CVE Schema¶
CVE¶
Representation of a CVE
Field |
Description |
|---|---|
firstseen |
Timestamp of when a sync job first discovered this node |
lastupdated |
Timestamp of the last time the node was updated |
id |
The CVE ID |
assigner |
The assigner of the CVE (email address) |
description_en |
The english description of the issue. |
references |
This is reference data in the form of URLs |
problem_types |
A list of CWE identifiers |
vector_string |
The CVSSv3 scoring data. |
attack_vector |
The attack vector |
attack_complexity |
The attack complexity |
privileges_required |
The privileges required |
user_interaction |
The user interaction |
scope |
The scope |
confidentiality_impact |
The confidentiality impact |
integrity_impact |
The integrity impact |
availability_impact |
The availability impact |
base_score |
The CVSSv3 score |
base_severity |
The severity |
exploitability_score |
The exploitability score |
impact_score |
The impact score |
published_date |
The date the CVE was published |
last_modified_date |
The date the CVE was last updated |
Relationships¶
A CVE linked to a SemgrepSCAFinding (optional)
(CVE)-[:LINKED_TO]->(:SemgrepSCAFinding)