7 = data.dataType;const _errs21 = errors;if(typeof data7 !== "string"){const err15 = {instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err15];}else {vErrors.push(err15);}errors++;}if(!(data7 === "CVE_RECORD")){const err16 = {instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/enum",keyword:"enum",params:{allowedValues: schema12.enum},message:"must be equal to one of the allowed values"};if(vErrors === null){vErrors = [err16];}else {vErrors.push(err16);}errors++;}var valid7 = _errs21 === errors;}else {var valid7 = true;}if(valid7){if(data.dataVersion !== undefined){let data8 = data.dataVersion;const _errs24 = errors;const _errs25 = errors;if(errors === _errs25){if(typeof data8 === "string"){if(!pattern0.test(data8)){const err17 = {instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/pattern",keyword:"pattern",params:{pattern: "^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$"},message:"must match pattern \""+"^5\\.(0|[1-9][0-9]*)(\\.(0|[1-9][0-9]*))?$"+"\""};if(vErrors === null){vErrors = [err17];}else {vErrors.push(err17);}errors++;}}else {const err18 = {instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/type",keyword:"type",params:{type: "string"},message:"must be string"};if(vErrors === null){vErrors = [err18];}else {vErrors.push(err18);}errors++;}}var valid7 = _errs24 === errors;}else {var valid7 = true;}if(valid7){if(data.cveMetadata !== undefined){const _errs27 = errors;if(!(validate74(data.cveMetadata, {instancePath:instancePath+"/cveMetadata",parentData:data,parentDataProperty:"cveMetadata",rootData}))){vErrors = vErrors === null ? validate74.errors : vErrors.concat(validate74.errors);errors = vErrors.length;}var valid7 = _errs27 === errors;}else {var valid7 = true;}if(valid7){if(data.containers !== undefined){let data10 = data.containers;const _errs28 = errors;if(errors === _errs28){if(data10 && typeof data10 == "object" && !Array.isArray(data10)){let missing3;if((data10.cna === undefined) && (missing3 = "cna")){const err19 = {instancePath:instancePath+"/containers",schemaPath:"#/oneOf/1/properties/containers/required",keyword:"required",params:{missingProperty: missing3},message:"must have required property '"+missing3+"'"};if(vErrors === null){vErrors = [err19];}else {vErrors.push(err19);}errors++;}else {const _errs30 = errors;for(const key3 in data10){if(!(key3 === "cna")){const err20 = {instancePath:instancePath+"/containers",schemaPath:"#/oneOf/1/properties/containers/additionalProperties",keyword:"additionalProperties",params:{additionalProperty: key3},message:"must NOT have additional properties"};if(vErrors === null){vErrors = [err20];}else {vErrors.push(err20);}errors++;break;}}if(_errs30 === errors){if(data10.cna !== undefined){if(!(validate76(data10.cna, {instancePath:instancePath+"/containers/cna",parentData:data10,parentDataProperty:"cna",rootData}))){vErrors = vErrors === null ? validate76.errors : vErrors.concat(validate76.errors);errors = vErrors.length;}}}}}else {const err21 = {instancePath:instancePath+"/containers",schemaPath:"#/oneOf/1/properties/containers/type",keyword:"type",params:{type: "object"},message:"must be object"};if(vErrors === null){vErrors = [err21];}else {vErrors.push(err21);}errors++;}}var valid7 = _errs28 === errors;}else {var valid7 = true;}}}}}}}else {const err22 = {instancePath,schemaPath:"#/oneOf/1/type",keyword:"type",params:{type: "object"},message:"must be object"};if(vErrors === null){vErrors = [err22];}else {vErrors.push(err22);}errors++;}}var _valid0 = _errs18 === errors;if(_valid0 && valid0){valid0 = false;passing0 = [passing0, 1];}else {if(_valid0){valid0 = true;passing0 = 1;}}if(!valid0){const err23 = {instancePath,schemaPath:"#/oneOf",keyword:"oneOf",params:{passingSchemas: passing0},message:"must match exactly one schema in oneOf"};if(vErrors === null){vErrors = [err23];}else {vErrors.push(err23);}errors++;validate10.errors = vErrors;return false;}else {errors = _errs0;if(vErrors !== null){if(_errs0){vErrors.length = _errs0;}else {vErrors = null;}}}validate10.errors = vErrors;return errors === 0;} \ No newline at end of file +"use strict";module.exports=validate10;module.exports.default=validate10;const schema11={$schema:"http://json-schema.org/draft-07/schema#",$id:"https://cve.org/cve/record/v5_00/",type:"object",definitions:{uriType:{type:"string",format:"uri",minLength:1,maxLength:2048},uuidType:{type:"string",pattern:"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},reference:{type:"object",required:["url"],properties:{url:{$ref:"#/definitions/uriType"},name:{type:"string",maxLength:512,minLength:1},tags:{type:"array",minItems:1,uniqueItems:true,items:{oneOf:[{$ref:"#/definitions/tagExtension"},{$schema:"http://json-schema.org/draft-07/schema#",$id:"https://cve.mitre.org/cve/v5_00/tags/reference/",type:"string",enum:["broken-link","customer-entitlement","exploit","government-resource","issue-tracking","mailing-list","mitigation","not-applicable","patch","permissions-required","media-coverage","product","related","release-notes","signature","technical-description","third-party-advisory","vendor-advisory","vdb-entry"]}]}}}},cveId:{type:"string",pattern:"^CVE-[0-9]{4}-[0-9]{4,19}$"},orgId:{$ref:"#/definitions/uuidType"},userId:{$ref:"#/definitions/uuidType"},shortName:{type:"string",minLength:2,maxLength:32},datestamp:{type:"string",format:"date",pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))$"},timestamp:{type:"string",format:"date-time",pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},version:{type:"string",minLength:1,maxLength:1024},status:{type:"string",enum:["affected","unaffected","unknown"]},product:{type:"object",allOf:[{anyOf:[{required:["vendor","product"]},{required:["collectionURL","packageName"]}]},{anyOf:[{required:["versions"]},{required:["defaultStatus"]}]}],properties:{vendor:{type:"string",minLength:1,maxLength:512},product:{type:"string",minLength:1,maxLength:2048},collectionURL:{$ref:"#/definitions/uriType",examples:["https://access.redhat.com/downloads/content/package-browser","https://addons.mozilla.org","https://addons.thunderbird.net","https://anaconda.org/anaconda/repo","https://app.vagrantup.com/boxes/search","https://apps.apple.com","https://archlinux.org/packages","https://atmospherejs.meteor.com","https://atom.io/packages","https://bitbucket.org","https://bower.io","https://brew.sh/","https://chocolatey.org/packages","https://chrome.google.com/webstore","https://clojars.org","https://cocoapods.org","https://code.dlang.org","https://conan.io/center","https://cpan.org/modules","https://cran.r-project.org","https://crates.io","https://ctan.org/pkg","https://drupal.org","https://exchange.adobe.com","https://forge.puppet.com/modules","https://github.com","https://gitlab.com/explore","https://golang.org/pkg","https://guix.gnu.org/packages","https://hackage.haskell.org","https://helm.sh","https://hub.docker.com","https://juliahub.com","https://lib.haxe.org","https://luarocks.org","https://marketplace.visualstudio.com","https://melpa.org","https://microsoft.com/en-us/store/apps","https://nimble.directory","https://nuget.org/packages","https://opam.ocaml.org/packages","https://openwrt.org/packages/index","https://package.elm-lang.org","https://packagecontrol.io","https://packages.debian.org","https://packages.gentoo.org","https://packagist.org","https://pear.php.net/packages.php","https://pecl.php.net","https://platformio.org/lib","https://play.google.com/store","https://plugins.gradle.org","https://projects.eclipse.org","https://pub.dev","https://pypi.python.org","https://registry.npmjs.org","https://registry.terraform.io","https://repo.hex.pm","https://repo.maven.apache.org/maven2","https://rubygems.org","https://search.nixos.org/packages","https://sourceforge.net","https://wordpress.org/plugins"]},packageName:{type:"string",minLength:1,maxLength:2048},cpes:{type:"array",uniqueItems:true,items:{type:"string",pattern:"([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})",minLength:1,maxLength:2048}},modules:{type:"array",uniqueItems:true,items:{type:"string",minLength:1,maxLength:4096}},programFiles:{type:"array",uniqueItems:true,items:{type:"string",minLength:1,maxLength:1024}},programRoutines:{type:"array",uniqueItems:true,items:{type:"object",required:["name"],properties:{name:{type:"string",minLength:1,maxLength:4096}}}},platforms:{type:"array",minItems:1,uniqueItems:true,items:{type:"string",examples:["iOS","Android","Windows","macOS","x86","ARM","64 bit","Big Endian","iPad","Chromebook","Docker"],maxLength:1024}},repo:{$ref:"#/definitions/uriType"},defaultStatus:{$ref:"#/definitions/status"},versions:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",oneOf:[{required:["version","status"],maxProperties:2},{required:["version","status","versionType"],oneOf:[{required:["lessThan"]},{required:["lessThanOrEqual"]}]}],properties:{version:{$ref:"#/definitions/version"},status:{$ref:"#/definitions/status"},versionType:{type:"string",minLength:1,maxLength:128,examples:["custom","git","maven","python","rpm","semver"]},lessThan:{$ref:"#/definitions/version"},lessThanOrEqual:{$ref:"#/definitions/version"},changes:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["at","status"],properties:{at:{$ref:"#/definitions/version"},status:{$ref:"#/definitions/status"}}}}}}}}},dataType:{type:"string",enum:["CVE_RECORD"]},dataVersion:{type:"string",enum:["5.0"]},cveMetadataPublished:{type:"object",required:["cveId","assignerOrgId","state"],properties:{cveId:{$ref:"#/definitions/cveId"},assignerOrgId:{$ref:"#/definitions/orgId"},assignerShortName:{$ref:"#/definitions/shortName"},requesterUserId:{$ref:"#/definitions/userId"},dateUpdated:{$ref:"#/definitions/timestamp"},serial:{type:"integer",minimum:1},dateReserved:{$ref:"#/definitions/timestamp"},datePublished:{$ref:"#/definitions/timestamp"},state:{type:"string",enum:["PUBLISHED"]}},additionalProperties:false},cveMetadataRejected:{type:"object",required:["cveId","assignerOrgId","state"],properties:{cveId:{$ref:"#/definitions/cveId"},assignerOrgId:{$ref:"#/definitions/orgId"},assignerShortName:{$ref:"#/definitions/shortName"},serial:{type:"integer",minimum:1},dateUpdated:{$ref:"#/definitions/timestamp"},datePublished:{$ref:"#/definitions/timestamp"},dateRejected:{$ref:"#/definitions/timestamp"},state:{type:"string",enum:["REJECTED"]},dateReserved:{$ref:"#/definitions/timestamp"}},additionalProperties:false},providerMetadata:{type:"object",properties:{orgId:{$ref:"#/definitions/orgId"},shortName:{$ref:"#/definitions/shortName"},dateUpdated:{$ref:"#/definitions/timestamp"}},required:["orgId"]},cnaPublishedContainer:{type:"object",properties:{providerMetadata:{$ref:"#/definitions/providerMetadata"},dateAssigned:{$ref:"#/definitions/timestamp"},datePublic:{$ref:"#/definitions/timestamp"},title:{type:"string",minLength:1,maxLength:256},descriptions:{$ref:"#/definitions/descriptions"},affected:{$ref:"#/definitions/affected"},problemTypes:{$ref:"#/definitions/problemTypes"},references:{$ref:"#/definitions/references"},impacts:{$ref:"#/definitions/impacts"},metrics:{$ref:"#/definitions/metrics"},configurations:{$ref:"#/definitions/configurations"},workarounds:{$ref:"#/definitions/workarounds"},solutions:{$ref:"#/definitions/solutions"},exploits:{$ref:"#/definitions/exploits"},timeline:{$ref:"#/definitions/timeline"},credits:{$ref:"#/definitions/credits"},source:{$ref:"#/definitions/source"},tags:{$ref:"#/definitions/cnaTags"},taxonomyMappings:{$ref:"#/definitions/taxonomyMappings"}},required:["providerMetadata","descriptions","affected","references"],patternProperties:{"^x_":{}},additionalProperties:false},cnaRejectedContainer:{type:"object",properties:{providerMetadata:{$ref:"#/definitions/providerMetadata"},rejectedReasons:{$ref:"#/definitions/descriptions"},replacedBy:{type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/cveId"}}},required:["providerMetadata","rejectedReasons"],patternProperties:{"^x_":{}},additionalProperties:false},adpContainer:{type:"object",properties:{providerMetadata:{$ref:"#/definitions/providerMetadata"},datePublic:{$ref:"#/definitions/timestamp"},title:{type:"string",minLength:1,maxLength:256},descriptions:{$ref:"#/definitions/descriptions"},affected:{$ref:"#/definitions/affected"},problemTypes:{$ref:"#/definitions/problemTypes"},references:{$ref:"#/definitions/references"},impacts:{$ref:"#/definitions/impacts"},metrics:{$ref:"#/definitions/metrics"},configurations:{$ref:"#/definitions/configurations"},workarounds:{$ref:"#/definitions/workarounds"},solutions:{$ref:"#/definitions/solutions"},exploits:{$ref:"#/definitions/exploits"},timeline:{$ref:"#/definitions/timeline"},credits:{$ref:"#/definitions/credits"},source:{$ref:"#/definitions/source"},tags:{$ref:"#/definitions/adpTags"},taxonomyMappings:{$ref:"#/definitions/taxonomyMappings"}},required:["providerMetadata"],minProperties:2,patternProperties:{"^x_":{}},additionalProperties:false},affected:{type:"array",minItems:1,items:{$ref:"#/definitions/product"}},description:{type:"object",properties:{lang:{$ref:"#/definitions/language"},value:{type:"string",minLength:1,maxLength:4096},supportingMedia:{type:"array",uniqueItems:true,minItems:1,items:{type:"object",properties:{type:{type:"string",minLength:1,maxLength:256,examples:["text/markdown","text/html","image/png","image/svg","audio/mp3"]},base64:{type:"boolean",default:false},value:{type:"string",minLength:1,maxLength:16384}},required:["type","value"]}}},required:["lang","value"],additionalProperties:false},englishLanguageDescription:{type:"object",properties:{lang:{$ref:"#/definitions/englishLanguage"}},required:["lang"]},descriptions:{type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"},contains:{$ref:"#/definitions/englishLanguageDescription"}},problemTypes:{type:"array",items:{type:"object",required:["descriptions"],properties:{descriptions:{type:"array",items:{type:"object",required:["lang","description"],properties:{lang:{$ref:"#/definitions/language"},description:{type:"string",minLength:1,maxLength:4096},cweId:{type:"string",minLength:5,maxLength:9,pattern:"^CWE-[1-9][0-9]+$"},type:{type:"string",minLength:1,maxLength:128},references:{$ref:"#/definitions/references"}}},minItems:1,uniqueItems:true}}},minItems:1,uniqueItems:true},references:{type:"array",items:{$ref:"#/definitions/reference"},minItems:1,maxItems:512,uniqueItems:true},impacts:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["descriptions"],properties:{capecId:{type:"string",minLength:7,maxLength:11,pattern:"^CAPEC-[1-9][0-9]{0,4}$"},descriptions:{$ref:"#/definitions/descriptions"}}}},metrics:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",anyOf:[{required:["cvssV3_1"]},{required:["cvssV3_0"]},{required:["cvssV2_0"]},{required:["other"]}],properties:{format:{type:"string",minLength:1,maxLength:64},scenarios:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",properties:{lang:{$ref:"#/definitions/language"},value:{type:"string",default:"GENERAL",minLength:1,maxLength:4096}},required:["lang","value"]}},cvssV3_1:{$schema:"http://json-schema.org/draft-07/schema#",type:"object",definitions:{attackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},modifiedAttackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},attackComplexityType:{type:"string",enum:["HIGH","LOW"]},modifiedAttackComplexityType:{type:"string",enum:["HIGH","LOW","NOT_DEFINED"]},privilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE"]},modifiedPrivilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE","NOT_DEFINED"]},userInteractionType:{type:"string",enum:["NONE","REQUIRED"]},modifiedUserInteractionType:{type:"string",enum:["NONE","REQUIRED","NOT_DEFINED"]},scopeType:{type:"string",enum:["UNCHANGED","CHANGED"]},modifiedScopeType:{type:"string",enum:["UNCHANGED","CHANGED","NOT_DEFINED"]},ciaType:{type:"string",enum:["NONE","LOW","HIGH"]},modifiedCiaType:{type:"string",enum:["NONE","LOW","HIGH","NOT_DEFINED"]},exploitCodeMaturityType:{type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},remediationLevelType:{type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},confidenceType:{type:"string",enum:["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},ciaRequirementType:{type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]},scoreType:{type:"number",minimum:0,maximum:10},severityType:{type:"string",enum:["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},properties:{version:{type:"string",enum:["3.1"]},vectorString:{type:"string",pattern:"^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},attackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType"},attackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType"},privilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType"},userInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType"},scope:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType"},confidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},integrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},availabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},baseScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},baseSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},exploitCodeMaturity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType"},remediationLevel:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType"},reportConfidence:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType"},temporalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},temporalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},confidentialityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},integrityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},availabilityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},modifiedAttackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType"},modifiedAttackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType"},modifiedPrivilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType"},modifiedUserInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType"},modifiedScope:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType"},modifiedConfidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},modifiedIntegrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},modifiedAvailabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},environmentalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},environmentalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"}},required:["version","vectorString","baseScore","baseSeverity"]},cvssV3_0:{$schema:"http://json-schema.org/draft-04/schema#",type:"object",definitions:{attackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},modifiedAttackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},attackComplexityType:{type:"string",enum:["HIGH","LOW"]},modifiedAttackComplexityType:{type:"string",enum:["HIGH","LOW","NOT_DEFINED"]},privilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE"]},modifiedPrivilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE","NOT_DEFINED"]},userInteractionType:{type:"string",enum:["NONE","REQUIRED"]},modifiedUserInteractionType:{type:"string",enum:["NONE","REQUIRED","NOT_DEFINED"]},scopeType:{type:"string",enum:["UNCHANGED","CHANGED"]},modifiedScopeType:{type:"string",enum:["UNCHANGED","CHANGED","NOT_DEFINED"]},ciaType:{type:"string",enum:["NONE","LOW","HIGH"]},modifiedCiaType:{type:"string",enum:["NONE","LOW","HIGH","NOT_DEFINED"]},exploitCodeMaturityType:{type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},remediationLevelType:{type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},confidenceType:{type:"string",enum:["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},ciaRequirementType:{type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]},scoreType:{type:"number",minimum:0,maximum:10},severityType:{type:"string",enum:["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},properties:{version:{type:"string",enum:["3.0"]},vectorString:{type:"string",pattern:"^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},attackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType"},attackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType"},privilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType"},userInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType"},scope:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType"},confidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},integrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},availabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},baseScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},baseSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},exploitCodeMaturity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType"},remediationLevel:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType"},reportConfidence:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType"},temporalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},temporalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},confidentialityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},integrityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},availabilityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},modifiedAttackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType"},modifiedAttackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType"},modifiedPrivilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType"},modifiedUserInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType"},modifiedScope:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType"},modifiedConfidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},modifiedIntegrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},modifiedAvailabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},environmentalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},environmentalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"}},required:["version","vectorString","baseScore","baseSeverity"]},cvssV2_0:{$schema:"http://json-schema.org/draft-04/schema#",type:"object",definitions:{accessVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL"]},accessComplexityType:{type:"string",enum:["HIGH","MEDIUM","LOW"]},authenticationType:{type:"string",enum:["MULTIPLE","SINGLE","NONE"]},ciaType:{type:"string",enum:["NONE","PARTIAL","COMPLETE"]},exploitabilityType:{type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},remediationLevelType:{type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},reportConfidenceType:{type:"string",enum:["UNCONFIRMED","UNCORROBORATED","CONFIRMED","NOT_DEFINED"]},collateralDamagePotentialType:{type:"string",enum:["NONE","LOW","LOW_MEDIUM","MEDIUM_HIGH","HIGH","NOT_DEFINED"]},targetDistributionType:{type:"string",enum:["NONE","LOW","MEDIUM","HIGH","NOT_DEFINED"]},ciaRequirementType:{type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]},scoreType:{type:"number",minimum:0,maximum:10}},properties:{version:{type:"string",enum:["2.0"]},vectorString:{type:"string",pattern:"^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"},accessVector:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType"},accessComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType"},authentication:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType"},confidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},integrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},availabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},baseScore:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},exploitability:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType"},remediationLevel:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType"},reportConfidence:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType"},temporalScore:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},collateralDamagePotential:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType"},targetDistribution:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType"},confidentialityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},integrityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},availabilityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},environmentalScore:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"}},required:["version","vectorString","baseScore"]},other:{type:"object",required:["type","content"],properties:{type:{type:"string",minLength:1,maxLength:128},content:{type:"object",minProperties:1}}}}}},configurations:{type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}},workarounds:{type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}},solutions:{type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}},exploits:{type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}},timeline:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["time","lang","value"],properties:{time:{$ref:"#/definitions/timestamp"},lang:{$ref:"#/definitions/language"},value:{type:"string",minLength:1,maxLength:4096}}}},credits:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",properties:{lang:{$ref:"#/definitions/language"},value:{type:"string",minLength:1,maxLength:4096},user:{$ref:"#/definitions/uuidType"},type:{type:"string",default:"finder",enum:["finder","reporter","analyst","coordinator","remediation developer","remediation reviewer","remediation verifier","tool","sponsor","other"]}},required:["lang","value"]}},source:{type:"object",minProperties:1},language:{type:"string",default:"en",pattern:"^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},englishLanguage:{type:"string",pattern:"^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},taxonomyMappings:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["taxonomyName","taxonomyRelations"],properties:{taxonomyName:{type:"string",minLength:1,maxLength:128},taxonomyVersion:{type:"string",minLength:1,maxLength:128},taxonomyRelations:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["taxonomyId","relationshipName","relationshipValue"],properties:{taxonomyId:{type:"string",minLength:1,maxLength:2048},relationshipName:{type:"string",minLength:1,maxLength:128},relationshipValue:{type:"string",minLength:1,maxLength:2048}}}}}}},tagExtension:{type:"string",minLength:2,maxLength:128,pattern:"^x_.