Skip to content

Update schema based on early use #347

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
leecow merged 4 commits into from
Jan 27, 2026
Merged

Update schema based on early use #347

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ae2f650
Add link to schema
richlander Oct 29, 2025
d044189
Update spec
richlander Jan 7, 2026
0a734db
Delete unnecessary files
richlander Jan 7, 2026
f4d9745
Update per feedback
richlander Jan 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
263 changes: 211 additions & 52 deletions accepted/2025/cve-schema/cve.json
View file
Open in desktop

Large diffs are not rendered by default.

110 changes: 55 additions & 55 deletions accepted/2025/cve-schema/cve_queries.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ The following scripts run the queries:

### Get all CVE IDs
```bash
$ jq -r '.cves[].id' cve.json
$ jq -r '.disclosures[].id' cve.json
CVE-2024-30105
CVE-2024-35264
CVE-2024-38081
Expand All @@ -23,7 +23,7 @@ CVE-2024-38095

### Get CVEs by severity
```bash
$ jq -r '.cves[] | select(.severity == "critical") | .id' cve.json
$ jq -r '.disclosures[] | select(.cvss.severity == "HIGH") | .id' cve.json
CVE-2024-30105
CVE-2024-35264
CVE-2024-38081
Expand All @@ -35,7 +35,7 @@ CVE-2024-38095
```bash
$ jq -r '(["| CVE ID | Problem |",
"| ------ | ------- |"] +
[.cves[] | "| \(.id) | \(.problem) |"]) |
[.disclosures[] | "| \(.id) | \(.problem) |"]) |
.[]' cve.json
| CVE ID | Problem |
| ------ | ------- |
Expand Down Expand Up @@ -166,19 +166,19 @@ $ jq -r '. as $root |

### CVEs with release impact
```bash
$ jq -r '. as $root |
$ jq -r '. as $root |
(["| CVE ID | Severity | Releases | Problem |",
"| ------------- | -------- | -------- | ------- |"] +
[$root.cves[] |
.id as $cve |
"| \($cve) | \(.severity) | \(($root.cve_releases[$cve] // []) | join(", ")) | \(.problem) |"]) |
[$root.disclosures[] |
.id as $cve |
"| \($cve) | \(.cvss.severity) | \(($root.cve_releases[$cve] // []) | join(", ")) | \(.problem) |"]) |
.[]' cve.json
| CVE ID | Severity | Releases | Problem |
| ------------- | -------- | -------- | ------- |
| CVE-2024-30105 | critical | 8.0 | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | critical | 8.0 | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | critical | 6.0 | .NET Denial of Service Vulnerability |
| CVE-2024-38095 | critical | 6.0, 8.0 | .NET Denial of Service Vulnerability |
| CVE-2024-30105 | HIGH | 8.0 | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | HIGH | 8.0 | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | HIGH | 6.0 | .NET Elevation of Privilege Vulnerability |
| CVE-2024-38095 | HIGH | 6.0, 8.0 | .NET Denial of Service Vulnerability |
```
[📁 cves_with_release_impact.jq](jq_queries/cves_with_release_impact.jq)

Expand Down Expand Up @@ -223,15 +223,15 @@ $ jq -r '. as $root |
```bash
$ jq -r '(["| CVE ID | Disclosed | Days Since Disclosure |",
"| ------ | --------- | -------------------- |"] +
[.cves[] |
"| \(.id) | \(.disclosed) | \(((now | strftime(\"%Y-%m-%d\") | strptime(\"%Y-%m-%d\") | mktime) - (.disclosed | strptime(\"%Y-%m-%d\") | mktime)) / 86400 | floor) |"]) |
[.disclosures[] |
"| \(.id) | \(.timeline.disclosure.date) | \(((now | strftime(\"%Y-%m-%d\") | strptime(\"%Y-%m-%d\") | mktime) - (.timeline.disclosure.date | strptime(\"%Y-%m-%d\") | mktime)) / 86400 | floor) |"]) |
.[]' cve.json
| CVE ID | Disclosed | Days Since Disclosure |
| ------ | --------- | -------------------- |
| CVE-2024-30105 | 2024-07-09 | 419 |
| CVE-2024-35264 | 2024-07-09 | 419 |
| CVE-2024-38081 | 2024-07-09 | 419 |
| CVE-2024-38095 | 2024-07-09 | 419 |
| CVE-2024-30105 | 2024-07-09 | 547 |
| CVE-2024-35264 | 2024-07-09 | 547 |
| CVE-2024-38081 | 2024-07-09 | 547 |
| CVE-2024-38095 | 2024-07-09 | 547 |
```
[📁 age_of_vulnerabilities.jq](jq_queries/age_of_vulnerabilities.jq)

Expand Down Expand Up @@ -280,8 +280,8 @@ $ jq -r --arg release "8.0" '
```bash
$ jq -r '(["| CVE ID | Platforms |",
"| ------------- | --------- |"] +
[.cves[] |
"| \(.id) | \(.platforms | join(", ")) |"]) |
[.disclosures[] |
"| \(.id) | \(.platforms | join(", ")) |"]) |
.[]' cve.json
| CVE ID | Platforms |
| ------------- | --------- |
Expand All @@ -296,13 +296,13 @@ $ jq -r '(["| CVE ID | Platforms |",

