Red Hat Enterprise Linux · JSON Structure

Rhel Cve Structure

Structure of a CVE record from the Red Hat Security Data API

Type: Properties: 0
AutomationComplianceEnterpriseLinuxOperating SystemRed HatRHELSecuritySubscription ManagementVulnerability Management

RHEL CVE is a JSON Structure definition published by Red Hat Enterprise Linux.

Meta-schema:

JSON Structure

Raw ↑ 
{
  "name": "RHEL CVE",
  "description": "Structure of a CVE record from the Red Hat Security Data API",
  "fields": [
    {"name": "name", "type": "string", "description": "CVE identifier (e.g., CVE-2021-23358)", "required": true},
    {"name": "threat_severity", "type": "enum", "values": ["Low", "Moderate", "Important", "Critical"], "description": "Red Hat severity rating", "required": true},
    {"name": "public_date", "type": "datetime", "description": "Date CVE was publicly disclosed"},
    {"name": "bugzilla", "type": "object", "description": "Associated Bugzilla ticket",
      "fields": [
        {"name": "description", "type": "string"},
        {"name": "id", "type": "string"},
        {"name": "url", "type": "uri"}
      ]
    },
    {"name": "cvss", "type": "object", "description": "CVSS v2 scoring",
      "fields": [
        {"name": "cvss_base_score", "type": "string"},
        {"name": "cvss_scoring_vector", "type": "string"},
        {"name": "status", "type": "string"}
      ]
    },
    {"name": "cvss3", "type": "object", "description": "CVSS v3 scoring",
      "fields": [
        {"name": "cvss3_base_score", "type": "string"},
        {"name": "cvss3_scoring_vector", "type": "string"},
        {"name": "status", "type": "string"}
      ]
    },
    {"name": "cwe", "type": "string", "description": "CWE identifier"},
    {"name": "details", "type": "array", "items": "string", "description": "Vulnerability description"},
    {"name": "statement", "type": "string", "description": "Red Hat impact statement"},
    {"name": "affected_release", "type": "array", "description": "Fixed package releases",
      "items": {
        "type": "object",
        "fields": [
          {"name": "product_name", "type": "string"},
          {"name": "release_date", "type": "datetime"},
          {"name": "advisory", "type": "string"},
          {"name": "cpe", "type": "string"},
          {"name": "package", "type": "string"}
        ]
      }
    },
    {"name": "package_state", "type": "array", "description": "Unpatched packages",
      "items": {
        "type": "object",
        "fields": [
          {"name": "product_name", "type": "string"},
          {"name": "fix_state", "type": "enum", "values": ["Affected", "Will not fix", "Fix deferred", "Not affected", "Out of support scope"]},
          {"name": "package_name", "type": "string"},
          {"name": "cpe", "type": "string"}
        ]
      }
    }
  ]
}