*$"},cnaTags:{type:"array",uniqueItems:true,minItems:1,items:{oneOf:[{$ref:"#/definitions/tagExtension"},{$schema:"http://json-schema.org/draft-07/schema#",$id:"https://cve.mitre.org/cve/v5_00/tags/cna/",type:"string",enum:["unsupported-when-assigned","exclusively-hosted-service","disputed"]}]}},adpTags:{type:"array",uniqueItems:true,minItems:1,items:{oneOf:[{$ref:"#/definitions/tagExtension"},{$schema:"http://json-schema.org/draft-07/schema#",$id:"https://cve.mitre.org/cve/v5_00/tags/adp/",type:"string",enum:["disputed"]}]}}},oneOf:[{properties:{dataType:{$ref:"#/definitions/dataType"},dataVersion:{$ref:"#/definitions/dataVersion"},cveMetadata:{$ref:"#/definitions/cveMetadataPublished"},containers:{type:"object",properties:{cna:{$ref:"#/definitions/cnaPublishedContainer"},adp:{type:"array",items:{$ref:"#/definitions/adpContainer"},minItems:1,uniqueItems:true}},required:["cna"],additionalProperties:false}},required:["dataType","dataVersion","cveMetadata","containers"],additionalProperties:false},{properties:{dataType:{$ref:"#/definitions/dataType"},dataVersion:{$ref:"#/definitions/dataVersion"},cveMetadata:{$ref:"#/definitions/cveMetadataRejected"},containers:{type:"object",properties:{cna:{$ref:"#/definitions/cnaRejectedContainer"}},required:["cna"],additionalProperties:false}},required:["dataType","dataVersion","cveMetadata","containers"],additionalProperties:false}]};const schema12={type:"string",enum:["CVE_RECORD"]};const schema13={type:"string",enum:["5.0"]};const func0=require("ajv/dist/runtime/equal").default;const schema14={type:"object",required:["cveId","assignerOrgId","state"],properties:{cveId:{$ref:"#/definitions/cveId"},assignerOrgId:{$ref:"#/definitions/orgId"},assignerShortName:{$ref:"#/definitions/shortName"},requesterUserId:{$ref:"#/definitions/userId"},dateUpdated:{$ref:"#/definitions/timestamp"},serial:{type:"integer",minimum:1},dateReserved:{$ref:"#/definitions/timestamp"},datePublished:{$ref:"#/definitions/timestamp"},state:{type:"string",enum:["PUBLISHED"]}},additionalProperties:false};const schema15={type:"string",pattern:"^CVE-[0-9]{4}-[0-9]{4,19}$"};const schema16={type:"string",pattern:"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"};const schema17={type:"string",minLength:2,maxLength:32};const schema19={type:"string",format:"date-time",pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"};const func6=Object.prototype.hasOwnProperty;const func7=require("ajv/dist/runtime/ucs2length").default;const pattern0=new RegExp("^CVE-[0-9]{4}-[0-9]{4,19}$","u");const pattern1=new RegExp("^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$","u");const pattern3=new RegExp("^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$","u");const formats0=require("ajv-formats/dist/formats").fullFormats["date-time"];function validate11(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.cveId===undefined&&(missing0="cveId")||data.assignerOrgId===undefined&&(missing0="assignerOrgId")||data.state===undefined&&(missing0="state")){validate11.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{const _errs1=errors;for(const key0 in data){if(!func6.call(schema14.properties,key0)){validate11.errors=[{instancePath:instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key0},message:"must NOT have additional properties"}];return false;break}}if(_errs1===errors){if(data.cveId!==undefined){let data0=data.cveId;const _errs2=errors;const _errs3=errors;if(errors===_errs3){if(typeof data0==="string"){if(!pattern0.test(data0)){validate11.errors=[{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/pattern",keyword:"pattern",params:{pattern:"^CVE-[0-9]{4}-[0-9]{4,19}$"},message:'must match pattern "'+"^CVE-[0-9]{4}-[0-9]{4,19}$"+'"'}];return false}}else{validate11.errors=[{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs2===errors}else{var valid0=true}if(valid0){if(data.assignerOrgId!==undefined){let data1=data.assignerOrgId;const _errs5=errors;const _errs6=errors;if(errors===_errs6){if(typeof data1==="string"){if(!pattern1.test(data1)){validate11.errors=[{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/pattern",keyword:"pattern",params:{pattern:"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:'must match pattern "'+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+'"'}];return false}}else{validate11.errors=[{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs5===errors}else{var valid0=true}if(valid0){if(data.assignerShortName!==undefined){let data2=data.assignerShortName;const _errs8=errors;const _errs9=errors;if(errors===_errs9){if(typeof data2==="string"){if(func7(data2)>32){validate11.errors=[{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/maxLength",keyword:"maxLength",params:{limit:32},message:"must NOT have more than 32 characters"}];return false}else{if(func7(data2)<2){validate11.errors=[{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/minLength",keyword:"minLength",params:{limit:2},message:"must NOT have fewer than 2 characters"}];return false}}}else{validate11.errors=[{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs8===errors}else{var valid0=true}if(valid0){if(data.requesterUserId!==undefined){let data3=data.requesterUserId;const _errs11=errors;const _errs12=errors;if(errors===_errs12){if(typeof data3==="string"){if(!pattern1.test(data3)){validate11.errors=[{instancePath:instancePath+"/requesterUserId",schemaPath:"#/definitions/userId/pattern",keyword:"pattern",params:{pattern:"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:'must match pattern "'+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+'"'}];return false}}else{validate11.errors=[{instancePath:instancePath+"/requesterUserId",schemaPath:"#/definitions/userId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs11===errors}else{var valid0=true}if(valid0){if(data.dateUpdated!==undefined){let data4=data.dateUpdated;const _errs14=errors;const _errs15=errors;if(errors===_errs15){if(errors===_errs15){if(typeof data4==="string"){if(!pattern3.test(data4)){validate11.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data4)){validate11.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate11.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs14===errors}else{var valid0=true}if(valid0){if(data.serial!==undefined){let data5=data.serial;const _errs17=errors;if(!(typeof data5=="number"&&(!(data5%1)&&!isNaN(data5))&&isFinite(data5))){validate11.errors=[{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/type",keyword:"type",params:{type:"integer"},message:"must be integer"}];return false}if(errors===_errs17){if(typeof data5=="number"&&isFinite(data5)){if(data5<1||isNaN(data5)){validate11.errors=[{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/minimum",keyword:"minimum",params:{comparison:">=",limit:1},message:"must be >= 1"}];return false}}}var valid0=_errs17===errors}else{var valid0=true}if(valid0){if(data.dateReserved!==undefined){let data6=data.dateReserved;const _errs19=errors;const _errs20=errors;if(errors===_errs20){if(errors===_errs20){if(typeof data6==="string"){if(!pattern3.test(data6)){validate11.errors=[{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data6)){validate11.errors=[{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate11.errors=[{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs19===errors}else{var valid0=true}if(valid0){if(data.datePublished!==undefined){let data7=data.datePublished;const _errs22=errors;const _errs23=errors;if(errors===_errs23){if(errors===_errs23){if(typeof data7==="string"){if(!pattern3.test(data7)){validate11.errors=[{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data7)){validate11.errors=[{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate11.errors=[{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs22===errors}else{var valid0=true}if(valid0){if(data.state!==undefined){let data8=data.state;const _errs25=errors;if(typeof data8!=="string"){validate11.errors=[{instancePath:instancePath+"/state",schemaPath:"#/properties/state/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data8==="PUBLISHED")){validate11.errors=[{instancePath:instancePath+"/state",schemaPath:"#/properties/state/enum",keyword:"enum",params:{allowedValues:schema14.properties.state.enum},message:"must be equal to one of the allowed values"}];return false}var valid0=_errs25===errors}else{var valid0=true}}}}}}}}}}}}else{validate11.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate11.errors=vErrors;return errors===0}const schema22={type:"object",properties:{providerMetadata:{$ref:"#/definitions/providerMetadata"},dateAssigned:{$ref:"#/definitions/timestamp"},datePublic:{$ref:"#/definitions/timestamp"},title:{type:"string",minLength:1,maxLength:256},descriptions:{$ref:"#/definitions/descriptions"},affected:{$ref:"#/definitions/affected"},problemTypes:{$ref:"#/definitions/problemTypes"},references:{$ref:"#/definitions/references"},impacts:{$ref:"#/definitions/impacts"},metrics:{$ref:"#/definitions/metrics"},configurations:{$ref:"#/definitions/configurations"},workarounds:{$ref:"#/definitions/workarounds"},solutions:{$ref:"#/definitions/solutions"},exploits:{$ref:"#/definitions/exploits"},timeline:{$ref:"#/definitions/timeline"},credits:{$ref:"#/definitions/credits"},source:{$ref:"#/definitions/source"},tags:{$ref:"#/definitions/cnaTags"},taxonomyMappings:{$ref:"#/definitions/taxonomyMappings"}},required:["providerMetadata","descriptions","affected","references"],patternProperties:{"^x_":{}},additionalProperties:false};const schema137={type:"object",minProperties:1};const schema140={type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["taxonomyName","taxonomyRelations"],properties:{taxonomyName:{type:"string",minLength:1,maxLength:128},taxonomyVersion:{type:"string",minLength:1,maxLength:128},taxonomyRelations:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["taxonomyId","relationshipName","relationshipValue"],properties:{taxonomyId:{type:"string",minLength:1,maxLength:2048},relationshipName:{type:"string",minLength:1,maxLength:128},relationshipValue:{type:"string",minLength:1,maxLength:2048}}}}}}};const pattern6=new RegExp("^x_","u");const schema23={type:"object",properties:{orgId:{$ref:"#/definitions/orgId"},shortName:{$ref:"#/definitions/shortName"},dateUpdated:{$ref:"#/definitions/timestamp"}},required:["orgId"]};function validate14(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.orgId===undefined&&(missing0="orgId")){validate14.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{if(data.orgId!==undefined){let data0=data.orgId;const _errs1=errors;const _errs2=errors;if(errors===_errs2){if(typeof data0==="string"){if(!pattern1.test(data0)){validate14.errors=[{instancePath:instancePath+"/orgId",schemaPath:"#/definitions/orgId/pattern",keyword:"pattern",params:{pattern:"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:'must match pattern "'+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+'"'}];return false}}else{validate14.errors=[{instancePath:instancePath+"/orgId",schemaPath:"#/definitions/orgId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs1===errors}else{var valid0=true}if(valid0){if(data.shortName!==undefined){let data1=data.shortName;const _errs4=errors;const _errs5=errors;if(errors===_errs5){if(typeof data1==="string"){if(func7(data1)>32){validate14.errors=[{instancePath:instancePath+"/shortName",schemaPath:"#/definitions/shortName/maxLength",keyword:"maxLength",params:{limit:32},message:"must NOT have more than 32 characters"}];return false}else{if(func7(data1)<2){validate14.errors=[{instancePath:instancePath+"/shortName",schemaPath:"#/definitions/shortName/minLength",keyword:"minLength",params:{limit:2},message:"must NOT have fewer than 2 characters"}];return false}}}else{validate14.errors=[{instancePath:instancePath+"/shortName",schemaPath:"#/definitions/shortName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs4===errors}else{var valid0=true}if(valid0){if(data.dateUpdated!==undefined){let data2=data.dateUpdated;const _errs7=errors;const _errs8=errors;if(errors===_errs8){if(errors===_errs8){if(typeof data2==="string"){if(!pattern3.test(data2)){validate14.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data2)){validate14.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate14.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs7===errors}else{var valid0=true}}}}}else{validate14.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate14.errors=vErrors;return errors===0}const schema29={type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"},contains:{$ref:"#/definitions/englishLanguageDescription"}};const schema30={type:"object",properties:{lang:{$ref:"#/definitions/language"},value:{type:"string",minLength:1,maxLength:4096},supportingMedia:{type:"array",uniqueItems:true,minItems:1,items:{type:"object",properties:{type:{type:"string",minLength:1,maxLength:256,examples:["text/markdown","text/html","image/png","image/svg","audio/mp3"]},base64:{type:"boolean",default:false},value:{type:"string",minLength:1,maxLength:16384}},required:["type","value"]}}},required:["lang","value"],additionalProperties:false};const schema31={type:"string",default:"en",pattern:"^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"};const pattern11=new RegExp("^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$","u");function validate17(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.lang===undefined&&(missing0="lang")||data.value===undefined&&(missing0="value")){validate17.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{const _errs1=errors;for(const key0 in data){if(!(key0==="lang"||key0==="value"||key0==="supportingMedia")){validate17.errors=[{instancePath:instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key0},message:"must NOT have additional properties"}];return false;break}}if(_errs1===errors){if(data.lang!==undefined){let data0=data.lang;const _errs2=errors;const _errs3=errors;if(errors===_errs3){if(typeof data0==="string"){if(!pattern11.test(data0)){validate17.errors=[{instancePath:instancePath+"/lang",schemaPath:"#/definitions/language/pattern",keyword:"pattern",params:{pattern:"^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},message:'must match pattern "'+"^[A-Za-z]{2,4}([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"+'"'}];return false}}else{validate17.errors=[{instancePath:instancePath+"/lang",schemaPath:"#/definitions/language/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs2===errors}else{var valid0=true}if(valid0){if(data.value!==undefined){let data1=data.value;const _errs5=errors;if(errors===_errs5){if(typeof data1==="string"){if(func7(data1)>4096){validate17.errors=[{instancePath:instancePath+"/value",schemaPath:"#/properties/value/maxLength",keyword:"maxLength",params:{limit:4096},message:"must NOT have more than 4096 characters"}];return false}else{if(func7(data1)<1){validate17.errors=[{instancePath:instancePath+"/value",schemaPath:"#/properties/value/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate17.errors=[{instancePath:instancePath+"/value",schemaPath:"#/properties/value/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs5===errors}else{var valid0=true}if(valid0){if(data.supportingMedia!==undefined){let data2=data.supportingMedia;const _errs7=errors;if(errors===_errs7){if(Array.isArray(data2)){if(data2.length<1){validate17.errors=[{instancePath:instancePath+"/supportingMedia",schemaPath:"#/properties/supportingMedia/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid2=true;const len0=data2.length;for(let i0=0;i0256){validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0+"/type",schemaPath:"#/properties/supportingMedia/items/properties/type/maxLength",keyword:"maxLength",params:{limit:256},message:"must NOT have more than 256 characters"}];return false}else{if(func7(data4)<1){validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0+"/type",schemaPath:"#/properties/supportingMedia/items/properties/type/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0+"/type",schemaPath:"#/properties/supportingMedia/items/properties/type/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs11===errors}else{var valid3=true}if(valid3){if(data3.base64!==undefined){const _errs13=errors;if(typeof data3.base64!=="boolean"){validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0+"/base64",schemaPath:"#/properties/supportingMedia/items/properties/base64/type",keyword:"type",params:{type:"boolean"},message:"must be boolean"}];return false}var valid3=_errs13===errors}else{var valid3=true}if(valid3){if(data3.value!==undefined){let data6=data3.value;const _errs15=errors;if(errors===_errs15){if(typeof data6==="string"){if(func7(data6)>16384){validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0+"/value",schemaPath:"#/properties/supportingMedia/items/properties/value/maxLength",keyword:"maxLength",params:{limit:16384},message:"must NOT have more than 16384 characters"}];return false}else{if(func7(data6)<1){validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0+"/value",schemaPath:"#/properties/supportingMedia/items/properties/value/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0+"/value",schemaPath:"#/properties/supportingMedia/items/properties/value/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs15===errors}else{var valid3=true}}}}}else{validate17.errors=[{instancePath:instancePath+"/supportingMedia/"+i0,schemaPath:"#/properties/supportingMedia/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid2=_errs9===errors;if(!valid2){break}}if(valid2){let i1=data2.length;let j0;if(i1>1){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data2[i1],data2[j0])){validate17.errors=[{instancePath:instancePath+"/supportingMedia",schemaPath:"#/properties/supportingMedia/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate17.errors=[{instancePath:instancePath+"/supportingMedia",schemaPath:"#/properties/supportingMedia/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid0=_errs7===errors}else{var valid0=true}}}}}}else{validate17.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate17.errors=vErrors;return errors===0}const schema32={type:"object",properties:{lang:{$ref:"#/definitions/englishLanguage"}},required:["lang"]};const schema33={type:"string",pattern:"^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"};const pattern12=new RegExp("^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$","u");function validate19(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.lang===undefined&&(missing0="lang")){validate19.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{if(data.lang!==undefined){let data0=data.lang;const _errs2=errors;if(errors===_errs2){if(typeof data0==="string"){if(!pattern12.test(data0)){validate19.errors=[{instancePath:instancePath+"/lang",schemaPath:"#/definitions/englishLanguage/pattern",keyword:"pattern",params:{pattern:"^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"},message:'must match pattern "'+"^en([_-][A-Za-z]{4})?([_-]([A-Za-z]{2}|[0-9]{3}))?$"+'"'}];return false}}else{validate19.errors=[{instancePath:instancePath+"/lang",schemaPath:"#/definitions/englishLanguage/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}}}else{validate19.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate19.errors=vErrors;return errors===0}function validate16(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate16.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i01){outer0:for(;i2--;){for(j0=i2;j0--;){if(func0(data[i2],data[j0])){validate16.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i2,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0}}}}}}}}else{validate16.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate16.errors=vErrors;return errors===0}const schema34={type:"array",minItems:1,items:{$ref:"#/definitions/product"}};const schema35={type:"object",allOf:[{anyOf:[{required:["vendor","product"]},{required:["collectionURL","packageName"]}]},{anyOf:[{required:["versions"]},{required:["defaultStatus"]}]}],properties:{vendor:{type:"string",minLength:1,maxLength:512},product:{type:"string",minLength:1,maxLength:2048},collectionURL:{$ref:"#/definitions/uriType",examples:["https://access.redhat.com/downloads/content/package-browser","https://addons.mozilla.org","https://addons.thunderbird.net","https://anaconda.org/anaconda/repo","https://app.vagrantup.com/boxes/search","https://apps.apple.com","https://archlinux.org/packages","https://atmospherejs.meteor.com","https://atom.io/packages","https://bitbucket.org","https://bower.io","https://brew.sh/","https://chocolatey.org/packages","https://chrome.google.com/webstore","https://clojars.org","https://cocoapods.org","https://code.dlang.org","https://conan.io/center","https://cpan.org/modules","https://cran.r-project.org","https://crates.io","https://ctan.org/pkg","https://drupal.org","https://exchange.adobe.com","https://forge.puppet.com/modules","https://github.com","https://gitlab.com/explore","https://golang.org/pkg","https://guix.gnu.org/packages","https://hackage.haskell.org","https://helm.sh","https://hub.docker.com","https://juliahub.com","https://lib.haxe.org","https://luarocks.org","https://marketplace.visualstudio.com","https://melpa.org","https://microsoft.com/en-us/store/apps","https://nimble.directory","https://nuget.org/packages","https://opam.ocaml.org/packages","https://openwrt.org/packages/index","https://package.elm-lang.org","https://packagecontrol.io","https://packages.debian.org","https://packages.gentoo.org","https://packagist.org","https://pear.php.net/packages.php","https://pecl.php.net","https://platformio.org/lib","https://play.google.com/store","https://plugins.gradle.org","https://projects.eclipse.org","https://pub.dev","https://pypi.python.org","https://registry.npmjs.org","https://registry.terraform.io","https://repo.hex.pm","https://repo.maven.apache.org/maven2","https://rubygems.org","https://search.nixos.org/packages","https://sourceforge.net","https://wordpress.org/plugins"]},packageName:{type:"string",minLength:1,maxLength:2048},cpes:{type:"array",uniqueItems:true,items:{type:"string",pattern:"([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})",minLength:1,maxLength:2048}},modules:{type:"array",uniqueItems:true,items:{type:"string",minLength:1,maxLength:4096}},programFiles:{type:"array",uniqueItems:true,items:{type:"string",minLength:1,maxLength:1024}},programRoutines:{type:"array",uniqueItems:true,items:{type:"object",required:["name"],properties:{name:{type:"string",minLength:1,maxLength:4096}}}},platforms:{type:"array",minItems:1,uniqueItems:true,items:{type:"string",examples:["iOS","Android","Windows","macOS","x86","ARM","64 bit","Big Endian","iPad","Chromebook","Docker"],maxLength:1024}},repo:{$ref:"#/definitions/uriType"},defaultStatus:{$ref:"#/definitions/status"},versions:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",oneOf:[{required:["version","status"],maxProperties:2},{required:["version","status","versionType"],oneOf:[{required:["lessThan"]},{required:["lessThanOrEqual"]}]}],properties:{version:{$ref:"#/definitions/version"},status:{$ref:"#/definitions/status"},versionType:{type:"string",minLength:1,maxLength:128,examples:["custom","git","maven","python","rpm","semver"]},lessThan:{$ref:"#/definitions/version"},lessThanOrEqual:{$ref:"#/definitions/version"},changes:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["at","status"],properties:{at:{$ref:"#/definitions/version"},status:{$ref:"#/definitions/status"}}}}}}}}};const schema36={type:"string",format:"uri",minLength:1,maxLength:2048};const schema38={type:"string",enum:["affected","unaffected","unknown"]};const schema39={type:"string",minLength:1,maxLength:1024};const formats12=require("ajv-formats/dist/formats").fullFormats.uri;const pattern13=new RegExp("([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})","u");function validate23(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;const _errs1=errors;const _errs2=errors;let valid1=false;const _errs3=errors;if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.vendor===undefined&&(missing0="vendor")||data.product===undefined&&(missing0="product")){const err0={instancePath:instancePath,schemaPath:"#/allOf/0/anyOf/0/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"};if(vErrors===null){vErrors=[err0]}else{vErrors.push(err0)}errors++}}var _valid0=_errs3===errors;valid1=valid1||_valid0;if(!valid1){const _errs4=errors;if(data&&typeof data=="object"&&!Array.isArray(data)){let missing1;if(data.collectionURL===undefined&&(missing1="collectionURL")||data.packageName===undefined&&(missing1="packageName")){const err1={instancePath:instancePath,schemaPath:"#/allOf/0/anyOf/1/required",keyword:"required",params:{missingProperty:missing1},message:"must have required property '"+missing1+"'"};if(vErrors===null){vErrors=[err1]}else{vErrors.push(err1)}errors++}}var _valid0=_errs4===errors;valid1=valid1||_valid0}if(!valid1){const err2={instancePath:instancePath,schemaPath:"#/allOf/0/anyOf",keyword:"anyOf",params:{},message:"must match a schema in anyOf"};if(vErrors===null){vErrors=[err2]}else{vErrors.push(err2)}errors++;validate23.errors=vErrors;return false}else{errors=_errs2;if(vErrors!==null){if(_errs2){vErrors.length=_errs2}else{vErrors=null}}}var valid0=_errs1===errors;if(valid0){const _errs5=errors;const _errs6=errors;let valid2=false;const _errs7=errors;if(data&&typeof data=="object"&&!Array.isArray(data)){let missing2;if(data.versions===undefined&&(missing2="versions")){const err3={instancePath:instancePath,schemaPath:"#/allOf/1/anyOf/0/required",keyword:"required",params:{missingProperty:missing2},message:"must have required property '"+missing2+"'"};if(vErrors===null){vErrors=[err3]}else{vErrors.push(err3)}errors++}}var _valid1=_errs7===errors;valid2=valid2||_valid1;if(!valid2){const _errs8=errors;if(data&&typeof data=="object"&&!Array.isArray(data)){let missing3;if(data.defaultStatus===undefined&&(missing3="defaultStatus")){const err4={instancePath:instancePath,schemaPath:"#/allOf/1/anyOf/1/required",keyword:"required",params:{missingProperty:missing3},message:"must have required property '"+missing3+"'"};if(vErrors===null){vErrors=[err4]}else{vErrors.push(err4)}errors++}}var _valid1=_errs8===errors;valid2=valid2||_valid1}if(!valid2){const err5={instancePath:instancePath,schemaPath:"#/allOf/1/anyOf",keyword:"anyOf",params:{},message:"must match a schema in anyOf"};if(vErrors===null){vErrors=[err5]}else{vErrors.push(err5)}errors++;validate23.errors=vErrors;return false}else{errors=_errs6;if(vErrors!==null){if(_errs6){vErrors.length=_errs6}else{vErrors=null}}}var valid0=_errs5===errors}if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){if(data.vendor!==undefined){let data0=data.vendor;const _errs9=errors;if(errors===_errs9){if(typeof data0==="string"){if(func7(data0)>512){validate23.errors=[{instancePath:instancePath+"/vendor",schemaPath:"#/properties/vendor/maxLength",keyword:"maxLength",params:{limit:512},message:"must NOT have more than 512 characters"}];return false}else{if(func7(data0)<1){validate23.errors=[{instancePath:instancePath+"/vendor",schemaPath:"#/properties/vendor/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/vendor",schemaPath:"#/properties/vendor/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs9===errors}else{var valid3=true}if(valid3){if(data.product!