{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://raw.githubusercontent.com/api-evangelist/openssf/refs/heads/main/json-schema/openssf-osv-vulnerability-schema.json", "title": "OSV Vulnerability", "description": "OSV schema record for an open source vulnerability. Mirrors the OSV schema published by the OpenSSF.", "type": "object", "required": ["schema_version", "id", "modified"], "properties": { "schema_version": { "type": "string" }, "id": { "type": "string" }, "modified": { "type": "string", "format": "date-time" }, "published": { "type": "string", "format": "date-time" }, "withdrawn": { "type": "string", "format": "date-time" }, "aliases": { "type": "array", "items": { "type": "string" } }, "related": { "type": "array", "items": { "type": "string" } }, "summary": { "type": "string" }, "details": { "type": "string" }, "severity": { "type": "array", "items": { "type": "object", "properties": { "type": { "type": "string", "enum": ["CVSS_V2", "CVSS_V3", "CVSS_V4"] }, "score": { "type": "string" } }, "required": ["type", "score"] } }, "affected": { "type": "array", "items": { "type": "object", "properties": { "package": { "type": "object", "properties": { "ecosystem": { "type": "string" }, "name": { "type": "string" }, "purl": { "type": "string" } } }, "ranges": { "type": "array", "items": { "type": "object", "properties": { "type": { "type": "string", "enum": ["GIT", "SEMVER", "ECOSYSTEM"] }, "repo": { "type": "string" }, "events": { "type": "array", "items": { "type": "object" } } }, "required": ["type", "events"] } }, "versions": { "type": "array", "items": { "type": "string" } }, "ecosystem_specific": { "type": "object" }, "database_specific": { "type": "object" } } } }, "references": { "type": "array", "items": { "type": "object", "properties": { "type": { "type": "string" }, "url": { "type": "string", "format": "uri" } }, "required": ["type", "url"] } }, "credits": { "type": "array", "items": { "type": "object" } }, "database_specific": { "type": "object" } } }