### Packages requiring immediate attention
```bash
$ jq -r '. as $root |
[$root.cves[] | select(.severity == "critical") | .id] as $critical_cves |
$ jq -r '. as $root |
.severity_cves["HIGH"] as $high_cves |
(["| CVE ID | Package |",
"| ------------- | ------- |"] +
[$root.packages[] |
select(.cve_id as $cve | $critical_cves | contains([$cve])) |
"| \(.cve_id) | \(.name) |"]) |
[$root.packages[] |
select(.cve_id as $cve | $high_cves | contains([$cve])) |
"| \(.cve_id) | \(.name) |"]) |
.[]' cve.json
| CVE ID | Package |
| ------------- | ------- |
Expand Down Expand Up @@ -375,15 +375,15 @@ $ jq -r '(.release_cves["9.0"] // []) | length' cve.json
```bash
$ jq -r '(["| CVE ID | Severity | Problem |",
"| ------ | -------- | ------- |"] +
[.cves[] | select(.severity == "critical") |
"| \(.id) | 🚨 CRITICAL | \(.problem) |"]) |
[.disclosures[] | select(.cvss.severity == "HIGH") |
"| \(.id) | \(.cvss.severity) | \(.problem) |"]) |
.[]' cve.json
| CVE ID | Severity | Problem |
| ------ | -------- | ------- |
| CVE-2024-30105 | 🚨 CRITICAL | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | 🚨 CRITICAL | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | 🚨 CRITICAL | .NET Denial of Service Vulnerability |
| CVE-2024-38095 | 🚨 CRITICAL | .NET Denial of Service Vulnerability |
| CVE-2024-30105 | HIGH | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | HIGH | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | HIGH | .NET Elevation of Privilege Vulnerability |
| CVE-2024-38095 | HIGH | .NET Denial of Service Vulnerability |
```
[📁 immediate_risk_assessment.jq](jq_queries/immediate_risk_assessment.jq)

Expand All @@ -409,15 +409,15 @@ Combine CVE data with severity and platform taxonomies:
```bash
$ jq -r '(["| CVE ID | Severity | Platforms | Problem |",
"| ------ | -------- | --------- | ------- |"] +
[.cves[] |
"| \(.id) | \(.severity) | \(.platforms | join(\", \")) | \(.problem) |"]) |
[.disclosures[] |
"| \(.id) | \(.cvss.severity) | \(.platforms | join(\", \")) | \(.problem) |"]) |
.[]' cve.json
| CVE ID | Severity | Platforms | Problem |
| ------ | -------- | --------- | ------- |
| CVE-2024-30105 | critical | all | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | critical | all | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | critical | windows | .NET Denial of Service Vulnerability |
| CVE-2024-38095 | critical | all | .NET Denial of Service Vulnerability |
| CVE-2024-30105 | HIGH | all | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | HIGH | all | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | HIGH | windows | .NET Elevation of Privilege Vulnerability |
| CVE-2024-38095 | HIGH | all | .NET Denial of Service Vulnerability |
```
[📁 cve_report_with_display_names.jq](jq_queries/cve_report_with_display_names.jq)

Expand Down Expand Up @@ -445,8 +445,8 @@ Complete security report using all taxonomy files:
```bash
$ jq -r '(["| Metric | Value |",
"| ------ | ----- |",
"| Total CVEs | \(.cves | length) |",
"| Critical CVEs | 4 |"] +
"| Total CVEs | \(.disclosures | length) |",
"| HIGH Severity CVEs | \(.severity_cves["HIGH"] | length) |"] +
[""] +
["| Product | CVE Count |",
"| ------- | --------- |"] +
Expand All @@ -455,25 +455,25 @@ $ jq -r '(["| Metric | Value |",
[""] +
["| CVE ID | Severity | Problem | Platforms | Disclosed |",
"| ------ | -------- | ------- | --------- | --------- |"] +
[.cves[] |
"| \(.id) | \(.severity) | \(.problem) | \(.platforms | join(\", \")) | \(.disclosed) |"]) |
[.disclosures[] |
"| \(.id) | \(.cvss.severity) | \(.problem) | \(.platforms | join(\", \")) | \(.timeline.disclosure.date) |"]) |
.[]' cve.json
| Metric | Value |
| ------ | ----- |
| Total CVEs | 4 |
| Critical CVEs | 4 |
| HIGH Severity CVEs | 4 |