==undefined){let data1=data.product;const _errs11=errors;if(errors===_errs11){if(typeof data1==="string"){if(func7(data1)>2048){validate23.errors=[{instancePath:instancePath+"/product",schemaPath:"#/properties/product/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data1)<1){validate23.errors=[{instancePath:instancePath+"/product",schemaPath:"#/properties/product/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/product",schemaPath:"#/properties/product/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs11===errors}else{var valid3=true}if(valid3){if(data.collectionURL!==undefined){let data2=data.collectionURL;const _errs13=errors;const _errs14=errors;if(errors===_errs14){if(errors===_errs14){if(typeof data2==="string"){if(func7(data2)>2048){validate23.errors=[{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data2)<1){validate23.errors=[{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}else{if(!formats12(data2)){validate23.errors=[{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/format",keyword:"format",params:{format:"uri"},message:'must match format "'+"uri"+'"'}];return false}}}}else{validate23.errors=[{instancePath:instancePath+"/collectionURL",schemaPath:"#/definitions/uriType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid3=_errs13===errors}else{var valid3=true}if(valid3){if(data.packageName!==undefined){let data3=data.packageName;const _errs16=errors;if(errors===_errs16){if(typeof data3==="string"){if(func7(data3)>2048){validate23.errors=[{instancePath:instancePath+"/packageName",schemaPath:"#/properties/packageName/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data3)<1){validate23.errors=[{instancePath:instancePath+"/packageName",schemaPath:"#/properties/packageName/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/packageName",schemaPath:"#/properties/packageName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs16===errors}else{var valid3=true}if(valid3){if(data.cpes!==undefined){let data4=data.cpes;const _errs18=errors;if(errors===_errs18){if(Array.isArray(data4)){var valid5=true;const len0=data4.length;for(let i0=0;i02048){validate23.errors=[{instancePath:instancePath+"/cpes/"+i0,schemaPath:"#/properties/cpes/items/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data5)<1){validate23.errors=[{instancePath:instancePath+"/cpes/"+i0,schemaPath:"#/properties/cpes/items/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}else{if(!pattern13.test(data5)){validate23.errors=[{instancePath:instancePath+"/cpes/"+i0,schemaPath:"#/properties/cpes/items/pattern",keyword:"pattern",params:{pattern:"([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})"},message:'must match pattern "'+"([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9._\\-~%]*){0,6})|(cpe:2\\.3:[aho*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-._]|(\\\\[\\\\*?!\"#$%&'()+,/:;<=>@\\[\\]\\^`{|}~]))+(\\?*|\\*?))|[*\\-])){4})"+'"'}];return false}}}}else{validate23.errors=[{instancePath:instancePath+"/cpes/"+i0,schemaPath:"#/properties/cpes/items/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid5=_errs20===errors;if(!valid5){break}}if(valid5){let i1=data4.length;let j0;if(i1>1){const indices0={};for(;i1--;){let item0=data4[i1];if(typeof item0!=="string"){continue}if(typeof indices0[item0]=="number"){j0=indices0[item0];validate23.errors=[{instancePath:instancePath+"/cpes",schemaPath:"#/properties/cpes/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break}indices0[item0]=i1}}}}else{validate23.errors=[{instancePath:instancePath+"/cpes",schemaPath:"#/properties/cpes/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid3=_errs18===errors}else{var valid3=true}if(valid3){if(data.modules!==undefined){let data6=data.modules;const _errs22=errors;if(errors===_errs22){if(Array.isArray(data6)){var valid7=true;const len1=data6.length;for(let i2=0;i24096){validate23.errors=[{instancePath:instancePath+"/modules/"+i2,schemaPath:"#/properties/modules/items/maxLength",keyword:"maxLength",params:{limit:4096},message:"must NOT have more than 4096 characters"}];return false}else{if(func7(data7)<1){validate23.errors=[{instancePath:instancePath+"/modules/"+i2,schemaPath:"#/properties/modules/items/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/modules/"+i2,schemaPath:"#/properties/modules/items/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid7=_errs24===errors;if(!valid7){break}}if(valid7){let i3=data6.length;let j1;if(i3>1){const indices1={};for(;i3--;){let item1=data6[i3];if(typeof item1!=="string"){continue}if(typeof indices1[item1]=="number"){j1=indices1[item1];validate23.errors=[{instancePath:instancePath+"/modules",schemaPath:"#/properties/modules/uniqueItems",keyword:"uniqueItems",params:{i:i3,j:j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break}indices1[item1]=i3}}}}else{validate23.errors=[{instancePath:instancePath+"/modules",schemaPath:"#/properties/modules/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid3=_errs22===errors}else{var valid3=true}if(valid3){if(data.programFiles!==undefined){let data8=data.programFiles;const _errs26=errors;if(errors===_errs26){if(Array.isArray(data8)){var valid9=true;const len2=data8.length;for(let i4=0;i41024){validate23.errors=[{instancePath:instancePath+"/programFiles/"+i4,schemaPath:"#/properties/programFiles/items/maxLength",keyword:"maxLength",params:{limit:1024},message:"must NOT have more than 1024 characters"}];return false}else{if(func7(data9)<1){validate23.errors=[{instancePath:instancePath+"/programFiles/"+i4,schemaPath:"#/properties/programFiles/items/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/programFiles/"+i4,schemaPath:"#/properties/programFiles/items/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid9=_errs28===errors;if(!valid9){break}}if(valid9){let i5=data8.length;let j2;if(i5>1){const indices2={};for(;i5--;){let item2=data8[i5];if(typeof item2!=="string"){continue}if(typeof indices2[item2]=="number"){j2=indices2[item2];validate23.errors=[{instancePath:instancePath+"/programFiles",schemaPath:"#/properties/programFiles/uniqueItems",keyword:"uniqueItems",params:{i:i5,j:j2},message:"must NOT have duplicate items (items ## "+j2+" and "+i5+" are identical)"}];return false;break}indices2[item2]=i5}}}}else{validate23.errors=[{instancePath:instancePath+"/programFiles",schemaPath:"#/properties/programFiles/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid3=_errs26===errors}else{var valid3=true}if(valid3){if(data.programRoutines!==undefined){let data10=data.programRoutines;const _errs30=errors;if(errors===_errs30){if(Array.isArray(data10)){var valid11=true;const len3=data10.length;for(let i6=0;i64096){validate23.errors=[{instancePath:instancePath+"/programRoutines/"+i6+"/name",schemaPath:"#/properties/programRoutines/items/properties/name/maxLength",keyword:"maxLength",params:{limit:4096},message:"must NOT have more than 4096 characters"}];return false}else{if(func7(data12)<1){validate23.errors=[{instancePath:instancePath+"/programRoutines/"+i6+"/name",schemaPath:"#/properties/programRoutines/items/properties/name/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/programRoutines/"+i6+"/name",schemaPath:"#/properties/programRoutines/items/properties/name/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}}}else{validate23.errors=[{instancePath:instancePath+"/programRoutines/"+i6,schemaPath:"#/properties/programRoutines/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid11=_errs32===errors;if(!valid11){break}}if(valid11){let i7=data10.length;let j3;if(i7>1){outer0:for(;i7--;){for(j3=i7;j3--;){if(func0(data10[i7],data10[j3])){validate23.errors=[{instancePath:instancePath+"/programRoutines",schemaPath:"#/properties/programRoutines/uniqueItems",keyword:"uniqueItems",params:{i:i7,j:j3},message:"must NOT have duplicate items (items ## "+j3+" and "+i7+" are identical)"}];return false;break outer0}}}}}}else{validate23.errors=[{instancePath:instancePath+"/programRoutines",schemaPath:"#/properties/programRoutines/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid3=_errs30===errors}else{var valid3=true}if(valid3){if(data.platforms!==undefined){let data13=data.platforms;const _errs36=errors;if(errors===_errs36){if(Array.isArray(data13)){if(data13.length<1){validate23.errors=[{instancePath:instancePath+"/platforms",schemaPath:"#/properties/platforms/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid14=true;const len4=data13.length;for(let i8=0;i81024){validate23.errors=[{instancePath:instancePath+"/platforms/"+i8,schemaPath:"#/properties/platforms/items/maxLength",keyword:"maxLength",params:{limit:1024},message:"must NOT have more than 1024 characters"}];return false}}else{validate23.errors=[{instancePath:instancePath+"/platforms/"+i8,schemaPath:"#/properties/platforms/items/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid14=_errs38===errors;if(!valid14){break}}if(valid14){let i9=data13.length;let j4;if(i9>1){const indices3={};for(;i9--;){let item3=data13[i9];if(typeof item3!=="string"){continue}if(typeof indices3[item3]=="number"){j4=indices3[item3];validate23.errors=[{instancePath:instancePath+"/platforms",schemaPath:"#/properties/platforms/uniqueItems",keyword:"uniqueItems",params:{i:i9,j:j4},message:"must NOT have duplicate items (items ## "+j4+" and "+i9+" are identical)"}];return false;break}indices3[item3]=i9}}}}}else{validate23.errors=[{instancePath:instancePath+"/platforms",schemaPath:"#/properties/platforms/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid3=_errs36===errors}else{var valid3=true}if(valid3){if(data.repo!==undefined){let data15=data.repo;const _errs40=errors;const _errs41=errors;if(errors===_errs41){if(errors===_errs41){if(typeof data15==="string"){if(func7(data15)>2048){validate23.errors=[{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data15)<1){validate23.errors=[{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}else{if(!formats12(data15)){validate23.errors=[{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/format",keyword:"format",params:{format:"uri"},message:'must match format "'+"uri"+'"'}];return false}}}}else{validate23.errors=[{instancePath:instancePath+"/repo",schemaPath:"#/definitions/uriType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid3=_errs40===errors}else{var valid3=true}if(valid3){if(data.defaultStatus!==undefined){let data16=data.defaultStatus;const _errs43=errors;if(typeof data16!=="string"){validate23.errors=[{instancePath:instancePath+"/defaultStatus",schemaPath:"#/definitions/status/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data16==="affected"||data16==="unaffected"||data16==="unknown")){validate23.errors=[{instancePath:instancePath+"/defaultStatus",schemaPath:"#/definitions/status/enum",keyword:"enum",params:{allowedValues:schema38.enum},message:"must be equal to one of the allowed values"}];return false}var valid3=_errs43===errors}else{var valid3=true}if(valid3){if(data.versions!==undefined){let data17=data.versions;const _errs46=errors;if(errors===_errs46){if(Array.isArray(data17)){if(data17.length<1){validate23.errors=[{instancePath:instancePath+"/versions",schemaPath:"#/properties/versions/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid18=true;const len5=data17.length;for(let i10=0;i102){const err6={instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/oneOf/0/maxProperties",keyword:"maxProperties",params:{limit:2},message:"must NOT have more than 2 items"};if(vErrors===null){vErrors=[err6]}else{vErrors.push(err6)}errors++}else{let missing5;if(data18.version===undefined&&(missing5="version")||data18.status===undefined&&(missing5="status")){const err7={instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/oneOf/0/required",keyword:"required",params:{missingProperty:missing5},message:"must have required property '"+missing5+"'"};if(vErrors===null){vErrors=[err7]}else{vErrors.push(err7)}errors++}}}var _valid2=_errs51===errors;if(_valid2){valid19=true;passing0=0}const _errs52=errors;const _errs53=errors;let valid20=false;let passing1=null;const _errs54=errors;if(data18&&typeof data18=="object"&&!Array.isArray(data18)){let missing6;if(data18.lessThan===undefined&&(missing6="lessThan")){const err8={instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/oneOf/1/oneOf/0/required",keyword:"required",params:{missingProperty:missing6},message:"must have required property '"+missing6+"'"};if(vErrors===null){vErrors=[err8]}else{vErrors.push(err8)}errors++}}var _valid3=_errs54===errors;if(_valid3){valid20=true;passing1=0}const _errs55=errors;if(data18&&typeof data18=="object"&&!Array.isArray(data18)){let missing7;if(data18.lessThanOrEqual===undefined&&(missing7="lessThanOrEqual")){const err9={instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/oneOf/1/oneOf/1/required",keyword:"required",params:{missingProperty:missing7},message:"must have required property '"+missing7+"'"};if(vErrors===null){vErrors=[err9]}else{vErrors.push(err9)}errors++}}var _valid3=_errs55===errors;if(_valid3&&valid20){valid20=false;passing1=[passing1,1]}else{if(_valid3){valid20=true;passing1=1}}if(!valid20){const err10={instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/oneOf/1/oneOf",keyword:"oneOf",params:{passingSchemas:passing1},message:"must match exactly one schema in oneOf"};if(vErrors===null){vErrors=[err10]}else{vErrors.push(err10)}errors++}else{errors=_errs53;if(vErrors!==null){if(_errs53){vErrors.length=_errs53}else{vErrors=null}}}if(errors===_errs52){if(data18&&typeof data18=="object"&&!Array.isArray(data18)){let missing8;if(data18.version===undefined&&(missing8="version")||data18.status===undefined&&(missing8="status")||data18.versionType===undefined&&(missing8="versionType")){const err11={instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/oneOf/1/required",keyword:"required",params:{missingProperty:missing8},message:"must have required property '"+missing8+"'"};if(vErrors===null){vErrors=[err11]}else{vErrors.push(err11)}errors++}}}var _valid2=_errs52===errors;if(_valid2&&valid19){valid19=false;passing0=[passing0,1]}else{if(_valid2){valid19=true;passing0=1}}if(!valid19){const err12={instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/oneOf",keyword:"oneOf",params:{passingSchemas:passing0},message:"must match exactly one schema in oneOf"};if(vErrors===null){vErrors=[err12]}else{vErrors.push(err12)}errors++;validate23.errors=vErrors;return false}else{errors=_errs50;if(vErrors!==null){if(_errs50){vErrors.length=_errs50}else{vErrors=null}}}if(errors===_errs48){if(data18&&typeof data18=="object"&&!Array.isArray(data18)){if(data18.version!==undefined){let data19=data18.version;const _errs56=errors;const _errs57=errors;if(errors===_errs57){if(typeof data19==="string"){if(func7(data19)>1024){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/version",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit:1024},message:"must NOT have more than 1024 characters"}];return false}else{if(func7(data19)<1){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/version",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/version",schemaPath:"#/definitions/version/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid21=_errs56===errors}else{var valid21=true}if(valid21){if(data18.status!==undefined){let data20=data18.status;const _errs59=errors;if(typeof data20!=="string"){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/status",schemaPath:"#/definitions/status/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data20==="affected"||data20==="unaffected"||data20==="unknown")){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/status",schemaPath:"#/definitions/status/enum",keyword:"enum",params:{allowedValues:schema38.enum},message:"must be equal to one of the allowed values"}];return false}var valid21=_errs59===errors}else{var valid21=true}if(valid21){if(data18.versionType!==undefined){let data21=data18.versionType;const _errs62=errors;if(errors===_errs62){if(typeof data21==="string"){if(func7(data21)>128){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/versionType",schemaPath:"#/properties/versions/items/properties/versionType/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data21)<1){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/versionType",schemaPath:"#/properties/versions/items/properties/versionType/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/versionType",schemaPath:"#/properties/versions/items/properties/versionType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid21=_errs62===errors}else{var valid21=true}if(valid21){if(data18.lessThan!==undefined){let data22=data18.lessThan;const _errs64=errors;const _errs65=errors;if(errors===_errs65){if(typeof data22==="string"){if(func7(data22)>1024){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/lessThan",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit:1024},message:"must NOT have more than 1024 characters"}];return false}else{if(func7(data22)<1){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/lessThan",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/lessThan",schemaPath:"#/definitions/version/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid21=_errs64===errors}else{var valid21=true}if(valid21){if(data18.lessThanOrEqual!==undefined){let data23=data18.lessThanOrEqual;const _errs67=errors;const _errs68=errors;if(errors===_errs68){if(typeof data23==="string"){if(func7(data23)>1024){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/lessThanOrEqual",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit:1024},message:"must NOT have more than 1024 characters"}];return false}else{if(func7(data23)<1){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/lessThanOrEqual",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/lessThanOrEqual",schemaPath:"#/definitions/version/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid21=_errs67===errors}else{var valid21=true}if(valid21){if(data18.changes!==undefined){let data24=data18.changes;const _errs70=errors;if(errors===_errs70){if(Array.isArray(data24)){if(data24.length<1){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes",schemaPath:"#/properties/versions/items/properties/changes/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid26=true;const len6=data24.length;for(let i11=0;i111024){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes/"+i11+"/at",schemaPath:"#/definitions/version/maxLength",keyword:"maxLength",params:{limit:1024},message:"must NOT have more than 1024 characters"}];return false}else{if(func7(data26)<1){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes/"+i11+"/at",schemaPath:"#/definitions/version/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes/"+i11+"/at",schemaPath:"#/definitions/version/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid27=_errs74===errors}else{var valid27=true}if(valid27){if(data25.status!==undefined){let data27=data25.status;const _errs77=errors;if(typeof data27!=="string"){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes/"+i11+"/status",schemaPath:"#/definitions/status/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data27==="affected"||data27==="unaffected"||data27==="unknown")){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes/"+i11+"/status",schemaPath:"#/definitions/status/enum",keyword:"enum",params:{allowedValues:schema38.enum},message:"must be equal to one of the allowed values"}];return false}var valid27=_errs77===errors}else{var valid27=true}}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes/"+i11,schemaPath:"#/properties/versions/items/properties/changes/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid26=_errs72===errors;if(!valid26){break}}if(valid26){let i12=data24.length;let j5;if(i12>1){outer1:for(;i12--;){for(j5=i12;j5--;){if(func0(data24[i12],data24[j5])){validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes",schemaPath:"#/properties/versions/items/properties/changes/uniqueItems",keyword:"uniqueItems",params:{i:i12,j:j5},message:"must NOT have duplicate items (items ## "+j5+" and "+i12+" are identical)"}];return false;break outer1}}}}}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10+"/changes",schemaPath:"#/properties/versions/items/properties/changes/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid21=_errs70===errors}else{var valid21=true}}}}}}}else{validate23.errors=[{instancePath:instancePath+"/versions/"+i10,schemaPath:"#/properties/versions/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid18=_errs48===errors;if(!valid18){break}}if(valid18){let i13=data17.length;let j6;if(i13>1){outer2:for(;i13--;){for(j6=i13;j6--;){if(func0(data17[i13],data17[j6])){validate23.errors=[{instancePath:instancePath+"/versions",schemaPath:"#/properties/versions/uniqueItems",keyword:"uniqueItems",params:{i:i13,j:j6},message:"must NOT have duplicate items (items ## "+j6+" and "+i13+" are identical)"}];return false;break outer2}}}}}}}else{validate23.errors=[{instancePath:instancePath+"/versions",schemaPath:"#/properties/versions/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid3=_errs46===errors}else{var valid3=true}}}}}}}}}}}}}else{validate23.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate23.errors=vErrors;return errors===0}function validate22(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate22.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i02048){validate28.errors=[{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data0)<1){validate28.errors=[{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}else{if(!formats12(data0)){validate28.errors=[{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/format",keyword:"format",params:{format:"uri"},message:'must match format "'+"uri"+'"'}];return false}}}}else{validate28.errors=[{instancePath:instancePath+"/url",schemaPath:"#/definitions/uriType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs1===errors}else{var valid0=true}if(valid0){if(data.name!==undefined){let data1=data.name;const _errs4=errors;if(errors===_errs4){if(typeof data1==="string"){if(func7(data1)>512){validate28.errors=[{instancePath:instancePath+"/name",schemaPath:"#/properties/name/maxLength",keyword:"maxLength",params:{limit:512},message:"must NOT have more than 512 characters"}];return false}else{if(func7(data1)<1){validate28.errors=[{instancePath:instancePath+"/name",schemaPath:"#/properties/name/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate28.errors=[{instancePath:instancePath+"/name",schemaPath:"#/properties/name/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs4===errors}else{var valid0=true}if(valid0){if(data.tags!==undefined){let data2=data.tags;const _errs6=errors;if(errors===_errs6){if(Array.isArray(data2)){if(data2.length<1){validate28.errors=[{instancePath:instancePath+"/tags",schemaPath:"#/properties/tags/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid2=true;const len0=data2.length;for(let i0=0;i0128){const err0={instancePath:instancePath+"/tags/"+i0,schemaPath:"#/definitions/tagExtension/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"};if(vErrors===null){vErrors=[err0]}else{vErrors.push(err0)}errors++}else{if(func7(data3)<2){const err1={instancePath:instancePath+"/tags/"+i0,schemaPath:"#/definitions/tagExtension/minLength",keyword:"minLength",params:{limit:2},message:"must NOT have fewer than 2 characters"};if(vErrors===null){vErrors=[err1]}else{vErrors.push(err1)}errors++}else{if(!pattern16.test(data3)){const err2={instancePath:instancePath+"/tags/"+i0,schemaPath:"#/definitions/tagExtension/pattern",keyword:"pattern",params:{pattern:"^x_.*$"},message:'must match pattern "'+"^x_.*$"+'"'};if(vErrors===null){vErrors=[err2]}else{vErrors.push(err2)}errors++}}}}else{const err3={instancePath:instancePath+"/tags/"+i0,schemaPath:"#/definitions/tagExtension/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err3]}else{vErrors.push(err3)}errors++}}var _valid0=_errs10===errors;if(_valid0){valid3=true;passing0=0}const _errs13=errors;if(typeof data3!=="string"){const err4={instancePath:instancePath+"/tags/"+i0,schemaPath:"#/properties/tags/items/oneOf/1/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err4]}else{vErrors.push(err4)}errors++}if(!(data3==="broken-link"||data3==="customer-entitlement"||data3==="exploit"||data3==="government-resource"||data3==="issue-tracking"||data3==="mailing-list"||data3==="mitigation"||data3==="not-applicable"||data3==="patch"||data3==="permissions-required"||data3==="media-coverage"||data3==="product"||data3==="related"||data3==="release-notes"||data3==="signature"||data3==="technical-description"||data3==="third-party-advisory"||data3==="vendor-advisory"||data3==="vdb-entry")){const err5={instancePath:instancePath+"/tags/"+i0,schemaPath:"#/properties/tags/items/oneOf/1/enum",keyword:"enum",params:{allowedValues:schema48.properties.tags.items.oneOf[1].enum},message:"must be equal to one of the allowed values"};if(vErrors===null){vErrors=[err5]}else{vErrors.push(err5)}errors++}var _valid0=_errs13===errors;if(_valid0&&valid3){valid3=false;passing0=[passing0,1]}else{if(_valid0){valid3=true;passing0=1}}if(!valid3){const err6={instancePath:instancePath+"/tags/"+i0,schemaPath:"#/properties/tags/items/oneOf",keyword:"oneOf",params:{passingSchemas:passing0},message:"must match exactly one schema in oneOf"};if(vErrors===null){vErrors=[err6]}else{vErrors.push(err6)}errors++;validate28.errors=vErrors;return false}else{errors=_errs9;if(vErrors!==null){if(_errs9){vErrors.length=_errs9}else{vErrors=null}}}var valid2=_errs8===errors;if(!valid2){break}}if(valid2){let i1=data2.length;let j0;if(i1>1){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data2[i1],data2[j0])){validate28.errors=[{instancePath:instancePath+"/tags",schemaPath:"#/properties/tags/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate28.errors=[{instancePath:instancePath+"/tags",schemaPath:"#/properties/tags/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid0=_errs6===errors}else{var valid0=true}}}}}else{validate28.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate28.errors=vErrors;return errors===0}function validate27(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length>512){validate27.errors=[{instancePath:instancePath,schemaPath:"#/maxItems",keyword:"maxItems",params:{limit:512},message:"must NOT have more than 512 items"}];return false}else{if(data.length<1){validate27.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i01){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate27.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}}else{validate27.