{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/anchore/refs/heads/main/json-schema/anchore-vulnerability-schema.json",
  "title": "Anchore Vulnerability",
  "description": "Schema for a vulnerability found in an Anchore-analyzed image",
  "type": "object",
  "properties": {
    "vuln": {
      "type": "string",
      "description": "CVE or vulnerability identifier"
    },
    "severity": {
      "type": "string",
      "enum": [
        "Critical",
        "High",
        "Medium",
        "Low",
        "Negligible",
        "Unknown"
      ]
    },
    "package": {
      "type": "string"
    },
    "packageVersion": {
      "type": "string"
    },
    "packageType": {
      "type": "string"
    },
    "fix": {
      "type": "string",
      "description": "Fixed version if available"
    },
    "url": {
      "type": "string",
      "format": "uri"
    },
    "feedGroup": {
      "type": "string"
    },
    "packagePath": {
      "type": "string"
    }
  },
  "required": [
    "vuln",
    "severity",
    "package"
  ]
}