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate27.errors=vErrors;return errors===0}function validate26(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate26.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i04096){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/description",schemaPath:"#/items/properties/descriptions/items/properties/description/maxLength",keyword:"maxLength",params:{limit:4096},message:"must NOT have more than 4096 characters"}];return false}else{if(func7(data4)<1){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/description",schemaPath:"#/items/properties/descriptions/items/properties/description/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/description",schemaPath:"#/items/properties/descriptions/items/properties/description/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs10===errors}else{var valid3=true}if(valid3){if(data2.cweId!==undefined){let data5=data2.cweId;const _errs12=errors;if(errors===_errs12){if(typeof data5==="string"){if(func7(data5)>9){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/maxLength",keyword:"maxLength",params:{limit:9},message:"must NOT have more than 9 characters"}];return false}else{if(func7(data5)<5){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/minLength",keyword:"minLength",params:{limit:5},message:"must NOT have fewer than 5 characters"}];return false}else{if(!pattern15.test(data5)){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/pattern",keyword:"pattern",params:{pattern:"^CWE-[1-9][0-9]+$"},message:'must match pattern "'+"^CWE-[1-9][0-9]+$"+'"'}];return false}}}}else{validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/cweId",schemaPath:"#/items/properties/descriptions/items/properties/cweId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs12===errors}else{var valid3=true}if(valid3){if(data2.type!==undefined){let data6=data2.type;const _errs14=errors;if(errors===_errs14){if(typeof data6==="string"){if(func7(data6)>128){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/type",schemaPath:"#/items/properties/descriptions/items/properties/type/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data6)<1){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/type",schemaPath:"#/items/properties/descriptions/items/properties/type/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/type",schemaPath:"#/items/properties/descriptions/items/properties/type/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid3=_errs14===errors}else{var valid3=true}if(valid3){if(data2.references!==undefined){const _errs16=errors;if(!validate27(data2.references,{instancePath:instancePath+"/"+i0+"/descriptions/"+i1+"/references",parentData:data2,parentDataProperty:"references",rootData:rootData})){vErrors=vErrors===null?validate27.errors:vErrors.concat(validate27.errors);errors=vErrors.length}var valid3=_errs16===errors}else{var valid3=true}}}}}}}else{validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions/"+i1,schemaPath:"#/items/properties/descriptions/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid2=_errs5===errors;if(!valid2){break}}if(valid2){let i2=data1.length;let j0;if(i2>1){outer0:for(;i2--;){for(j0=i2;j0--;){if(func0(data1[i2],data1[j0])){validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions",schemaPath:"#/items/properties/descriptions/uniqueItems",keyword:"uniqueItems",params:{i:i2,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0}}}}}}}else{validate26.errors=[{instancePath:instancePath+"/"+i0+"/descriptions",schemaPath:"#/items/properties/descriptions/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}}}}else{validate26.errors=[{instancePath:instancePath+"/"+i0,schemaPath:"#/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid0=_errs1===errors;if(!valid0){break}}if(valid0){let i3=data.length;let j1;if(i3>1){outer1:for(;i3--;){for(j1=i3;j1--;){if(func0(data[i3],data[j1])){validate26.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i3,j:j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1}}}}}}}else{validate26.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate26.errors=vErrors;return errors===0}const schema51={type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["descriptions"],properties:{capecId:{type:"string",minLength:7,maxLength:11,pattern:"^CAPEC-[1-9][0-9]{0,4}$"},descriptions:{$ref:"#/definitions/descriptions"}}}};const pattern17=new RegExp("^CAPEC-[1-9][0-9]{0,4}$","u");function validate33(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate33.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i011){validate33.errors=[{instancePath:instancePath+"/"+i0+"/capecId",schemaPath:"#/items/properties/capecId/maxLength",keyword:"maxLength",params:{limit:11},message:"must NOT have more than 11 characters"}];return false}else{if(func7(data1)<7){validate33.errors=[{instancePath:instancePath+"/"+i0+"/capecId",schemaPath:"#/items/properties/capecId/minLength",keyword:"minLength",params:{limit:7},message:"must NOT have fewer than 7 characters"}];return false}else{if(!pattern17.test(data1)){validate33.errors=[{instancePath:instancePath+"/"+i0+"/capecId",schemaPath:"#/items/properties/capecId/pattern",keyword:"pattern",params:{pattern:"^CAPEC-[1-9][0-9]{0,4}$"},message:'must match pattern "'+"^CAPEC-[1-9][0-9]{0,4}$"+'"'}];return false}}}}else{validate33.errors=[{instancePath:instancePath+"/"+i0+"/capecId",schemaPath:"#/items/properties/capecId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid1=_errs3===errors}else{var valid1=true}if(valid1){if(data0.descriptions!==undefined){const _errs5=errors;if(!validate16(data0.descriptions,{instancePath:instancePath+"/"+i0+"/descriptions",parentData:data0,parentDataProperty:"descriptions",rootData:rootData})){vErrors=vErrors===null?validate16.errors:vErrors.concat(validate16.errors);errors=vErrors.length}var valid1=_errs5===errors}else{var valid1=true}}}}else{validate33.errors=[{instancePath:instancePath+"/"+i0,schemaPath:"#/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid0=_errs1===errors;if(!valid0){break}}if(valid0){let i1=data.length;let j0;if(i1>1){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate33.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate33.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate33.errors=vErrors;return errors===0}const schema52={type:"array",minItems:1,uniqueItems:true,items:{type:"object",anyOf:[{required:["cvssV3_1"]},{required:["cvssV3_0"]},{required:["cvssV2_0"]},{required:["other"]}],properties:{format:{type:"string",minLength:1,maxLength:64},scenarios:{type:"array",minItems:1,uniqueItems:true,items:{type:"object",properties:{lang:{$ref:"#/definitions/language"},value:{type:"string",default:"GENERAL",minLength:1,maxLength:4096}},required:["lang","value"]}},cvssV3_1:{$schema:"http://json-schema.org/draft-07/schema#",type:"object",definitions:{attackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},modifiedAttackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},attackComplexityType:{type:"string",enum:["HIGH","LOW"]},modifiedAttackComplexityType:{type:"string",enum:["HIGH","LOW","NOT_DEFINED"]},privilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE"]},modifiedPrivilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE","NOT_DEFINED"]},userInteractionType:{type:"string",enum:["NONE","REQUIRED"]},modifiedUserInteractionType:{type:"string",enum:["NONE","REQUIRED","NOT_DEFINED"]},scopeType:{type:"string",enum:["UNCHANGED","CHANGED"]},modifiedScopeType:{type:"string",enum:["UNCHANGED","CHANGED","NOT_DEFINED"]},ciaType:{type:"string",enum:["NONE","LOW","HIGH"]},modifiedCiaType:{type:"string",enum:["NONE","LOW","HIGH","NOT_DEFINED"]},exploitCodeMaturityType:{type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},remediationLevelType:{type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},confidenceType:{type:"string",enum:["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},ciaRequirementType:{type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]},scoreType:{type:"number",minimum:0,maximum:10},severityType:{type:"string",enum:["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},properties:{version:{type:"string",enum:["3.1"]},vectorString:{type:"string",pattern:"^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},attackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType"},attackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType"},privilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType"},userInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType"},scope:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType"},confidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},integrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},availabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType"},baseScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},baseSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},exploitCodeMaturity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType"},remediationLevel:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType"},reportConfidence:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType"},temporalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},temporalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"},confidentialityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},integrityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},availabilityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType"},modifiedAttackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType"},modifiedAttackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType"},modifiedPrivilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType"},modifiedUserInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType"},modifiedScope:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType"},modifiedConfidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},modifiedIntegrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},modifiedAvailabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType"},environmentalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType"},environmentalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType"}},required:["version","vectorString","baseScore","baseSeverity"]},cvssV3_0:{$schema:"http://json-schema.org/draft-04/schema#",type:"object",definitions:{attackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]},modifiedAttackVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]},attackComplexityType:{type:"string",enum:["HIGH","LOW"]},modifiedAttackComplexityType:{type:"string",enum:["HIGH","LOW","NOT_DEFINED"]},privilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE"]},modifiedPrivilegesRequiredType:{type:"string",enum:["HIGH","LOW","NONE","NOT_DEFINED"]},userInteractionType:{type:"string",enum:["NONE","REQUIRED"]},modifiedUserInteractionType:{type:"string",enum:["NONE","REQUIRED","NOT_DEFINED"]},scopeType:{type:"string",enum:["UNCHANGED","CHANGED"]},modifiedScopeType:{type:"string",enum:["UNCHANGED","CHANGED","NOT_DEFINED"]},ciaType:{type:"string",enum:["NONE","LOW","HIGH"]},modifiedCiaType:{type:"string",enum:["NONE","LOW","HIGH","NOT_DEFINED"]},exploitCodeMaturityType:{type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},remediationLevelType:{type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},confidenceType:{type:"string",enum:["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]},ciaRequirementType:{type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]},scoreType:{type:"number",minimum:0,maximum:10},severityType:{type:"string",enum:["NONE","LOW","MEDIUM","HIGH","CRITICAL"]}},properties:{version:{type:"string",enum:["3.0"]},vectorString:{type:"string",pattern:"^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},attackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType"},attackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType"},privilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType"},userInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType"},scope:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType"},confidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},integrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},availabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType"},baseScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},baseSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},exploitCodeMaturity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType"},remediationLevel:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType"},reportConfidence:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType"},temporalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},temporalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"},confidentialityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},integrityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},availabilityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType"},modifiedAttackVector:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType"},modifiedAttackComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType"},modifiedPrivilegesRequired:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType"},modifiedUserInteraction:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType"},modifiedScope:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType"},modifiedConfidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},modifiedIntegrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},modifiedAvailabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType"},environmentalScore:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType"},environmentalSeverity:{$ref:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType"}},required:["version","vectorString","baseScore","baseSeverity"]},cvssV2_0:{$schema:"http://json-schema.org/draft-04/schema#",type:"object",definitions:{accessVectorType:{type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL"]},accessComplexityType:{type:"string",enum:["HIGH","MEDIUM","LOW"]},authenticationType:{type:"string",enum:["MULTIPLE","SINGLE","NONE"]},ciaType:{type:"string",enum:["NONE","PARTIAL","COMPLETE"]},exploitabilityType:{type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]},remediationLevelType:{type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]},reportConfidenceType:{type:"string",enum:["UNCONFIRMED","UNCORROBORATED","CONFIRMED","NOT_DEFINED"]},collateralDamagePotentialType:{type:"string",enum:["NONE","LOW","LOW_MEDIUM","MEDIUM_HIGH","HIGH","NOT_DEFINED"]},targetDistributionType:{type:"string",enum:["NONE","LOW","MEDIUM","HIGH","NOT_DEFINED"]},ciaRequirementType:{type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]},scoreType:{type:"number",minimum:0,maximum:10}},properties:{version:{type:"string",enum:["2.0"]},vectorString:{type:"string",pattern:"^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"},accessVector:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType"},accessComplexity:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType"},authentication:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType"},confidentialityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},integrityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},availabilityImpact:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType"},baseScore:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},exploitability:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType"},remediationLevel:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType"},reportConfidence:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType"},temporalScore:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"},collateralDamagePotential:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType"},targetDistribution:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType"},confidentialityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},integrityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},availabilityRequirement:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType"},environmentalScore:{$ref:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType"}},required:["version","vectorString","baseScore"]},other:{type:"object",required:["type","content"],properties:{type:{type:"string",minLength:1,maxLength:128},content:{type:"object",minProperties:1}}}}}};const schema54={type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]};const schema55={type:"string",enum:["HIGH","LOW"]};const schema56={type:"string",enum:["HIGH","LOW","NONE"]};const schema57={type:"string",enum:["NONE","REQUIRED"]};const schema58={type:"string",enum:["UNCHANGED","CHANGED"]};const schema59={type:"string",enum:["NONE","LOW","HIGH"]};const schema62={type:"number",minimum:0,maximum:10};const schema63={type:"string",enum:["NONE","LOW","MEDIUM","HIGH","CRITICAL"]};const schema64={type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]};const schema65={type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]};const schema66={type:"string",enum:["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]};const schema69={type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]};const schema72={type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]};const schema73={type:"string",enum:["HIGH","LOW","NOT_DEFINED"]};const schema74={type:"string",enum:["HIGH","LOW","NONE","NOT_DEFINED"]};const schema75={type:"string",enum:["NONE","REQUIRED","NOT_DEFINED"]};const schema76={type:"string",enum:["UNCHANGED","CHANGED","NOT_DEFINED"]};const schema77={type:"string",enum:["NONE","LOW","HIGH","NOT_DEFINED"]};const schema82={type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL"]};const schema83={type:"string",enum:["HIGH","LOW"]};const schema84={type:"string",enum:["HIGH","LOW","NONE"]};const schema85={type:"string",enum:["NONE","REQUIRED"]};const schema86={type:"string",enum:["UNCHANGED","CHANGED"]};const schema87={type:"string",enum:["NONE","LOW","HIGH"]};const schema90={type:"number",minimum:0,maximum:10};const schema91={type:"string",enum:["NONE","LOW","MEDIUM","HIGH","CRITICAL"]};const schema92={type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]};const schema93={type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]};const schema94={type:"string",enum:["UNKNOWN","REASONABLE","CONFIRMED","NOT_DEFINED"]};const schema97={type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]};const schema100={type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL","PHYSICAL","NOT_DEFINED"]};const schema101={type:"string",enum:["HIGH","LOW","NOT_DEFINED"]};const schema102={type:"string",enum:["HIGH","LOW","NONE","NOT_DEFINED"]};const schema103={type:"string",enum:["NONE","REQUIRED","NOT_DEFINED"]};const schema104={type:"string",enum:["UNCHANGED","CHANGED","NOT_DEFINED"]};const schema105={type:"string",enum:["NONE","LOW","HIGH","NOT_DEFINED"]};const schema110={type:"string",enum:["NETWORK","ADJACENT_NETWORK","LOCAL"]};const schema111={type:"string",enum:["HIGH","MEDIUM","LOW"]};const schema112={type:"string",enum:["MULTIPLE","SINGLE","NONE"]};const schema113={type:"string",enum:["NONE","PARTIAL","COMPLETE"]};const schema116={type:"number",minimum:0,maximum:10};const schema117={type:"string",enum:["UNPROVEN","PROOF_OF_CONCEPT","FUNCTIONAL","HIGH","NOT_DEFINED"]};const schema118={type:"string",enum:["OFFICIAL_FIX","TEMPORARY_FIX","WORKAROUND","UNAVAILABLE","NOT_DEFINED"]};const schema119={type:"string",enum:["UNCONFIRMED","UNCORROBORATED","CONFIRMED","NOT_DEFINED"]};const schema121={type:"string",enum:["NONE","LOW","LOW_MEDIUM","MEDIUM_HIGH","HIGH","NOT_DEFINED"]};const schema122={type:"string",enum:["NONE","LOW","MEDIUM","HIGH","NOT_DEFINED"]};const schema123={type:"string",enum:["LOW","MEDIUM","HIGH","NOT_DEFINED"]};const pattern19=new RegExp("^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$","u");const pattern20=new RegExp("^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$","u");const pattern21=new RegExp("^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$","u");function validate36(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate36.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i064){validate36.errors=[{instancePath:instancePath+"/"+i0+"/format",schemaPath:"#/items/properties/format/maxLength",keyword:"maxLength",params:{limit:64},message:"must NOT have more than 64 characters"}];return false}else{if(func7(data1)<1){validate36.errors=[{instancePath:instancePath+"/"+i0+"/format",schemaPath:"#/items/properties/format/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/format",schemaPath:"#/items/properties/format/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid2=_errs8===errors}else{var valid2=true}if(valid2){if(data0.scenarios!==undefined){let data2=data0.scenarios;const _errs10=errors;if(errors===_errs10){if(Array.isArray(data2)){if(data2.length<1){validate36.errors=[{instancePath:instancePath+"/"+i0+"/scenarios",schemaPath:"#/items/properties/scenarios/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid3=true;const len1=data2.length;for(let i1=0;i14096){validate36.errors=[{instancePath:instancePath+"/"+i0+"/scenarios/"+i1+"/value",schemaPath:"#/items/properties/scenarios/items/properties/value/maxLength",keyword:"maxLength",params:{limit:4096},message:"must NOT have more than 4096 characters"}];return false}else{if(func7(data5)<1){validate36.errors=[{instancePath:instancePath+"/"+i0+"/scenarios/"+i1+"/value",schemaPath:"#/items/properties/scenarios/items/properties/value/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/scenarios/"+i1+"/value",schemaPath:"#/items/properties/scenarios/items/properties/value/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid4=_errs17===errors}else{var valid4=true}}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/scenarios/"+i1,schemaPath:"#/items/properties/scenarios/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid3=_errs12===errors;if(!valid3){break}}if(valid3){let i2=data2.length;let j0;if(i2>1){outer0:for(;i2--;){for(j0=i2;j0--;){if(func0(data2[i2],data2[j0])){validate36.errors=[{instancePath:instancePath+"/"+i0+"/scenarios",schemaPath:"#/items/properties/scenarios/uniqueItems",keyword:"uniqueItems",params:{i:i2,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0}}}}}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/scenarios",schemaPath:"#/items/properties/scenarios/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid2=_errs10===errors}else{var valid2=true}if(valid2){if(data0.cvssV3_1!==undefined){let data6=data0.cvssV3_1;const _errs19=errors;if(errors===_errs19){if(data6&&typeof data6=="object"&&!Array.isArray(data6)){let missing5;if(data6.version===undefined&&(missing5="version")||data6.vectorString===undefined&&(missing5="vectorString")||data6.baseScore===undefined&&(missing5="baseScore")||data6.baseSeverity===undefined&&(missing5="baseSeverity")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1",schemaPath:"#/items/properties/cvssV3_1/required",keyword:"required",params:{missingProperty:missing5},message:"must have required property '"+missing5+"'"}];return false}else{if(data6.version!==undefined){let data7=data6.version;const _errs21=errors;if(typeof data7!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/version",schemaPath:"#/items/properties/cvssV3_1/properties/version/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data7==="3.1")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/version",schemaPath:"#/items/properties/cvssV3_1/properties/version/enum",keyword:"enum",params:{allowedValues:schema52.items.properties.cvssV3_1.properties.version.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs21===errors}else{var valid7=true}if(valid7){if(data6.vectorString!==undefined){let data8=data6.vectorString;const _errs23=errors;if(errors===_errs23){if(typeof data8==="string"){if(!pattern19.test(data8)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/vectorString",schemaPath:"#/items/properties/cvssV3_1/properties/vectorString/pattern",keyword:"pattern",params:{pattern:"^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},message:'must match pattern "'+"^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"+'"'}];return false}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/vectorString",schemaPath:"#/items/properties/cvssV3_1/properties/vectorString/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid7=_errs23===errors}else{var valid7=true}if(valid7){if(data6.attackVector!==undefined){let data9=data6.attackVector;const _errs25=errors;if(typeof data9!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data9==="NETWORK"||data9==="ADJACENT_NETWORK"||data9==="LOCAL"||data9==="PHYSICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackVectorType/enum",keyword:"enum",params:{allowedValues:schema54.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs25===errors}else{var valid7=true}if(valid7){if(data6.attackComplexity!==undefined){let data10=data6.attackComplexity;const _errs28=errors;if(typeof data10!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data10==="HIGH"||data10==="LOW")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/attackComplexityType/enum",keyword:"enum",params:{allowedValues:schema55.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs28===errors}else{var valid7=true}if(valid7){if(data6.privilegesRequired!==undefined){let data11=data6.privilegesRequired;const _errs31=errors;if(typeof data11!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data11==="HIGH"||data11==="LOW"||data11==="NONE")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/privilegesRequiredType/enum",keyword:"enum",params:{allowedValues:schema56.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs31===errors}else{var valid7=true}if(valid7){if(data6.userInteraction!==undefined){let data12=data6.userInteraction;const _errs34=errors;if(typeof data12!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data12==="NONE"||data12==="REQUIRED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/userInteractionType/enum",keyword:"enum",params:{allowedValues:schema57.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs34===errors}else{var valid7=true}if(valid7){if(data6.scope!==undefined){let data13=data6.scope;const _errs37=errors;if(typeof data13!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data13==="UNCHANGED"||data13==="CHANGED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scopeType/enum",keyword:"enum",params:{allowedValues:schema58.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs37===errors}else{var valid7=true}if(valid7){if(data6.confidentialityImpact!==undefined){let data14=data6.confidentialityImpact;const _errs40=errors;if(typeof data14!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data14==="NONE"||data14==="LOW"||data14==="HIGH")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema59.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs40===errors}else{var valid7=true}if(valid7){if(data6.integrityImpact!==undefined){let data15=data6.integrityImpact;const _errs43=errors;if(typeof data15!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data15==="NONE"||data15==="LOW"||data15==="HIGH")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema59.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs43===errors}else{var valid7=true}if(valid7){if(data6.availabilityImpact!==undefined){let data16=data6.availabilityImpact;const _errs46=errors;if(typeof data16!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data16==="NONE"||data16==="LOW"||data16==="HIGH")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema59.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs46===errors}else{var valid7=true}if(valid7){if(data6.baseScore!==undefined){let data17=data6.baseScore;const _errs49=errors;const _errs50=errors;if(errors===_errs50){if(typeof data17=="number"&&isFinite(data17)){if(data17>10||isNaN(data17)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data17<0||isNaN(data17)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid7=_errs49===errors}else{var valid7=true}if(valid7){if(data6.baseSeverity!==undefined){let data18=data6.baseSeverity;const _errs52=errors;if(typeof data18!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data18==="NONE"||data18==="LOW"||data18==="MEDIUM"||data18==="HIGH"||data18==="CRITICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/enum",keyword:"enum",params:{allowedValues:schema63.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs52===errors}else{var valid7=true}if(valid7){if(data6.exploitCodeMaturity!==undefined){let data19=data6.exploitCodeMaturity;const _errs55=errors;if(typeof data19!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data19==="UNPROVEN"||data19==="PROOF_OF_CONCEPT"||data19==="FUNCTIONAL"||data19==="HIGH"||data19==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/exploitCodeMaturityType/enum",keyword:"enum",params:{allowedValues:schema64.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs55===errors}else{var valid7=true}if(valid7){if(data6.remediationLevel!==undefined){let data20=data6.remediationLevel;const _errs58=errors;if(typeof data20!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data20==="OFFICIAL_FIX"||data20==="TEMPORARY_FIX"||data20==="WORKAROUND"||data20==="UNAVAILABLE"||data20==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/remediationLevelType/enum",keyword:"enum",params:{allowedValues:schema65.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs58===errors}else{var valid7=true}if(valid7){if(data6.reportConfidence!==undefined){let data21=data6.reportConfidence;const _errs61=errors;if(typeof data21!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data21==="UNKNOWN"||data21==="REASONABLE"||data21==="CONFIRMED"||data21==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/confidenceType/enum",keyword:"enum",params:{allowedValues:schema66.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs61===errors}else{var valid7=true}if(valid7){if(data6.temporalScore!==undefined){let data22=data6.temporalScore;const _errs64=errors;const _errs65=errors;if(errors===_errs65){if(typeof data22=="number"&&isFinite(data22)){if(data22>10||isNaN(data22)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data22<0||isNaN(data22)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid7=_errs64===errors}else{var valid7=true}if(valid7){if(data6.temporalSeverity!==undefined){let data23=data6.temporalSeverity;const _errs67=errors;if(typeof data23!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data23==="NONE"||data23==="LOW"||data23==="MEDIUM"||data23==="HIGH"||data23==="CRITICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/enum",keyword:"enum",params:{allowedValues:schema63.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs67===errors}else{var valid7=true}if(valid7){if(data6.confidentialityRequirement!==undefined){let data24=data6.confidentialityRequirement;const _errs70=errors;if(typeof data24!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data24==="LOW"||data24==="MEDIUM"||data24==="HIGH"||data24==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema69.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs70===errors}else{var valid7=true}if(valid7){if(data6.integrityRequirement!==undefined){let data25=data6.integrityRequirement;const _errs73=errors;if(typeof data25!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data25==="LOW"||data25==="MEDIUM"||data25==="HIGH"||data25==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema69.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs73===errors}else{var valid7=true}if(valid7){if(data6.availabilityRequirement!==undefined){let data26=data6.availabilityRequirement;const _errs76=errors;if(typeof data26!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data26==="LOW"||data26==="MEDIUM"||data26==="HIGH"||data26==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema69.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs76===errors}else{var valid7=true}if(valid7){if(data6.modifiedAttackVector!==undefined){let data27=data6.modifiedAttackVector;const _errs79=errors;if(typeof data27!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data27==="NETWORK"||data27==="ADJACENT_NETWORK"||data27==="LOCAL"||data27==="PHYSICAL"||data27==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackVectorType/enum",keyword:"enum",params:{allowedValues:schema72.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs79===errors}else{var valid7=true}if(valid7){if(data6.modifiedAttackComplexity!==undefined){let data28=data6.modifiedAttackComplexity;const _errs82=errors;if(typeof data28!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data28==="HIGH"||data28==="LOW"||data28==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedAttackComplexityType/enum",keyword:"enum",params:{allowedValues:schema73.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs82===errors}else{var valid7=true}if(valid7){if(data6.modifiedPrivilegesRequired!==undefined){let data29=data6.modifiedPrivilegesRequired;const _errs85=errors;if(typeof data29!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data29==="HIGH"||data29==="LOW"||data29==="NONE"||data29==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedPrivilegesRequiredType/enum",keyword:"enum",params:{allowedValues:schema74.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs85===errors}else{var valid7=true}if(valid7){if(data6.modifiedUserInteraction!==undefined){let data30=data6.modifiedUserInteraction;const _errs88=errors;if(typeof data30!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data30==="NONE"||data30==="REQUIRED"||data30==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedUserInteractionType/enum",keyword:"enum",params:{allowedValues:schema75.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs88===errors}else{var valid7=true}if(valid7){if(data6.modifiedScope!==undefined){let data31=data6.modifiedScope;const _errs91=errors;if(typeof data31!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data31==="UNCHANGED"||data31==="CHANGED"||data31==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedScopeType/enum",keyword:"enum",params:{allowedValues:schema76.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs91===errors}else{var valid7=true}if(valid7){if(data6.modifiedConfidentialityImpact!==undefined){let data32=data6.modifiedConfidentialityImpact;const _errs94=errors;if(typeof data32!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data32==="NONE"||data32==="LOW"||data32==="HIGH"||data32==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues:schema77.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs94===errors}else{var valid7=true}if(valid7){if(data6.modifiedIntegrityImpact!==undefined){let data33=data6.modifiedIntegrityImpact;const _errs97=errors;if(typeof data33!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data33==="NONE"||data33==="LOW"||data33==="HIGH"||data33==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues:schema77.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs97===errors}else{var valid7=true}if(valid7){if(data6.modifiedAvailabilityImpact!==undefined){let data34=data6.modifiedAvailabilityImpact;const _errs100=errors;if(typeof data34!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data34==="NONE"||data34==="LOW"||data34==="HIGH"||data34==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues:schema77.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs100===errors}else{var valid7=true}if(valid7){if(data6.environmentalScore!==undefined){let data35=data6.environmentalScore;const _errs103=errors;const _errs104=errors;if(errors===_errs104){if(typeof data35=="number"&&isFinite(data35)){if(data35>10||isNaN(data35)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data35<0||isNaN(data35)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid7=_errs103===errors}else{var valid7=true}if(valid7){if(data6.environmentalSeverity!==undefined){let data36=data6.environmentalSeverity;const _errs106=errors;if(typeof data36!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data36==="NONE"||data36==="LOW"||data36==="MEDIUM"||data36==="HIGH"||data36==="CRITICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_1/definitions/severityType/enum",keyword:"enum",params:{allowedValues:schema63.enum},message:"must be equal to one of the allowed values"}];return false}var valid7=_errs106===errors}else{var valid7=true}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_1",schemaPath:"#/items/properties/cvssV3_1/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid2=_errs19===errors}else{var valid2=true}if(valid2){if(data0.cvssV3_0!==undefined){let data37=data0.cvssV3_0;const _errs109=errors;if(errors===_errs109){if(data37&&typeof data37=="object"&&!Array.isArray(data37)){let missing6;if(data37.version===undefined&&(missing6="version")||data37.vectorString===undefined&&(missing6="vectorString")||data37.baseScore===undefined&&(missing6="baseScore")||data37.baseSeverity===undefined&&(missing6="baseSeverity")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0",schemaPath:"#/items/properties/cvssV3_0/required",keyword:"required",params:{missingProperty:missing6},message:"must have required property '"+missing6+"'"}];return false}else{if(data37.version!==undefined){let data38=data37.version;const _errs111=errors;if(typeof data38!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/version",schemaPath:"#/items/properties/cvssV3_0/properties/version/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data38==="3.0")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/version",schemaPath:"#/items/properties/cvssV3_0/properties/version/enum",keyword:"enum",params:{allowedValues:schema52.items.properties.cvssV3_0.properties.version.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs111===errors}else{var valid36=true}if(valid36){if(data37.vectorString!==undefined){let data39=data37.vectorString;const _errs113=errors;if(errors===_errs113){if(typeof data39==="string"){if(!pattern20.test(data39)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/vectorString",schemaPath:"#/items/properties/cvssV3_0/properties/vectorString/pattern",keyword:"pattern",params:{pattern:"^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"},message:'must match pattern "'+"^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"+'"'}];return false}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/vectorString",schemaPath:"#/items/properties/cvssV3_0/properties/vectorString/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid36=_errs113===errors}else{var valid36=true}if(valid36){if(data37.attackVector!==undefined){let data40=data37.attackVector;const _errs115=errors;if(typeof data40!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data40==="NETWORK"||data40==="ADJACENT_NETWORK"||data40==="LOCAL"||data40==="PHYSICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/attackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackVectorType/enum",keyword:"enum",params:{allowedValues:schema82.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs115===errors}else{var valid36=true}if(valid36){if(data37.attackComplexity!==undefined){let data41=data37.attackComplexity;const _errs118=errors;if(typeof data41!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data41==="HIGH"||data41==="LOW")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/attackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/attackComplexityType/enum",keyword:"enum",params:{allowedValues:schema83.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs118===errors}else{var valid36=true}if(valid36){if(data37.privilegesRequired!==undefined){let data42=data37.privilegesRequired;const _errs121=errors;if(typeof data42!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data42==="HIGH"||data42==="LOW"||data42==="NONE")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/privilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/privilegesRequiredType/enum",keyword:"enum",params:{allowedValues:schema84.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs121===errors}else{var valid36=true}if(valid36){if(data37.userInteraction!==undefined){let data43=data37.userInteraction;const _errs124=errors;if(typeof data43!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data43==="NONE"||data43==="REQUIRED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/userInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/userInteractionType/enum",keyword:"enum",params:{allowedValues:schema85.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs124===errors}else{var valid36=true}if(valid36){if(data37.scope!==undefined){let data44=data37.scope;const _errs127=errors;if(typeof data44!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data44==="UNCHANGED"||data44==="CHANGED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/scope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scopeType/enum",keyword:"enum",params:{allowedValues:schema86.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs127===errors}else{var valid36=true}if(valid36){if(data37.confidentialityImpact!==undefined){let data45=data37.confidentialityImpact;const _errs130=errors;if(typeof data45!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data45==="NONE"||data45==="LOW"||data45==="HIGH")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema87.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs130===errors}else{var valid36=true}if(valid36){if(data37.integrityImpact!==undefined){let data46=data37.integrityImpact;const _errs133=errors;if(typeof data46!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data46==="NONE"||data46==="LOW"||data46==="HIGH")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema87.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs133===errors}else{var valid36=true}if(valid36){if(data37.availabilityImpact!==undefined){let data47=data37.availabilityImpact;const _errs136=errors;if(typeof data47!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data47==="NONE"||data47==="LOW"||data47==="HIGH")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema87.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs136===errors}else{var valid36=true}if(valid36){if(data37.baseScore!==undefined){let data48=data37.baseScore;const _errs139=errors;const _errs140=errors;if(errors===_errs140){if(typeof data48=="number"&&isFinite(data48)){if(data48>10||isNaN(data48)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data48<0||isNaN(data48)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid36=_errs139===errors}else{var valid36=true}if(valid36){if(data37.baseSeverity!==undefined){let data49=data37.baseSeverity;const _errs142=errors;if(typeof data49!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data49==="NONE"||data49==="LOW"||data49==="MEDIUM"||data49==="HIGH"||data49==="CRITICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/baseSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/enum",keyword:"enum",params:{allowedValues:schema91.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs142===errors}else{var valid36=true}if(valid36){if(data37.exploitCodeMaturity!==undefined){let data50=data37.exploitCodeMaturity;const _errs145=errors;if(typeof data50!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data50==="UNPROVEN"||data50==="PROOF_OF_CONCEPT"||data50==="FUNCTIONAL"||data50==="HIGH"||data50==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/exploitCodeMaturity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/exploitCodeMaturityType/enum",keyword:"enum",params:{allowedValues:schema92.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs145===errors}else{var valid36=true}if(valid36){if(data37.remediationLevel!==undefined){let data51=data37.remediationLevel;const _errs148=errors;if(typeof data51!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data51==="OFFICIAL_FIX"||data51==="TEMPORARY_FIX"||data51==="WORKAROUND"||data51==="UNAVAILABLE"||data51==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/remediationLevelType/enum",keyword:"enum",params:{allowedValues:schema93.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs148===errors}else{var valid36=true}if(valid36){if(data37.reportConfidence!==undefined){let data52=data37.reportConfidence;const _errs151=errors;if(typeof data52!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data52==="UNKNOWN"||data52==="REASONABLE"||data52==="CONFIRMED"||data52==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/confidenceType/enum",keyword:"enum",params:{allowedValues:schema94.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs151===errors}else{var valid36=true}if(valid36){if(data37.temporalScore!==undefined){let data53=data37.temporalScore;const _errs154=errors;const _errs155=errors;if(errors===_errs155){if(typeof data53=="number"&&isFinite(data53)){if(data53>10||isNaN(data53)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data53<0||isNaN(data53)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid36=_errs154===errors}else{var valid36=true}if(valid36){if(data37.temporalSeverity!==undefined){let data54=data37.temporalSeverity;const _errs157=errors;if(typeof data54!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data54==="NONE"||data54==="LOW"||data54==="MEDIUM"||data54==="HIGH"||data54==="CRITICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/temporalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/enum",keyword:"enum",params:{allowedValues:schema91.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs157===errors}else{var valid36=true}if(valid36){if(data37.confidentialityRequirement!==undefined){let data55=data37.confidentialityRequirement;const _errs160=errors;if(typeof data55!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data55==="LOW"||data55==="MEDIUM"||data55==="HIGH"||data55==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema97.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs160===errors}else{var valid36=true}if(valid36){if(data37.integrityRequirement!==undefined){let data56=data37.integrityRequirement;const _errs163=errors;if(typeof data56!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data56==="LOW"||data56==="MEDIUM"||data56==="HIGH"||data56==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema97.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs163===errors}else{var valid36=true}if(valid36){if(data37.availabilityRequirement!==undefined){let data57=data37.availabilityRequirement;const _errs166=errors;if(typeof data57!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data57==="LOW"||data57==="MEDIUM"||data57==="HIGH"||data57==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema97.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs166===errors}else{var valid36=true}if(valid36){if(data37.modifiedAttackVector!==undefined){let data58=data37.modifiedAttackVector;const _errs169=errors;if(typeof data58!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data58==="NETWORK"||data58==="ADJACENT_NETWORK"||data58==="LOCAL"||data58==="PHYSICAL"||data58==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedAttackVector",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackVectorType/enum",keyword:"enum",params:{allowedValues:schema100.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs169===errors}else{var valid36=true}if(valid36){if(data37.modifiedAttackComplexity!==undefined){let data59=data37.modifiedAttackComplexity;const _errs172=errors;if(typeof data59!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data59==="HIGH"||data59==="LOW"||data59==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedAttackComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedAttackComplexityType/enum",keyword:"enum",params:{allowedValues:schema101.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs172===errors}else{var valid36=true}if(valid36){if(data37.modifiedPrivilegesRequired!==undefined){let data60=data37.modifiedPrivilegesRequired;const _errs175=errors;if(typeof data60!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data60==="HIGH"||data60==="LOW"||data60==="NONE"||data60==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedPrivilegesRequired",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedPrivilegesRequiredType/enum",keyword:"enum",params:{allowedValues:schema102.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs175===errors}else{var valid36=true}if(valid36){if(data37.modifiedUserInteraction!==undefined){let data61=data37.modifiedUserInteraction;const _errs178=errors;if(typeof data61!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data61==="NONE"||data61==="REQUIRED"||data61==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedUserInteraction",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedUserInteractionType/enum",keyword:"enum",params:{allowedValues:schema103.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs178===errors}else{var valid36=true}if(valid36){if(data37.modifiedScope!==undefined){let data62=data37.modifiedScope;const _errs181=errors;if(typeof data62!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data62==="UNCHANGED"||data62==="CHANGED"||data62==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedScope",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedScopeType/enum",keyword:"enum",params:{allowedValues:schema104.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs181===errors}else{var valid36=true}if(valid36){if(data37.modifiedConfidentialityImpact!==undefined){let data63=data37.modifiedConfidentialityImpact;const _errs184=errors;if(typeof data63!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data63==="NONE"||data63==="LOW"||data63==="HIGH"||data63==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedConfidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues:schema105.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs184===errors}else{var valid36=true}if(valid36){if(data37.modifiedIntegrityImpact!==undefined){let data64=data37.modifiedIntegrityImpact;const _errs187=errors;if(typeof data64!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data64==="NONE"||data64==="LOW"||data64==="HIGH"||data64==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedIntegrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues:schema105.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs187===errors}else{var valid36=true}if(valid36){if(data37.modifiedAvailabilityImpact!==undefined){let data65=data37.modifiedAvailabilityImpact;const _errs190=errors;if(typeof data65!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data65==="NONE"||data65==="LOW"||data65==="HIGH"||data65==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/modifiedAvailabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/modifiedCiaType/enum",keyword:"enum",params:{allowedValues:schema105.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs190===errors}else{var valid36=true}if(valid36){if(data37.environmentalScore!==undefined){let data66=data37.environmentalScore;const _errs193=errors;const _errs194=errors;if(errors===_errs194){if(typeof data66=="number"&&isFinite(data66)){if(data66>10||isNaN(data66)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data66<0||isNaN(data66)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid36=_errs193===errors}else{var valid36=true}if(valid36){if(data37.environmentalSeverity!==undefined){let data67=data37.environmentalSeverity;const _errs196=errors;if(typeof data67!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data67==="NONE"||data67==="LOW"||data67==="MEDIUM"||data67==="HIGH"||data67==="CRITICAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0/environmentalSeverity",schemaPath:"#/definitions/metrics/items/properties/cvssV3_0/definitions/severityType/enum",keyword:"enum",params:{allowedValues:schema91.enum},message:"must be equal to one of the allowed values"}];return false}var valid36=_errs196===errors}else{var valid36=true}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV3_0",schemaPath:"#/items/properties/cvssV3_0/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid2=_errs109===errors}else{var valid2=true}if(valid2){if(data0.cvssV2_0!==undefined){let data68=data0.cvssV2_0;const _errs199=errors;if(errors===_errs199){if(data68&&typeof data68=="object"&&!Array.isArray(data68)){let missing7;if(data68.version===undefined&&(missing7="version")||data68.vectorString===undefined&&(missing7="vectorString")||data68.baseScore===undefined&&(missing7="baseScore")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0",schemaPath:"#/items/properties/cvssV2_0/required",keyword:"required",params:{missingProperty:missing7},message:"must have required property '"+missing7+"'"}];return false}else{if(data68.version!==undefined){let data69=data68.version;const _errs201=errors;if(typeof data69!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/version",schemaPath:"#/items/properties/cvssV2_0/properties/version/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data69==="2.0")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/version",schemaPath:"#/items/properties/cvssV2_0/properties/version/enum",keyword:"enum",params:{allowedValues:schema52.items.properties.cvssV2_0.properties.version.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs201===errors}else{var valid65=true}if(valid65){if(data68.vectorString!==undefined){let data70=data68.vectorString;const _errs203=errors;if(errors===_errs203){if(typeof data70==="string"){if(!pattern21.test(data70)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/vectorString",schemaPath:"#/items/properties/cvssV2_0/properties/vectorString/pattern",keyword:"pattern",params:{pattern:"^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"},message:'must match pattern "'+"^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$"+'"'}];return false}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/vectorString",schemaPath:"#/items/properties/cvssV2_0/properties/vectorString/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid65=_errs203===errors}else{var valid65=true}if(valid65){if(data68.accessVector!==undefined){let data71=data68.accessVector;const _errs205=errors;if(typeof data71!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/accessVector",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data71==="NETWORK"||data71==="ADJACENT_NETWORK"||data71==="LOCAL")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/accessVector",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessVectorType/enum",keyword:"enum",params:{allowedValues:schema110.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs205===errors}else{var valid65=true}if(valid65){if(data68.accessComplexity!==undefined){let data72=data68.accessComplexity;const _errs208=errors;if(typeof data72!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/accessComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data72==="HIGH"||data72==="MEDIUM"||data72==="LOW")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/accessComplexity",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/accessComplexityType/enum",keyword:"enum",params:{allowedValues:schema111.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs208===errors}else{var valid65=true}if(valid65){if(data68.authentication!==undefined){let data73=data68.authentication;const _errs211=errors;if(typeof data73!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/authentication",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data73==="MULTIPLE"||data73==="SINGLE"||data73==="NONE")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/authentication",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/authenticationType/enum",keyword:"enum",params:{allowedValues:schema112.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs211===errors}else{var valid65=true}if(valid65){if(data68.confidentialityImpact!==undefined){let data74=data68.confidentialityImpact;const _errs214=errors;if(typeof data74!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data74==="NONE"||data74==="PARTIAL"||data74==="COMPLETE")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/confidentialityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema113.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs214===errors}else{var valid65=true}if(valid65){if(data68.integrityImpact!==undefined){let data75=data68.integrityImpact;const _errs217=errors;if(typeof data75!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data75==="NONE"||data75==="PARTIAL"||data75==="COMPLETE")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/integrityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema113.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs217===errors}else{var valid65=true}if(valid65){if(data68.availabilityImpact!==undefined){let data76=data68.availabilityImpact;const _errs220=errors;if(typeof data76!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data76==="NONE"||data76==="PARTIAL"||data76==="COMPLETE")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/availabilityImpact",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaType/enum",keyword:"enum",params:{allowedValues:schema113.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs220===errors}else{var valid65=true}if(valid65){if(data68.baseScore!==undefined){let data77=data68.baseScore;const _errs223=errors;const _errs224=errors;if(errors===_errs224){if(typeof data77=="number"&&isFinite(data77)){if(data77>10||isNaN(data77)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data77<0||isNaN(data77)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/baseScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid65=_errs223===errors}else{var valid65=true}if(valid65){if(data68.exploitability!==undefined){let data78=data68.exploitability;const _errs226=errors;if(typeof data78!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/exploitability",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data78==="UNPROVEN"||data78==="PROOF_OF_CONCEPT"||data78==="FUNCTIONAL"||data78==="HIGH"||data78==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/exploitability",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/exploitabilityType/enum",keyword:"enum",params:{allowedValues:schema117.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs226===errors}else{var valid65=true}if(valid65){if(data68.remediationLevel!==undefined){let data79=data68.remediationLevel;const _errs229=errors;if(typeof data79!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data79==="OFFICIAL_FIX"||data79==="TEMPORARY_FIX"||data79==="WORKAROUND"||data79==="UNAVAILABLE"||data79==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/remediationLevel",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/remediationLevelType/enum",keyword:"enum",params:{allowedValues:schema118.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs229===errors}else{var valid65=true}if(valid65){if(data68.reportConfidence!==undefined){let data80=data68.reportConfidence;const _errs232=errors;if(typeof data80!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data80==="UNCONFIRMED"||data80==="UNCORROBORATED"||data80==="CONFIRMED"||data80==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/reportConfidence",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/reportConfidenceType/enum",keyword:"enum",params:{allowedValues:schema119.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs232===errors}else{var valid65=true}if(valid65){if(data68.temporalScore!==undefined){let data81=data68.temporalScore;const _errs235=errors;const _errs236=errors;if(errors===_errs236){if(typeof data81=="number"&&isFinite(data81)){if(data81>10||isNaN(data81)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data81<0||isNaN(data81)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/temporalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid65=_errs235===errors}else{var valid65=true}if(valid65){if(data68.collateralDamagePotential!==undefined){let data82=data68.collateralDamagePotential;const _errs238=errors;if(typeof data82!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/collateralDamagePotential",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data82==="NONE"||data82==="LOW"||data82==="LOW_MEDIUM"||data82==="MEDIUM_HIGH"||data82==="HIGH"||data82==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/collateralDamagePotential",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/collateralDamagePotentialType/enum",keyword:"enum",params:{allowedValues:schema121.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs238===errors}else{var valid65=true}if(valid65){if(data68.targetDistribution!==undefined){let data83=data68.targetDistribution;const _errs241=errors;if(typeof data83!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/targetDistribution",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data83==="NONE"||data83==="LOW"||data83==="MEDIUM"||data83==="HIGH"||data83==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/targetDistribution",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/targetDistributionType/enum",keyword:"enum",params:{allowedValues:schema122.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs241===errors}else{var valid65=true}if(valid65){if(data68.confidentialityRequirement!==undefined){let data84=data68.confidentialityRequirement;const _errs244=errors;if(typeof data84!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data84==="LOW"||data84==="MEDIUM"||data84==="HIGH"||data84==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/confidentialityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema123.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs244===errors}else{var valid65=true}if(valid65){if(data68.integrityRequirement!==undefined){let data85=data68.integrityRequirement;const _errs247=errors;if(typeof data85!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data85==="LOW"||data85==="MEDIUM"||data85==="HIGH"||data85==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/integrityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema123.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs247===errors}else{var valid65=true}if(valid65){if(data68.availabilityRequirement!==undefined){let data86=data68.availabilityRequirement;const _errs250=errors;if(typeof data86!=="string"){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data86==="LOW"||data86==="MEDIUM"||data86==="HIGH"||data86==="NOT_DEFINED")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/availabilityRequirement",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/ciaRequirementType/enum",keyword:"enum",params:{allowedValues:schema123.enum},message:"must be equal to one of the allowed values"}];return false}var valid65=_errs250===errors}else{var valid65=true}if(valid65){if(data68.environmentalScore!==undefined){let data87=data68.environmentalScore;const _errs253=errors;const _errs254=errors;if(errors===_errs254){if(typeof data87=="number"&&isFinite(data87)){if(data87>10||isNaN(data87)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/maximum",keyword:"maximum",params:{comparison:"<=",limit:10},message:"must be <= 10"}];return false}else{if(data87<0||isNaN(data87)){validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/minimum",keyword:"minimum",params:{comparison:">=",limit:0},message:"must be >= 0"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0/environmentalScore",schemaPath:"#/definitions/metrics/items/properties/cvssV2_0/definitions/scoreType/type",keyword:"type",params:{type:"number"},message:"must be number"}];return false}}var valid65=_errs253===errors}else{var valid65=true}}}}}}}}}}}}}}}}}}}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/cvssV2_0",schemaPath:"#/items/properties/cvssV2_0/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid2=_errs199===errors}else{var valid2=true}if(valid2){if(data0.other!==undefined){let data88=data0.other;const _errs256=errors;if(errors===_errs256){if(data88&&typeof data88=="object"&&!Array.isArray(data88)){let missing8;if(data88.type===undefined&&(missing8="type")||data88.content===undefined&&(missing8="content")){validate36.errors=[{instancePath:instancePath+"/"+i0+"/other",schemaPath:"#/items/properties/other/required",keyword:"required",params:{missingProperty:missing8},message:"must have required property '"+missing8+"'"}];return false}else{if(data88.type!==undefined){let data89=data88.type;const _errs258=errors;if(errors===_errs258){if(typeof data89==="string"){if(func7(data89)>128){validate36.errors=[{instancePath:instancePath+"/"+i0+"/other/type",schemaPath:"#/items/properties/other/properties/type/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data89)<1){validate36.errors=[{instancePath:instancePath+"/"+i0+"/other/type",schemaPath:"#/items/properties/other/properties/type/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/other/type",schemaPath:"#/items/properties/other/properties/type/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid83=_errs258===errors}else{var valid83=true}if(valid83){if(data88.content!==undefined){let data90=data88.content;const _errs260=errors;if(errors===_errs260){if(data90&&typeof data90=="object"&&!Array.isArray(data90)){if(Object.keys(data90).length<1){validate36.errors=[{instancePath:instancePath+"/"+i0+"/other/content",schemaPath:"#/items/properties/other/properties/content/minProperties",keyword:"minProperties",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/other/content",schemaPath:"#/items/properties/other/properties/content/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid83=_errs260===errors}else{var valid83=true}}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0+"/other",schemaPath:"#/items/properties/other/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid2=_errs256===errors}else{var valid2=true}}}}}}}else{validate36.errors=[{instancePath:instancePath+"/"+i0,schemaPath:"#/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid0=_errs1===errors;if(!valid0){break}}if(valid0){let i3=data.length;let j1;if(i3>1){outer1:for(;i3--;){for(j1=i3;j1--;){if(func0(data[i3],data[j1])){validate36.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i3,j:j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1}}}}}}}else{validate36.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate36.errors=vErrors;return errors===0}const schema127={type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}};function validate38(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate38.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i01){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate38.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate38.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate38.errors=vErrors;return errors===0}const schema128={type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}};function validate41(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate41.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i01){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate41.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate41.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate41.errors=vErrors;return errors===0}const schema129={type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}};function validate44(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate44.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i01){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate44.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate44.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate44.errors=vErrors;return errors===0}const schema130={type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/description"}};function validate47(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate47.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i01){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate47.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate47.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate47.errors=vErrors;return errors===0}const schema131={type:"array",minItems:1,uniqueItems:true,items:{type:"object",required:["time","lang","value"],properties:{time:{$ref:"#/definitions/timestamp"},lang:{$ref:"#/definitions/language"},value:{type:"string",minLength:1,maxLength:4096}}}};function validate50(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate50.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i04096){validate50.errors=[{instancePath:instancePath+"/"+i0+"/value",schemaPath:"#/items/properties/value/maxLength",keyword:"maxLength",params:{limit:4096},message:"must NOT have more than 4096 characters"}];return false}else{if(func7(data3)<1){validate50.errors=[{instancePath:instancePath+"/"+i0+"/value",schemaPath:"#/items/properties/value/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate50.errors=[{instancePath:instancePath+"/"+i0+"/value",schemaPath:"#/items/properties/value/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid1=_errs9===errors}else{var valid1=true}}}}}else{validate50.errors=[{instancePath:instancePath+"/"+i0,schemaPath:"#/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid0=_errs1===errors;if(!valid0){break}}if(valid0){let i1=data.length;let j0;if(i1>1){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate50.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate50.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate50.errors=vErrors;return errors===0}const schema134={type:"array",minItems:1,uniqueItems:true,items:{type:"object",properties:{lang:{$ref:"#/definitions/language"},value:{type:"string",minLength:1,maxLength:4096},user:{$ref:"#/definitions/uuidType"},type:{type:"string",default:"finder",enum:["finder","reporter","analyst","coordinator","remediation developer","remediation reviewer","remediation verifier","tool","sponsor","other"]}},required:["lang","value"]}};function validate52(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate52.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i04096){validate52.errors=[{instancePath:instancePath+"/"+i0+"/value",schemaPath:"#/items/properties/value/maxLength",keyword:"maxLength",params:{limit:4096},message:"must NOT have more than 4096 characters"}];return false}else{if(func7(data2)<1){validate52.errors=[{instancePath:instancePath+"/"+i0+"/value",schemaPath:"#/items/properties/value/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate52.errors=[{instancePath:instancePath+"/"+i0+"/value",schemaPath:"#/items/properties/value/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid1=_errs6===errors}else{var valid1=true}if(valid1){if(data0.user!==undefined){let data3=data0.user;const _errs8=errors;const _errs9=errors;if(errors===_errs9){if(typeof data3==="string"){if(!pattern1.test(data3)){validate52.errors=[{instancePath:instancePath+"/"+i0+"/user",schemaPath:"#/definitions/uuidType/pattern",keyword:"pattern",params:{pattern:"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:'must match pattern "'+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+'"'}];return false}}else{validate52.errors=[{instancePath:instancePath+"/"+i0+"/user",schemaPath:"#/definitions/uuidType/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid1=_errs8===errors}else{var valid1=true}if(valid1){if(data0.type!==undefined){let data4=data0.type;const _errs11=errors;if(typeof data4!=="string"){validate52.errors=[{instancePath:instancePath+"/"+i0+"/type",schemaPath:"#/items/properties/type/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data4==="finder"||data4==="reporter"||data4==="analyst"||data4==="coordinator"||data4==="remediation developer"||data4==="remediation reviewer"||data4==="remediation verifier"||data4==="tool"||data4==="sponsor"||data4==="other")){validate52.errors=[{instancePath:instancePath+"/"+i0+"/type",schemaPath:"#/items/properties/type/enum",keyword:"enum",params:{allowedValues:schema134.items.properties.type.enum},message:"must be equal to one of the allowed values"}];return false}var valid1=_errs11===errors}else{var valid1=true}}}}}}else{validate52.errors=[{instancePath:instancePath+"/"+i0,schemaPath:"#/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid0=_errs1===errors;if(!valid0){break}}if(valid0){let i1=data.length;let j0;if(i1>1){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate52.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate52.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate52.errors=vErrors;return errors===0}const schema138={type:"array",uniqueItems:true,minItems:1,items:{oneOf:[{$ref:"#/definitions/tagExtension"},{$schema:"http://json-schema.org/draft-07/schema#",$id:"https://cve.mitre.org/cve/v5_00/tags/cna/",type:"string",enum:["unsupported-when-assigned","exclusively-hosted-service","disputed"]}]}};function validate54(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate54.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i0128){const err0={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"};if(vErrors===null){vErrors=[err0]}else{vErrors.push(err0)}errors++}else{if(func7(data0)<2){const err1={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/minLength",keyword:"minLength",params:{limit:2},message:"must NOT have fewer than 2 characters"};if(vErrors===null){vErrors=[err1]}else{vErrors.push(err1)}errors++}else{if(!pattern16.test(data0)){const err2={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/pattern",keyword:"pattern",params:{pattern:"^x_.*$"},message:'must match pattern "'+"^x_.*$"+'"'};if(vErrors===null){vErrors=[err2]}else{vErrors.push(err2)}errors++}}}}else{const err3={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err3]}else{vErrors.push(err3)}errors++}}var _valid0=_errs3===errors;if(_valid0){valid1=true;passing0=0}const _errs6=errors;if(typeof data0!=="string"){const err4={instancePath:instancePath+"/"+i0,schemaPath:"#/items/oneOf/1/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err4]}else{vErrors.push(err4)}errors++}if(!(data0==="unsupported-when-assigned"||data0==="exclusively-hosted-service"||data0==="disputed")){const err5={instancePath:instancePath+"/"+i0,schemaPath:"#/items/oneOf/1/enum",keyword:"enum",params:{allowedValues:schema138.items.oneOf[1].enum},message:"must be equal to one of the allowed values"};if(vErrors===null){vErrors=[err5]}else{vErrors.push(err5)}errors++}var _valid0=_errs6===errors;if(_valid0&&valid1){valid1=false;passing0=[passing0,1]}else{if(_valid0){valid1=true;passing0=1}}if(!valid1){const err6={instancePath:instancePath+"/"+i0,schemaPath:"#/items/oneOf",keyword:"oneOf",params:{passingSchemas:passing0},message:"must match exactly one schema in oneOf"};if(vErrors===null){vErrors=[err6]}else{vErrors.push(err6)}errors++;validate54.errors=vErrors;return false}else{errors=_errs2;if(vErrors!==null){if(_errs2){vErrors.length=_errs2}else{vErrors=null}}}var valid0=_errs1===errors;if(!valid0){break}}if(valid0){let i1=data.length;let j0;if(i1>1){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate54.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate54.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate54.errors=vErrors;return errors===0}function validate13(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.providerMetadata===undefined&&(missing0="providerMetadata")||data.descriptions===undefined&&(missing0="descriptions")||data.affected===undefined&&(missing0="affected")||data.references===undefined&&(missing0="references")){validate13.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{const _errs1=errors;for(const key0 in data){if(!(func6.call(schema22.properties,key0)||pattern6.test(key0))){validate13.errors=[{instancePath:instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key0},message:"must NOT have additional properties"}];return false;break}}if(_errs1===errors){if(data.providerMetadata!==undefined){const _errs2=errors;if(!validate14(data.providerMetadata,{instancePath:instancePath+"/providerMetadata",parentData:data,parentDataProperty:"providerMetadata",rootData:rootData})){vErrors=vErrors===null?validate14.errors:vErrors.concat(validate14.errors);errors=vErrors.length}var valid0=_errs2===errors}else{var valid0=true}if(valid0){if(data.dateAssigned!==undefined){let data1=data.dateAssigned;const _errs3=errors;const _errs4=errors;if(errors===_errs4){if(errors===_errs4){if(typeof data1==="string"){if(!pattern3.test(data1)){validate13.errors=[{instancePath:instancePath+"/dateAssigned",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data1)){validate13.errors=[{instancePath:instancePath+"/dateAssigned",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/dateAssigned",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs3===errors}else{var valid0=true}if(valid0){if(data.datePublic!==undefined){let data2=data.datePublic;const _errs6=errors;const _errs7=errors;if(errors===_errs7){if(errors===_errs7){if(typeof data2==="string"){if(!pattern3.test(data2)){validate13.errors=[{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data2)){validate13.errors=[{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs6===errors}else{var valid0=true}if(valid0){if(data.title!==undefined){let data3=data.title;const _errs9=errors;if(errors===_errs9){if(typeof data3==="string"){if(func7(data3)>256){validate13.errors=[{instancePath:instancePath+"/title",schemaPath:"#/properties/title/maxLength",keyword:"maxLength",params:{limit:256},message:"must NOT have more than 256 characters"}];return false}else{if(func7(data3)<1){validate13.errors=[{instancePath:instancePath+"/title",schemaPath:"#/properties/title/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/title",schemaPath:"#/properties/title/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs9===errors}else{var valid0=true}if(valid0){if(data.descriptions!==undefined){const _errs11=errors;if(!validate16(data.descriptions,{instancePath:instancePath+"/descriptions",parentData:data,parentDataProperty:"descriptions",rootData:rootData})){vErrors=vErrors===null?validate16.errors:vErrors.concat(validate16.errors);errors=vErrors.length}var valid0=_errs11===errors}else{var valid0=true}if(valid0){if(data.affected!==undefined){const _errs12=errors;if(!validate22(data.affected,{instancePath:instancePath+"/affected",parentData:data,parentDataProperty:"affected",rootData:rootData})){vErrors=vErrors===null?validate22.errors:vErrors.concat(validate22.errors);errors=vErrors.length}var valid0=_errs12===errors}else{var valid0=true}if(valid0){if(data.problemTypes!==undefined){const _errs13=errors;if(!validate26(data.problemTypes,{instancePath:instancePath+"/problemTypes",parentData:data,parentDataProperty:"problemTypes",rootData:rootData})){vErrors=vErrors===null?validate26.errors:vErrors.concat(validate26.errors);errors=vErrors.length}var valid0=_errs13===errors}else{var valid0=true}if(valid0){if(data.references!==undefined){const _errs14=errors;if(!validate27(data.references,{instancePath:instancePath+"/references",parentData:data,parentDataProperty:"references",rootData:rootData})){vErrors=vErrors===null?validate27.errors:vErrors.concat(validate27.errors);errors=vErrors.length}var valid0=_errs14===errors}else{var valid0=true}if(valid0){if(data.impacts!==undefined){const _errs15=errors;if(!validate33(data.impacts,{instancePath:instancePath+"/impacts",parentData:data,parentDataProperty:"impacts",rootData:rootData})){vErrors=vErrors===null?validate33.errors:vErrors.concat(validate33.errors);errors=vErrors.length}var valid0=_errs15===errors}else{var valid0=true}if(valid0){if(data.metrics!==undefined){const _errs16=errors;if(!validate36(data.metrics,{instancePath:instancePath+"/metrics",parentData:data,parentDataProperty:"metrics",rootData:rootData})){vErrors=vErrors===null?validate36.errors:vErrors.concat(validate36.errors);errors=vErrors.length}var valid0=_errs16===errors}else{var valid0=true}if(valid0){if(data.configurations!==undefined){const _errs17=errors;if(!validate38(data.configurations,{instancePath:instancePath+"/configurations",parentData:data,parentDataProperty:"configurations",rootData:rootData})){vErrors=vErrors===null?validate38.errors:vErrors.concat(validate38.errors);errors=vErrors.length}var valid0=_errs17===errors}else{var valid0=true}if(valid0){if(data.workarounds!==undefined){const _errs18=errors;if(!validate41(data.workarounds,{instancePath:instancePath+"/workarounds",parentData:data,parentDataProperty:"workarounds",rootData:rootData})){vErrors=vErrors===null?validate41.errors:vErrors.concat(validate41.errors);errors=vErrors.length}var valid0=_errs18===errors}else{var valid0=true}if(valid0){if(data.solutions!==undefined){const _errs19=errors;if(!validate44(data.solutions,{instancePath:instancePath+"/solutions",parentData:data,parentDataProperty:"solutions",rootData:rootData})){vErrors=vErrors===null?validate44.errors:vErrors.concat(validate44.errors);errors=vErrors.length}var valid0=_errs19===errors}else{var valid0=true}if(valid0){if(data.exploits!==undefined){const _errs20=errors;if(!validate47(data.exploits,{instancePath:instancePath+"/exploits",parentData:data,parentDataProperty:"exploits",rootData:rootData})){vErrors=vErrors===null?validate47.errors:vErrors.concat(validate47.errors);errors=vErrors.length}var valid0=_errs20===errors}else{var valid0=true}if(valid0){if(data.timeline!==undefined){const _errs21=errors;if(!validate50(data.timeline,{instancePath:instancePath+"/timeline",parentData:data,parentDataProperty:"timeline",rootData:rootData})){vErrors=vErrors===null?validate50.errors:vErrors.concat(validate50.errors);errors=vErrors.length}var valid0=_errs21===errors}else{var valid0=true}if(valid0){if(data.credits!==undefined){const _errs22=errors;if(!validate52(data.credits,{instancePath:instancePath+"/credits",parentData:data,parentDataProperty:"credits",rootData:rootData})){vErrors=vErrors===null?validate52.errors:vErrors.concat(validate52.errors);errors=vErrors.length}var valid0=_errs22===errors}else{var valid0=true}if(valid0){if(data.source!==undefined){let data16=data.source;const _errs23=errors;const _errs24=errors;if(errors===_errs24){if(data16&&typeof data16=="object"&&!Array.isArray(data16)){if(Object.keys(data16).length<1){validate13.errors=[{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/minProperties",keyword:"minProperties",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}}else{validate13.errors=[{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid0=_errs23===errors}else{var valid0=true}if(valid0){if(data.tags!==undefined){const _errs26=errors;if(!validate54(data.tags,{instancePath:instancePath+"/tags",parentData:data,parentDataProperty:"tags",rootData:rootData})){vErrors=vErrors===null?validate54.errors:vErrors.concat(validate54.errors);errors=vErrors.length}var valid0=_errs26===errors}else{var valid0=true}if(valid0){if(data.taxonomyMappings!==undefined){let data18=data.taxonomyMappings;const _errs27=errors;const _errs28=errors;if(errors===_errs28){if(Array.isArray(data18)){if(data18.length<1){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid5=true;const len0=data18.length;for(let i0=0;i0128){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data20)<1){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid6=_errs32===errors}else{var valid6=true}if(valid6){if(data19.taxonomyVersion!==undefined){let data21=data19.taxonomyVersion;const _errs34=errors;if(errors===_errs34){if(typeof data21==="string"){if(func7(data21)>128){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data21)<1){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid6=_errs34===errors}else{var valid6=true}if(valid6){if(data19.taxonomyRelations!==undefined){let data22=data19.taxonomyRelations;const _errs36=errors;if(errors===_errs36){if(Array.isArray(data22)){if(data22.length<1){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid7=true;const len1=data22.length;for(let i1=0;i12048){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data24)<1){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid8=_errs40===errors}else{var valid8=true}if(valid8){if(data23.relationshipName!==undefined){let data25=data23.relationshipName;const _errs42=errors;if(errors===_errs42){if(typeof data25==="string"){if(func7(data25)>128){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data25)<1){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid8=_errs42===errors}else{var valid8=true}if(valid8){if(data23.relationshipValue!==undefined){let data26=data23.relationshipValue;const _errs44=errors;if(errors===_errs44){if(typeof data26==="string"){if(func7(data26)>2048){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data26)<1){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid8=_errs44===errors}else{var valid8=true}}}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1,schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid7=_errs38===errors;if(!valid7){break}}if(valid7){let i2=data22.length;let j0;if(i2>1){outer0:for(;i2--;){for(j0=i2;j0--;){if(func0(data22[i2],data22[j0])){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/uniqueItems",keyword:"uniqueItems",params:{i:i2,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0}}}}}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid6=_errs36===errors}else{var valid6=true}}}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0,schemaPath:"#/definitions/taxonomyMappings/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid5=_errs30===errors;if(!valid5){break}}if(valid5){let i3=data18.length;let j1;if(i3>1){outer1:for(;i3--;){for(j1=i3;j1--;){if(func0(data18[i3],data18[j1])){validate13.errors=[{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/uniqueItems",keyword:"uniqueItems",params:{i:i3,j:j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1}}}}}}}else{validate13.errors=[{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid0=_errs27===errors}else{var valid0=true}}}}}}}}}}}}}}}}}}}}}}else{validate13.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate13.errors=vErrors;return errors===0}const schema141={type:"object",properties:{providerMetadata:{$ref:"#/definitions/providerMetadata"},datePublic:{$ref:"#/definitions/timestamp"},title:{type:"string",minLength:1,maxLength:256},descriptions:{$ref:"#/definitions/descriptions"},affected:{$ref:"#/definitions/affected"},problemTypes:{$ref:"#/definitions/problemTypes"},references:{$ref:"#/definitions/references"},impacts:{$ref:"#/definitions/impacts"},metrics:{$ref:"#/definitions/metrics"},configurations:{$ref:"#/definitions/configurations"},workarounds:{$ref:"#/definitions/workarounds"},solutions:{$ref:"#/definitions/solutions"},exploits:{$ref:"#/definitions/exploits"},timeline:{$ref:"#/definitions/timeline"},credits:{$ref:"#/definitions/credits"},source:{$ref:"#/definitions/source"},tags:{$ref:"#/definitions/adpTags"},taxonomyMappings:{$ref:"#/definitions/taxonomyMappings"}},required:["providerMetadata"],minProperties:2,patternProperties:{"^x_":{}},additionalProperties:false};const schema144={type:"array",uniqueItems:true,minItems:1,items:{oneOf:[{$ref:"#/definitions/tagExtension"},{$schema:"http://json-schema.org/draft-07/schema#",$id:"https://cve.mitre.org/cve/v5_00/tags/adp/",type:"string",enum:["disputed"]}]}};function validate71(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(Array.isArray(data)){if(data.length<1){validate71.errors=[{instancePath:instancePath,schemaPath:"#/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid0=true;const len0=data.length;for(let i0=0;i0128){const err0={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"};if(vErrors===null){vErrors=[err0]}else{vErrors.push(err0)}errors++}else{if(func7(data0)<2){const err1={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/minLength",keyword:"minLength",params:{limit:2},message:"must NOT have fewer than 2 characters"};if(vErrors===null){vErrors=[err1]}else{vErrors.push(err1)}errors++}else{if(!pattern16.test(data0)){const err2={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/pattern",keyword:"pattern",params:{pattern:"^x_.*$"},message:'must match pattern "'+"^x_.*$"+'"'};if(vErrors===null){vErrors=[err2]}else{vErrors.push(err2)}errors++}}}}else{const err3={instancePath:instancePath+"/"+i0,schemaPath:"#/definitions/tagExtension/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err3]}else{vErrors.push(err3)}errors++}}var _valid0=_errs3===errors;if(_valid0){valid1=true;passing0=0}const _errs6=errors;if(typeof data0!=="string"){const err4={instancePath:instancePath+"/"+i0,schemaPath:"#/items/oneOf/1/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err4]}else{vErrors.push(err4)}errors++}if(!(data0==="disputed")){const err5={instancePath:instancePath+"/"+i0,schemaPath:"#/items/oneOf/1/enum",keyword:"enum",params:{allowedValues:schema144.items.oneOf[1].enum},message:"must be equal to one of the allowed values"};if(vErrors===null){vErrors=[err5]}else{vErrors.push(err5)}errors++}var _valid0=_errs6===errors;if(_valid0&&valid1){valid1=false;passing0=[passing0,1]}else{if(_valid0){valid1=true;passing0=1}}if(!valid1){const err6={instancePath:instancePath+"/"+i0,schemaPath:"#/items/oneOf",keyword:"oneOf",params:{passingSchemas:passing0},message:"must match exactly one schema in oneOf"};if(vErrors===null){vErrors=[err6]}else{vErrors.push(err6)}errors++;validate71.errors=vErrors;return false}else{errors=_errs2;if(vErrors!==null){if(_errs2){vErrors.length=_errs2}else{vErrors=null}}}var valid0=_errs1===errors;if(!valid0){break}}if(valid0){let i1=data.length;let j0;if(i1>1){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data[i1],data[j0])){validate71.errors=[{instancePath:instancePath,schemaPath:"#/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate71.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}validate71.errors=vErrors;return errors===0}function validate57(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){if(Object.keys(data).length<2){validate57.errors=[{instancePath:instancePath,schemaPath:"#/minProperties",keyword:"minProperties",params:{limit:2},message:"must NOT have fewer than 2 items"}];return false}else{let missing0;if(data.providerMetadata===undefined&&(missing0="providerMetadata")){validate57.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{const _errs1=errors;for(const key0 in data){if(!(func6.call(schema141.properties,key0)||pattern6.test(key0))){validate57.errors=[{instancePath:instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key0},message:"must NOT have additional properties"}];return false;break}}if(_errs1===errors){if(data.providerMetadata!==undefined){const _errs2=errors;if(!validate14(data.providerMetadata,{instancePath:instancePath+"/providerMetadata",parentData:data,parentDataProperty:"providerMetadata",rootData:rootData})){vErrors=vErrors===null?validate14.errors:vErrors.concat(validate14.errors);errors=vErrors.length}var valid0=_errs2===errors}else{var valid0=true}if(valid0){if(data.datePublic!==undefined){let data1=data.datePublic;const _errs3=errors;const _errs4=errors;if(errors===_errs4){if(errors===_errs4){if(typeof data1==="string"){if(!pattern3.test(data1)){validate57.errors=[{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data1)){validate57.errors=[{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate57.errors=[{instancePath:instancePath+"/datePublic",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs3===errors}else{var valid0=true}if(valid0){if(data.title!==undefined){let data2=data.title;const _errs6=errors;if(errors===_errs6){if(typeof data2==="string"){if(func7(data2)>256){validate57.errors=[{instancePath:instancePath+"/title",schemaPath:"#/properties/title/maxLength",keyword:"maxLength",params:{limit:256},message:"must NOT have more than 256 characters"}];return false}else{if(func7(data2)<1){validate57.errors=[{instancePath:instancePath+"/title",schemaPath:"#/properties/title/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate57.errors=[{instancePath:instancePath+"/title",schemaPath:"#/properties/title/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs6===errors}else{var valid0=true}if(valid0){if(data.descriptions!==undefined){const _errs8=errors;if(!validate16(data.descriptions,{instancePath:instancePath+"/descriptions",parentData:data,parentDataProperty:"descriptions",rootData:rootData})){vErrors=vErrors===null?validate16.errors:vErrors.concat(validate16.errors);errors=vErrors.length}var valid0=_errs8===errors}else{var valid0=true}if(valid0){if(data.affected!==undefined){const _errs9=errors;if(!validate22(data.affected,{instancePath:instancePath+"/affected",parentData:data,parentDataProperty:"affected",rootData:rootData})){vErrors=vErrors===null?validate22.errors:vErrors.concat(validate22.errors);errors=vErrors.length}var valid0=_errs9===errors}else{var valid0=true}if(valid0){if(data.problemTypes!==undefined){const _errs10=errors;if(!validate26(data.problemTypes,{instancePath:instancePath+"/problemTypes",parentData:data,parentDataProperty:"problemTypes",rootData:rootData})){vErrors=vErrors===null?validate26.errors:vErrors.concat(validate26.errors);errors=vErrors.length}var valid0=_errs10===errors}else{var valid0=true}if(valid0){if(data.references!==undefined){const _errs11=errors;if(!validate27(data.references,{instancePath:instancePath+"/references",parentData:data,parentDataProperty:"references",rootData:rootData})){vErrors=vErrors===null?validate27.errors:vErrors.concat(validate27.errors);errors=vErrors.length}var valid0=_errs11===errors}else{var valid0=true}if(valid0){if(data.impacts!==undefined){const _errs12=errors;if(!validate33(data.impacts,{instancePath:instancePath+"/impacts",parentData:data,parentDataProperty:"impacts",rootData:rootData})){vErrors=vErrors===null?validate33.errors:vErrors.concat(validate33.errors);errors=vErrors.length}var valid0=_errs12===errors}else{var valid0=true}if(valid0){if(data.metrics!==undefined){const _errs13=errors;if(!validate36(data.metrics,{instancePath:instancePath+"/metrics",parentData:data,parentDataProperty:"metrics",rootData:rootData})){vErrors=vErrors===null?validate36.errors:vErrors.concat(validate36.errors);errors=vErrors.length}var valid0=_errs13===errors}else{var valid0=true}if(valid0){if(data.configurations!==undefined){const _errs14=errors;if(!validate38(data.configurations,{instancePath:instancePath+"/configurations",parentData:data,parentDataProperty:"configurations",rootData:rootData})){vErrors=vErrors===null?validate38.errors:vErrors.concat(validate38.errors);errors=vErrors.length}var valid0=_errs14===errors}else{var valid0=true}if(valid0){if(data.workarounds!==undefined){const _errs15=errors;if(!validate41(data.workarounds,{instancePath:instancePath+"/workarounds",parentData:data,parentDataProperty:"workarounds",rootData:rootData})){vErrors=vErrors===null?validate41.errors:vErrors.concat(validate41.errors);errors=vErrors.length}var valid0=_errs15===errors}else{var valid0=true}if(valid0){if(data.solutions!==undefined){const _errs16=errors;if(!validate44(data.solutions,{instancePath:instancePath+"/solutions",parentData:data,parentDataProperty:"solutions",rootData:rootData})){vErrors=vErrors===null?validate44.errors:vErrors.concat(validate44.errors);errors=vErrors.length}var valid0=_errs16===errors}else{var valid0=true}if(valid0){if(data.exploits!==undefined){const _errs17=errors;if(!validate47(data.exploits,{instancePath:instancePath+"/exploits",parentData:data,parentDataProperty:"exploits",rootData:rootData})){vErrors=vErrors===null?validate47.errors:vErrors.concat(validate47.errors);errors=vErrors.length}var valid0=_errs17===errors}else{var valid0=true}if(valid0){if(data.timeline!==undefined){const _errs18=errors;if(!validate50(data.timeline,{instancePath:instancePath+"/timeline",parentData:data,parentDataProperty:"timeline",rootData:rootData})){vErrors=vErrors===null?validate50.errors:vErrors.concat(validate50.errors);errors=vErrors.length}var valid0=_errs18===errors}else{var valid0=true}if(valid0){if(data.credits!==undefined){const _errs19=errors;if(!validate52(data.credits,{instancePath:instancePath+"/credits",parentData:data,parentDataProperty:"credits",rootData:rootData})){vErrors=vErrors===null?validate52.errors:vErrors.concat(validate52.errors);errors=vErrors.length}var valid0=_errs19===errors}else{var valid0=true}if(valid0){if(data.source!==undefined){let data15=data.source;const _errs20=errors;const _errs21=errors;if(errors===_errs21){if(data15&&typeof data15=="object"&&!Array.isArray(data15)){if(Object.keys(data15).length<1){validate57.errors=[{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/minProperties",keyword:"minProperties",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}}else{validate57.errors=[{instancePath:instancePath+"/source",schemaPath:"#/definitions/source/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid0=_errs20===errors}else{var valid0=true}if(valid0){if(data.tags!==undefined){const _errs23=errors;if(!validate71(data.tags,{instancePath:instancePath+"/tags",parentData:data,parentDataProperty:"tags",rootData:rootData})){vErrors=vErrors===null?validate71.errors:vErrors.concat(validate71.errors);errors=vErrors.length}var valid0=_errs23===errors}else{var valid0=true}if(valid0){if(data.taxonomyMappings!==undefined){let data17=data.taxonomyMappings;const _errs24=errors;const _errs25=errors;if(errors===_errs25){if(Array.isArray(data17)){if(data17.length<1){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid4=true;const len0=data17.length;for(let i0=0;i0128){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data19)<1){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid5=_errs29===errors}else{var valid5=true}if(valid5){if(data18.taxonomyVersion!==undefined){let data20=data18.taxonomyVersion;const _errs31=errors;if(errors===_errs31){if(typeof data20==="string"){if(func7(data20)>128){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data20)<1){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyVersion",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyVersion/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid5=_errs31===errors}else{var valid5=true}if(valid5){if(data18.taxonomyRelations!==undefined){let data21=data18.taxonomyRelations;const _errs33=errors;if(errors===_errs33){if(Array.isArray(data21)){if(data21.length<1){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid6=true;const len1=data21.length;for(let i1=0;i12048){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data23)<1){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/taxonomyId",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/taxonomyId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid7=_errs37===errors}else{var valid7=true}if(valid7){if(data22.relationshipName!==undefined){let data24=data22.relationshipName;const _errs39=errors;if(errors===_errs39){if(typeof data24==="string"){if(func7(data24)>128){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/maxLength",keyword:"maxLength",params:{limit:128},message:"must NOT have more than 128 characters"}];return false}else{if(func7(data24)<1){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipName",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid7=_errs39===errors}else{var valid7=true}if(valid7){if(data22.relationshipValue!==undefined){let data25=data22.relationshipValue;const _errs41=errors;if(errors===_errs41){if(typeof data25==="string"){if(func7(data25)>2048){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/maxLength",keyword:"maxLength",params:{limit:2048},message:"must NOT have more than 2048 characters"}];return false}else{if(func7(data25)<1){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/minLength",keyword:"minLength",params:{limit:1},message:"must NOT have fewer than 1 characters"}];return false}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1+"/relationshipValue",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/properties/relationshipValue/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid7=_errs41===errors}else{var valid7=true}}}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations/"+i1,schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid6=_errs35===errors;if(!valid6){break}}if(valid6){let i2=data21.length;let j0;if(i2>1){outer0:for(;i2--;){for(j0=i2;j0--;){if(func0(data21[i2],data21[j0])){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/uniqueItems",keyword:"uniqueItems",params:{i:i2,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i2+" are identical)"}];return false;break outer0}}}}}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0+"/taxonomyRelations",schemaPath:"#/definitions/taxonomyMappings/items/properties/taxonomyRelations/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid5=_errs33===errors}else{var valid5=true}}}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings/"+i0,schemaPath:"#/definitions/taxonomyMappings/items/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}var valid4=_errs27===errors;if(!valid4){break}}if(valid4){let i3=data17.length;let j1;if(i3>1){outer1:for(;i3--;){for(j1=i3;j1--;){if(func0(data17[i3],data17[j1])){validate57.errors=[{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/uniqueItems",keyword:"uniqueItems",params:{i:i3,j:j1},message:"must NOT have duplicate items (items ## "+j1+" and "+i3+" are identical)"}];return false;break outer1}}}}}}}else{validate57.errors=[{instancePath:instancePath+"/taxonomyMappings",schemaPath:"#/definitions/taxonomyMappings/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid0=_errs24===errors}else{var valid0=true}}}}}}}}}}}}}}}}}}}}}}else{validate57.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate57.errors=vErrors;return errors===0}const schema149={type:"object",required:["cveId","assignerOrgId","state"],properties:{cveId:{$ref:"#/definitions/cveId"},assignerOrgId:{$ref:"#/definitions/orgId"},assignerShortName:{$ref:"#/definitions/shortName"},serial:{type:"integer",minimum:1},dateUpdated:{$ref:"#/definitions/timestamp"},datePublished:{$ref:"#/definitions/timestamp"},dateRejected:{$ref:"#/definitions/timestamp"},state:{type:"string",enum:["REJECTED"]},dateReserved:{$ref:"#/definitions/timestamp"}},additionalProperties:false};function validate74(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.cveId===undefined&&(missing0="cveId")||data.assignerOrgId===undefined&&(missing0="assignerOrgId")||data.state===undefined&&(missing0="state")){validate74.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{const _errs1=errors;for(const key0 in data){if(!func6.call(schema149.properties,key0)){validate74.errors=[{instancePath:instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key0},message:"must NOT have additional properties"}];return false;break}}if(_errs1===errors){if(data.cveId!==undefined){let data0=data.cveId;const _errs2=errors;const _errs3=errors;if(errors===_errs3){if(typeof data0==="string"){if(!pattern0.test(data0)){validate74.errors=[{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/pattern",keyword:"pattern",params:{pattern:"^CVE-[0-9]{4}-[0-9]{4,19}$"},message:'must match pattern "'+"^CVE-[0-9]{4}-[0-9]{4,19}$"+'"'}];return false}}else{validate74.errors=[{instancePath:instancePath+"/cveId",schemaPath:"#/definitions/cveId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs2===errors}else{var valid0=true}if(valid0){if(data.assignerOrgId!==undefined){let data1=data.assignerOrgId;const _errs5=errors;const _errs6=errors;if(errors===_errs6){if(typeof data1==="string"){if(!pattern1.test(data1)){validate74.errors=[{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/pattern",keyword:"pattern",params:{pattern:"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"},message:'must match pattern "'+"^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"+'"'}];return false}}else{validate74.errors=[{instancePath:instancePath+"/assignerOrgId",schemaPath:"#/definitions/orgId/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs5===errors}else{var valid0=true}if(valid0){if(data.assignerShortName!==undefined){let data2=data.assignerShortName;const _errs8=errors;const _errs9=errors;if(errors===_errs9){if(typeof data2==="string"){if(func7(data2)>32){validate74.errors=[{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/maxLength",keyword:"maxLength",params:{limit:32},message:"must NOT have more than 32 characters"}];return false}else{if(func7(data2)<2){validate74.errors=[{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/minLength",keyword:"minLength",params:{limit:2},message:"must NOT have fewer than 2 characters"}];return false}}}else{validate74.errors=[{instancePath:instancePath+"/assignerShortName",schemaPath:"#/definitions/shortName/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}var valid0=_errs8===errors}else{var valid0=true}if(valid0){if(data.serial!==undefined){let data3=data.serial;const _errs11=errors;if(!(typeof data3=="number"&&(!(data3%1)&&!isNaN(data3))&&isFinite(data3))){validate74.errors=[{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/type",keyword:"type",params:{type:"integer"},message:"must be integer"}];return false}if(errors===_errs11){if(typeof data3=="number"&&isFinite(data3)){if(data3<1||isNaN(data3)){validate74.errors=[{instancePath:instancePath+"/serial",schemaPath:"#/properties/serial/minimum",keyword:"minimum",params:{comparison:">=",limit:1},message:"must be >= 1"}];return false}}}var valid0=_errs11===errors}else{var valid0=true}if(valid0){if(data.dateUpdated!==undefined){let data4=data.dateUpdated;const _errs13=errors;const _errs14=errors;if(errors===_errs14){if(errors===_errs14){if(typeof data4==="string"){if(!pattern3.test(data4)){validate74.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data4)){validate74.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate74.errors=[{instancePath:instancePath+"/dateUpdated",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs13===errors}else{var valid0=true}if(valid0){if(data.datePublished!==undefined){let data5=data.datePublished;const _errs16=errors;const _errs17=errors;if(errors===_errs17){if(errors===_errs17){if(typeof data5==="string"){if(!pattern3.test(data5)){validate74.errors=[{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data5)){validate74.errors=[{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate74.errors=[{instancePath:instancePath+"/datePublished",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs16===errors}else{var valid0=true}if(valid0){if(data.dateRejected!==undefined){let data6=data.dateRejected;const _errs19=errors;const _errs20=errors;if(errors===_errs20){if(errors===_errs20){if(typeof data6==="string"){if(!pattern3.test(data6)){validate74.errors=[{instancePath:instancePath+"/dateRejected",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data6)){validate74.errors=[{instancePath:instancePath+"/dateRejected",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate74.errors=[{instancePath:instancePath+"/dateRejected",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs19===errors}else{var valid0=true}if(valid0){if(data.state!==undefined){let data7=data.state;const _errs22=errors;if(typeof data7!=="string"){validate74.errors=[{instancePath:instancePath+"/state",schemaPath:"#/properties/state/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}if(!(data7==="REJECTED")){validate74.errors=[{instancePath:instancePath+"/state",schemaPath:"#/properties/state/enum",keyword:"enum",params:{allowedValues:schema149.properties.state.enum},message:"must be equal to one of the allowed values"}];return false}var valid0=_errs22===errors}else{var valid0=true}if(valid0){if(data.dateReserved!==undefined){let data8=data.dateReserved;const _errs24=errors;const _errs25=errors;if(errors===_errs25){if(errors===_errs25){if(typeof data8==="string"){if(!pattern3.test(data8)){validate74.errors=[{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/pattern",keyword:"pattern",params:{pattern:"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"},message:'must match pattern "'+"^((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"+'"'}];return false}else{if(!formats0.validate(data8)){validate74.errors=[{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/format",keyword:"format",params:{format:"date-time"},message:'must match format "'+"date-time"+'"'}];return false}}}else{validate74.errors=[{instancePath:instancePath+"/dateReserved",schemaPath:"#/definitions/timestamp/type",keyword:"type",params:{type:"string"},message:"must be string"}];return false}}}var valid0=_errs24===errors}else{var valid0=true}}}}}}}}}}}}else{validate74.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate74.errors=vErrors;return errors===0}const schema157={type:"object",properties:{providerMetadata:{$ref:"#/definitions/providerMetadata"},rejectedReasons:{$ref:"#/definitions/descriptions"},replacedBy:{type:"array",minItems:1,uniqueItems:true,items:{$ref:"#/definitions/cveId"}}},required:["providerMetadata","rejectedReasons"],patternProperties:{"^x_":{}},additionalProperties:false};function validate76(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(errors===0){if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.providerMetadata===undefined&&(missing0="providerMetadata")||data.rejectedReasons===undefined&&(missing0="rejectedReasons")){validate76.errors=[{instancePath:instancePath,schemaPath:"#/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"}];return false}else{const _errs1=errors;for(const key0 in data){if(!(key0==="providerMetadata"||key0==="rejectedReasons"||key0==="replacedBy"||pattern6.test(key0))){validate76.errors=[{instancePath:instancePath,schemaPath:"#/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key0},message:"must NOT have additional properties"}];return false;break}}if(_errs1===errors){if(data.providerMetadata!==undefined){const _errs2=errors;if(!validate14(data.providerMetadata,{instancePath:instancePath+"/providerMetadata",parentData:data,parentDataProperty:"providerMetadata",rootData:rootData})){vErrors=vErrors===null?validate14.errors:vErrors.concat(validate14.errors);errors=vErrors.length}var valid0=_errs2===errors}else{var valid0=true}if(valid0){if(data.rejectedReasons!==undefined){const _errs3=errors;if(!validate16(data.rejectedReasons,{instancePath:instancePath+"/rejectedReasons",parentData:data,parentDataProperty:"rejectedReasons",rootData:rootData})){vErrors=vErrors===null?validate16.errors:vErrors.concat(validate16.errors);errors=vErrors.length}var valid0=_errs3===errors}else{var valid0=true}if(valid0){if(data.replacedBy!==undefined){let data2=data.replacedBy;const _errs4=errors;if(errors===_errs4){if(Array.isArray(data2)){if(data2.length<1){validate76.errors=[{instancePath:instancePath+"/replacedBy",schemaPath:"#/properties/replacedBy/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"}];return false}else{var valid1=true;const len0=data2.length;for(let i0=0;i01){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data2[i1],data2[j0])){validate76.errors=[{instancePath:instancePath+"/replacedBy",schemaPath:"#/properties/replacedBy/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"}];return false;break outer0}}}}}}}else{validate76.errors=[{instancePath:instancePath+"/replacedBy",schemaPath:"#/properties/replacedBy/type",keyword:"type",params:{type:"array"},message:"must be array"}];return false}}var valid0=_errs4===errors}else{var valid0=true}}}}}}else{validate76.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}}validate76.errors=vErrors;return errors===0}function validate10(data,{instancePath:instancePath="",parentData:parentData,parentDataProperty:parentDataProperty,rootData:rootData=data}={}){let vErrors=null;let errors=0;if(!(data&&typeof data=="object"&&!Array.isArray(data))){validate10.errors=[{instancePath:instancePath,schemaPath:"#/type",keyword:"type",params:{type:"object"},message:"must be object"}];return false}const _errs1=errors;let valid0=false;let passing0=null;const _errs2=errors;if(data&&typeof data=="object"&&!Array.isArray(data)){let missing0;if(data.dataType===undefined&&(missing0="dataType")||data.dataVersion===undefined&&(missing0="dataVersion")||data.cveMetadata===undefined&&(missing0="cveMetadata")||data.containers===undefined&&(missing0="containers")){const err0={instancePath:instancePath,schemaPath:"#/oneOf/0/required",keyword:"required",params:{missingProperty:missing0},message:"must have required property '"+missing0+"'"};if(vErrors===null){vErrors=[err0]}else{vErrors.push(err0)}errors++}else{const _errs3=errors;for(const key0 in data){if(!(key0==="dataType"||key0==="dataVersion"||key0==="cveMetadata"||key0==="containers")){const err1={instancePath:instancePath,schemaPath:"#/oneOf/0/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key0},message:"must NOT have additional properties"};if(vErrors===null){vErrors=[err1]}else{vErrors.push(err1)}errors++;break}}if(_errs3===errors){if(data.dataType!==undefined){let data0=data.dataType;const _errs4=errors;if(typeof data0!=="string"){const err2={instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err2]}else{vErrors.push(err2)}errors++}if(!(data0==="CVE_RECORD")){const err3={instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/enum",keyword:"enum",params:{allowedValues:schema12.enum},message:"must be equal to one of the allowed values"};if(vErrors===null){vErrors=[err3]}else{vErrors.push(err3)}errors++}var valid1=_errs4===errors}else{var valid1=true}if(valid1){if(data.dataVersion!==undefined){let data1=data.dataVersion;const _errs7=errors;if(typeof data1!=="string"){const err4={instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err4]}else{vErrors.push(err4)}errors++}if(!(data1==="5.0")){const err5={instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/enum",keyword:"enum",params:{allowedValues:schema13.enum},message:"must be equal to one of the allowed values"};if(vErrors===null){vErrors=[err5]}else{vErrors.push(err5)}errors++}var valid1=_errs7===errors}else{var valid1=true}if(valid1){if(data.cveMetadata!==undefined){const _errs10=errors;if(!validate11(data.cveMetadata,{instancePath:instancePath+"/cveMetadata",parentData:data,parentDataProperty:"cveMetadata",rootData:rootData})){vErrors=vErrors===null?validate11.errors:vErrors.concat(validate11.errors);errors=vErrors.length}var valid1=_errs10===errors}else{var valid1=true}if(valid1){if(data.containers!==undefined){let data3=data.containers;const _errs11=errors;if(errors===_errs11){if(data3&&typeof data3=="object"&&!Array.isArray(data3)){let missing1;if(data3.cna===undefined&&(missing1="cna")){const err6={instancePath:instancePath+"/containers",schemaPath:"#/oneOf/0/properties/containers/required",keyword:"required",params:{missingProperty:missing1},message:"must have required property '"+missing1+"'"};if(vErrors===null){vErrors=[err6]}else{vErrors.push(err6)}errors++}else{const _errs13=errors;for(const key1 in data3){if(!(key1==="cna"||key1==="adp")){const err7={instancePath:instancePath+"/containers",schemaPath:"#/oneOf/0/properties/containers/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key1},message:"must NOT have additional properties"};if(vErrors===null){vErrors=[err7]}else{vErrors.push(err7)}errors++;break}}if(_errs13===errors){if(data3.cna!==undefined){const _errs14=errors;if(!validate13(data3.cna,{instancePath:instancePath+"/containers/cna",parentData:data3,parentDataProperty:"cna",rootData:rootData})){vErrors=vErrors===null?validate13.errors:vErrors.concat(validate13.errors);errors=vErrors.length}var valid4=_errs14===errors}else{var valid4=true}if(valid4){if(data3.adp!==undefined){let data5=data3.adp;const _errs15=errors;if(errors===_errs15){if(Array.isArray(data5)){if(data5.length<1){const err8={instancePath:instancePath+"/containers/adp",schemaPath:"#/oneOf/0/properties/containers/properties/adp/minItems",keyword:"minItems",params:{limit:1},message:"must NOT have fewer than 1 items"};if(vErrors===null){vErrors=[err8]}else{vErrors.push(err8)}errors++}else{var valid5=true;const len0=data5.length;for(let i0=0;i01){outer0:for(;i1--;){for(j0=i1;j0--;){if(func0(data5[i1],data5[j0])){const err9={instancePath:instancePath+"/containers/adp",schemaPath:"#/oneOf/0/properties/containers/properties/adp/uniqueItems",keyword:"uniqueItems",params:{i:i1,j:j0},message:"must NOT have duplicate items (items ## "+j0+" and "+i1+" are identical)"};if(vErrors===null){vErrors=[err9]}else{vErrors.push(err9)}errors++;break outer0}}}}}}}else{const err10={instancePath:instancePath+"/containers/adp",schemaPath:"#/oneOf/0/properties/containers/properties/adp/type",keyword:"type",params:{type:"array"},message:"must be array"};if(vErrors===null){vErrors=[err10]}else{vErrors.push(err10)}errors++}}var valid4=_errs15===errors}else{var valid4=true}}}}}else{const err11={instancePath:instancePath+"/containers",schemaPath:"#/oneOf/0/properties/containers/type",keyword:"type",params:{type:"object"},message:"must be object"};if(vErrors===null){vErrors=[err11]}else{vErrors.push(err11)}errors++}}var valid1=_errs11===errors}else{var valid1=true}}}}}}}var _valid0=_errs2===errors;if(_valid0){valid0=true;passing0=0}const _errs18=errors;if(data&&typeof data=="object"&&!Array.isArray(data)){let missing2;if(data.dataType===undefined&&(missing2="dataType")||data.dataVersion===undefined&&(missing2="dataVersion")||data.cveMetadata===undefined&&(missing2="cveMetadata")||data.containers===undefined&&(missing2="containers")){const err12={instancePath:instancePath,schemaPath:"#/oneOf/1/required",keyword:"required",params:{missingProperty:missing2},message:"must have required property '"+missing2+"'"};if(vErrors===null){vErrors=[err12]}else{vErrors.push(err12)}errors++}else{const _errs19=errors;for(const key2 in data){if(!(key2==="dataType"||key2==="dataVersion"||key2==="cveMetadata"||key2==="containers")){const err13={instancePath:instancePath,schemaPath:"#/oneOf/1/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key2},message:"must NOT have additional properties"};if(vErrors===null){vErrors=[err13]}else{vErrors.push(err13)}errors++;break}}if(_errs19===errors){if(data.dataType!==undefined){let data7=data.dataType;const _errs20=errors;if(typeof data7!=="string"){const err14={instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err14]}else{vErrors.push(err14)}errors++}if(!(data7==="CVE_RECORD")){const err15={instancePath:instancePath+"/dataType",schemaPath:"#/definitions/dataType/enum",keyword:"enum",params:{allowedValues:schema12.enum},message:"must be equal to one of the allowed values"};if(vErrors===null){vErrors=[err15]}else{vErrors.push(err15)}errors++}var valid7=_errs20===errors}else{var valid7=true}if(valid7){if(data.dataVersion!==undefined){let data8=data.dataVersion;const _errs23=errors;if(typeof data8!=="string"){const err16={instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/type",keyword:"type",params:{type:"string"},message:"must be string"};if(vErrors===null){vErrors=[err16]}else{vErrors.push(err16)}errors++}if(!(data8==="5.0")){const err17={instancePath:instancePath+"/dataVersion",schemaPath:"#/definitions/dataVersion/enum",keyword:"enum",params:{allowedValues:schema13.enum},message:"must be equal to one of the allowed values"};if(vErrors===null){vErrors=[err17]}else{vErrors.push(err17)}errors++}var valid7=_errs23===errors}else{var valid7=true}if(valid7){if(data.cveMetadata!==undefined){const _errs26=errors;if(!validate74(data.cveMetadata,{instancePath:instancePath+"/cveMetadata",parentData:data,parentDataProperty:"cveMetadata",rootData:rootData})){vErrors=vErrors===null?validate74.errors:vErrors.concat(validate74.errors);errors=vErrors.length}var valid7=_errs26===errors}else{var valid7=true}if(valid7){if(data.containers!==undefined){let data10=data.containers;const _errs27=errors;if(errors===_errs27){if(data10&&typeof data10=="object"&&!Array.isArray(data10)){let missing3;if(data10.cna===undefined&&(missing3="cna")){const err18={instancePath:instancePath+"/containers",schemaPath:"#/oneOf/1/properties/containers/required",keyword:"required",params:{missingProperty:missing3},message:"must have required property '"+missing3+"'"};if(vErrors===null){vErrors=[err18]}else{vErrors.push(err18)}errors++}else{const _errs29=errors;for(const key3 in data10){if(!(key3==="cna")){const err19={instancePath:instancePath+"/containers",schemaPath:"#/oneOf/1/properties/containers/additionalProperties",keyword:"additionalProperties",params:{additionalProperty:key3},message:"must NOT have additional properties"};if(vErrors===null){vErrors=[err19]}else{vErrors.push(err19)}errors++;break}}if(_errs29===errors){if(data10.cna!==undefined){if(!validate76(data10.cna,{instancePath:instancePath+"/containers/cna",parentData:data10,parentDataProperty:"cna",rootData:rootData})){vErrors=vErrors===null?validate76.errors:vErrors.concat(validate76.errors);errors=vErrors.length}}}}}else{const err20={instancePath:instancePath+"/containers",schemaPath:"#/oneOf/1/properties/containers/type",keyword:"type",params:{type:"object"},message:"must be object"};if(vErrors===null){vErrors=[err20]}else{vErrors.push(err20)}errors++}}var valid7=_errs27===errors}else{var valid7=true}}}}}}}var _valid0=_errs18===errors;if(_valid0&&valid0){valid0=false;passing0=[passing0,1]}else{if(_valid0){valid0=true;passing0=1}}if(!valid0){const err21={instancePath:instancePath,schemaPath:"#/oneOf",keyword:"oneOf",params:{passingSchemas:passing0},message:"must match exactly one schema in oneOf"};if(vErrors===null){vErrors=[err21]}else{vErrors.push(err21)}errors++;validate10.errors=vErrors;return false}else{errors=_errs1;if(vErrors!==null){if(_errs1){vErrors.length=_errs1}else{vErrors=null}}}validate10.errors=vErrors;return errors===0} diff --git a/schema/archive/v5.0/support/docs/docs.sh b/schema/archive/v5.0/support/docs/docs.sh index 58c2f40fbb2..a919af7c9d2 100644 --- a/schema/archive/v5.0/support/docs/docs.sh +++ b/schema/archive/v5.0/support/docs/docs.sh @@ -1,8 +1,8 @@ #!/bin/bash cd ../../ -sed 's/file\://g' CVE_JSON_5.1_schema.json > tmp.json | generate-schema-doc --minify tmp.json docs/index.html +sed 's/file\://g' CVE_JSON_5.0_schema.json > tmp.json | generate-schema-doc --minify tmp.json docs/index.html perl -pi -e 's//>/g' docs/index.html node support/schema2markmap/index.js tmp.json > 'docs/mindmap.html' -node support/schema2markmap/schema-bundle.js tmp.json './docs/' +node support/schema2markmap/schema-bundle.js tmp.json > 'docs/CVE_JSON_5.0_bundled.json' rm tmp.json cat support/docs/css_override.css >> docs/schema_doc.css diff --git a/schema/archive/v5.0/support/qualityReport/README.md b/schema/archive/v5.0/support/qualityReport/README.md deleted file mode 100644 index ae4be2bfa8f..00000000000 --- a/schema/archive/v5.0/support/qualityReport/README.md +++ /dev/null @@ -1,8 +0,0 @@ - -# CVE Quality Report Generator - -Eg., - -$ node report.js [path where CVE JSON records are kept] > report.html - -$ node report.js ~/Documents/GitHub/cvelistV5/cves > index.html diff --git a/schema/archive/v5.0/support/qualityReport/report.js b/schema/archive/v5.0/support/qualityReport/report.js deleted file mode 100644 index f86b03baadd..00000000000 --- a/schema/archive/v5.0/support/qualityReport/report.js +++ /dev/null @@ -1,306 +0,0 @@ -const fs = require('fs'); -const path = require('path'); -const validateCve = require('../Node_Validator/dist/cve5validator.js') -process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0; - -const ignore = { - '': 1, - '/cveMetadata/state': 1, - '/cveMetadata': 1, - '/dataVersion': 1, - '/containers/cna/references/url': 0 -} -var cnas = {}; -var cnaIndex = {}; -var errorStat = {}; -var warnStat = {}; -var errorCount = {}; -var yStat = {}; -var invalid = 0; -var warns = 0; -var total = 0; - -const start = ` -CVE Quality Report -` - -async function loadCNAs(data) { - for(c of data) { - try { - var em = c.contact[0].email[0].emailAddr; - var host= em.substr(em.indexOf('@')+1); - u = new URL('https://www.'+host); - c.i = u.href; - c.n = c.organizationName; - } catch(e) { - } - cnas[c.shortName]=c; - } - -} -async function getCNAs() { - //var data = require('./CNAsList.json'); - //loadCNAs(data); return; - const cnaList = 'https://raw.githubusercontent.com/CVEProject/cve-website/dev/src/assets/data/CNAsList.json' - const res = await fetch(cnaList); - if (res.ok) { - const data = await res.json(); - loadCNAs(data); - } -} - -function cveLink(id) { - return 'https://github.com/CVEProject/cvelistV5/tree/main/cves/' + cveRepoPath(id); -} - -function cveRepoPath(value) { -var realId = value.match(/(CVE-(\d{4})-(\d{1,12})(\d{3}))/); -if (realId) { - var id = realId[1]; - var year = realId[2]; - var bucket = realId[3]; - return (year + '/' + bucket + 'xxx/' + id + '.json') -} -} - -async function getReport(dir) { - const files = fs.readdirSync(dir, { withFileTypes: true }); - for (const file of files) { - if (file.isDirectory()) { - getReport(path.join(dir, file.name)); - } else { - if (file.name.match((/CVE-(\d{4})-(\d{1,12})(\d{3})/))) { - var cveFile = fs.readFileSync(path.join(dir, file.name)); - var cve = JSON.parse(cveFile); - var v = valididate(cve); - var q = qualityCheck(cve); - total++; - if(!v) { - invalid++; - } - if(!q) { - warns++; - } - } - } - } -} - -/* Example error - { - instancePath: '/cveMetadata/state', - schemaPath: '#/properties/state/enum', - keyword: 'enum', - params: { allowedValues: [Array] }, - message: 'must be equal to one of the allowed values' - }, -*/ - -function addError(cve, err) { - var id = cve.cveMetadata.cveId; - - var shortName = cve.cveMetadata?.assignerShortName || 'default'; - if(!cnaIndex[shortName]) { - cnaIndex[shortName] = []; - } - - //remove oneOf numbers - var path = err?.instancePath?.replace(/\/\d+\/?/g, "/"); - if (!ignore[path]) { - var prop = err.params?.additionalProperty || ''; - var e = `Problem: ${err.keyword} ${prop}! - ${err.message}`; - if (!errorStat[shortName]) { - errorStat[shortName] = {} - errorCount[shortName] = 0 - } - if (!errorStat[shortName][path]) { - errorStat[shortName][path] = {} - } - if (!errorStat[shortName][path][e]) { - errorStat[shortName][path][e] = [] - } - errorStat[shortName][path][e].push(id); - errseen = true; - } -} - -function valididate(cve) { - var valid = validateCve(cve); - errseen = false; - if (!valid) { - validateCve.errors.forEach(err=>{addError(cve, err)}); - } - return !errseen; -} - -function qualityCheck(cve) { - var warned = false; - var c = checkCVSS(cve); - if(c){ - addError(cve, c); - warned = true; - } -/* c = checkLinkRot(cve); - if(c) { - addError(cve, c); - warned = true; - }*/ - if(warned) { - return false; - } else { - return true; - } -} - -const four04List = [ - 'www.securityfocus.com', - 'osvdb.org', - 'online.securityfocus.com', - 'patches.sgi.com', - 'docs.info.apple.com', - 'h20000.www2.hp.com', - 'labs.idefense.com', - 'wiki.rpath.com', - 'source.codeaurora.org', - 'code.wireshark.org', - 'h20564.www2.hp.com', - 'www.linux-mandrake.com', - 'erpscan.io', - 'downloads.securityfocus.com', - 'www.atstake.com', - 'hermes.opensuse.org', - 'itrc.hp.com', - 'ftp.caldera.com', - 'packetstorm.linuxsecurity.com', - 'www1.itrc.hp.com' -] - -const four04 = {}; -for (const key of four04List) { - four04[key] = 1; -} - -function checkLinkRot(cve) { - if(cve.containers?.cna?.references) { - for(r of cve.containers?.cna?.references) { - try{ - var u = new URL(r.url); - if (four04[u.host] && !(r.tags && r.tags.includes('broken-link'))) { - return { - instancePath: '/containers/cna/references', - schemaPath: '#/properties/url', - keyword: 'Broken link to ' + u.host, - params: { }, - message: 'Reference points to defunct site. Replace or add a broken-link tag.' - } - } - } catch(e) { - console.log('Error parsing URL' + r.url) - } - } - } - return false; -} - -function checkCVSS(cve) { - if(cve.containers.cna?.metrics) { - for(m of cve.containers.cna?.metrics) { - var cvss = m.cvssV3_1 || m.cvssV3_0; - if(cvss) { - if ((cvss.baseSeverity == 'CRITICAL' && cvss.baseScore >= 9 && cvss.baseScore <= 10) - || (cvss.baseSeverity == 'HIGH' && cvss.baseScore >= 7 && cvss.baseScore < 9) - || (cvss.baseSeverity == 'MEDIUM' && cvss.baseScore >= 4 && cvss.baseScore < 7) - || (cvss.baseSeverity == 'LOW' && cvss.baseScore >= 0.1 && cvss.baseScore < 4) - || (cvss.baseSeverity == 'NONE' && cvss.baseScore == 0)) { - //console.log('valid CVSS '); - } else { - return { - instancePath: '/containers/cna/metrics', - schemaPath: '#/properties', // TODO? - keyword: 'Bad CVSS', - params: { }, - message: 'Mismatched CVSS score and level' - } - } - } - } - } - return false; -} - -async function checkAffected(cve) { - -} - - -run(process.argv[2]); - -async function run(dir) { - await getCNAs(); - await getReport(dir); - await printReport(); -} - - -const docs = { -'/containers/cna/affected/product:maxLength': "Product name is too long! If you are listing multiple products, please use separate product objects.", -'/containers/cna/affected/product:minLength': "A product name is required.", -'/containers/cna/affected/versions/version:maxLength': "Version name is too long! If you are listing multiple versions, please encode as an array of version objects.", -'/containers/cna/metrics/cvssV3_0:required': "CVSS objects are incomplete. Please provide a valid vectorString at the minimum in your CVE-JSON v4 submission." -} - - -function printReport() { - console.log(start + - `

CVE Quality Workgroup Report

${total} CVE analyzed: Found ${invalid} schema errors, ${warns} quality issues

`) - /*for (const y in yStat) { - console.log(`
  • year ${y} - ${yStat[y]}
  • `) - }*/ - - Object.keys(errorStat).sort().forEach(shortName => { - var i = cnas[shortName]?.i; - var name = cnas[shortName]?.n ? cnas[shortName]?.n : shortName; - console.log(`

    ${name} [link]

    `) - for (const k in errorStat[shortName]) { - var alist = errorStat[shortName][k]; - for (const a in alist) { - var ids = [...new Set(alist[a])]; - console.log(`
    [${ids.length} CVEs] ${a} - field ${k} [link]:`) - if(docs[shortName + ':' + k]) { - console.log(`

    `+docs[shortName + ':' + k]+'

    ') - } - console.log('
    ') - for (const c of ids.sort()) { - console.log(` ${c}`) - } - console.log('
    ') - } - } - }); - - console.log(''); -} -/* var index = start + '

    CVE Quality Workgroup Report: CVE Records Indexed by CNAs

    '; - for(x of Object.keys(cnaIndex).sort(new Intl.Collator('en',{numeric:true}).compare)) { - var i = cnas[x]?.i; - var name = cnas[x]?.n ? cnas[x]?.n : x; - index = index + `
    ${name}
    ${cnaIndex[x].length} records

    `; - //var report = start + `

    CVE Quality Workgroup Report: CVEs records belonging to ${name}

    `; - for (c in cnaIndex[x].sort(new Intl.Collator('en',{numeric:true}).compare)) { - index += ` ${cnaIndex[x][c]}` - } - //report = report + ''; - //fs.writeFileSync('./reports/'+x+'.html',report); - } - fs.writeFileSync('./reports/index.html',index + '
    '); -} - -rl.on('line', validate) -rl.on('close', report) - -*/ \ No newline at end of file diff --git a/schema/archive/v5.0/support/schema2markmap/schema-bundle.js b/schema/archive/v5.0/support/schema2markmap/schema-bundle.js index 77fa94b2a18..cb65ee6d5c5 100644 --- a/schema/archive/v5.0/support/schema2markmap/schema-bundle.js +++ b/schema/archive/v5.0/support/schema2markmap/schema-bundle.js @@ -1,63 +1,18 @@ // Author: Chandan BN (c) 2021 // (2) creates a bundled schema -const rp = require('json-schema-ref-parser'); -const fs = require('fs'); -const dirName = process.argv[3]; - -if(!dirName) { - console.error('Please specify directory name'); - process.exit(1); -} - +var rp = require('json-schema-ref-parser'); +var fs = require('fs'); async function schemaBundle() { var cveSchemaBundle = await rp.bundle(process.argv[2]); var metricProperties = cveSchemaBundle.definitions.metrics.items.properties; - delete metricProperties.cvssV4_0.$id; delete metricProperties.cvssV3_1.id; delete metricProperties.cvssV3_0.id; delete metricProperties.cvssV2_0.id; - delete metricProperties.cvssV4_0.license; delete metricProperties.cvssV3_1.license; delete metricProperties.cvssV3_0.license; delete metricProperties.cvssV2_0.license; - - - fs.writeFile(`${dirName}/CVE_JSON_bundled.json`, - JSON.stringify(cveSchemaBundle, null, 2), - err => { - if(err) - throw err; - else - console.log('CVE_JSON_bundled.json created'); - } - ); - - for(t of ['cnaPublishedContainer', 'cnaRejectedContainer', 'adpContainer']) { - var subSchema = { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": `https://cveproject.github.io/cve-schema/schema/v5.0/docs/CVE_JSON_${t}.json`, - "title": `CVE JSON ${t} sub schema`, - "description": `CVE JSON ${t} format`, - "definitions": cveSchemaBundle.definitions, - "properties": { - }, - "additionalProperties": false - } - subSchema.properties[t.replace(/Published|Rejected/,'')] = { - "$ref": `#/definitions/${t}` - } - - fs.writeFile(`${dirName}/CVE_JSON_${t}.json`, - JSON.stringify(subSchema, null, 2), - err => { - if(err) - throw err; - else - console.log(`CVE_JSON_${t}.json created`); - } - ); - } + console.log(JSON.stringify(cveSchemaBundle, null, 2)); } -schemaBundle(); +schemaBundle(); \ No newline at end of file diff --git a/schema/archive/v5.0/support/tests/README.md b/schema/archive/v5.0/support/tests/README.md deleted file mode 100644 index 0b66406df59..00000000000 --- a/schema/archive/v5.0/support/tests/README.md +++ /dev/null @@ -1,13 +0,0 @@ -# All records in vald directory must validate: - -$ node ../Node_validator/validate.js valid/*.json - - ... - Summary: All files PASSED validation. - -# All records in invald directory must fail to validate: - -$ node ../Node_validator/validate.js invalid/*.json - - .... - Summary: Validation FAILED for 5 out of 5 files!