| Product | CVE Count |
| ------- | --------- |
| dotnet-runtime | 3 |
| dotnet-aspnetcore | 1 |
| dotnet-runtime | 3 |

| CVE ID | Severity | Problem | Platforms | Disclosed |
| ------ | -------- | ------- | --------- | --------- |
| CVE-2024-30105 | critical | .NET Denial of Service Vulnerability | all | 2024-07-09 |
| CVE-2024-35264 | critical | .NET Remote Code Execution Vulnerability | all | 2024-07-09 |
| CVE-2024-38081 | critical | .NET Denial of Service Vulnerability | windows | 2024-07-09 |
| CVE-2024-38095 | critical | .NET Denial of Service Vulnerability | all | 2024-07-09 |
| CVE-2024-30105 | HIGH | .NET Denial of Service Vulnerability | all | 2024-07-09 |
| CVE-2024-35264 | HIGH | .NET Remote Code Execution Vulnerability | all | 2024-07-09 |
| CVE-2024-38081 | HIGH | .NET Elevation of Privilege Vulnerability | windows | 2024-07-09 |
| CVE-2024-38095 | HIGH | .NET Denial of Service Vulnerability | all | 2024-07-09 |
```

[📁 security_advisory_full_taxonomy.jq](jq_queries/security_advisory_full_taxonomy.jq)
Expand All @@ -488,8 +488,8 @@ $ jq -r --slurpfile platforms platforms.json '
($platforms[0].items | map({(.string): .display_name}) | add) as $platform_names |
(["| CVE ID | Platforms |",
"| ------------- | --------- |"] +
[.cves[] |
"| \(.id) | \((.platforms | map($platform_names[.] // .)) | join(", ")) |"]) |
[.disclosures[] |
"| \(.id) | \((.platforms | map($platform_names[.] // .)) | join(", ")) |"]) |
.[]' cve.json
| CVE ID | Platforms |
| ------------- | --------- |
Expand All @@ -507,16 +507,16 @@ $ jq -r --slurpfile severity severity.json '
($severity[0].items | map({(.string): .display_name}) | add) as $severity_names |
(["| CVE ID | Severity | Releases | Problem |",
"| ------------- | -------- | -------- | ------- |"] +
[$root.cves[] |
.id as $cve |
"| \($cve) | \($severity_names[.severity] // .severity) | \(($root.cve_releases[$cve] // []) | join(", ")) | \(.problem) |"]) |
[$root.disclosures[] |
.id as $cve |
"| \($cve) | \($severity_names[.cvss.severity] // .cvss.severity) | \(($root.cve_releases[$cve] // []) | join(", ")) | \(.problem) |"]) |
.[]' cve.json
| CVE ID | Severity | Releases | Problem |
| ------------- | -------- | -------- | ------- |
| CVE-2024-30105 | Critical | 8.0 | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | Critical | 8.0 | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | Critical | 6.0 | .NET Denial of Service Vulnerability |
| CVE-2024-38095 | Critical | 6.0, 8.0 | .NET Denial of Service Vulnerability |
| CVE-2024-30105 | High | 8.0 | .NET Denial of Service Vulnerability |
| CVE-2024-35264 | High | 8.0 | .NET Remote Code Execution Vulnerability |
| CVE-2024-38081 | High | 6.0 | .NET Elevation of Privilege Vulnerability |
| CVE-2024-38095 | High | 6.0, 8.0 | .NET Denial of Service Vulnerability |
```
[📁 cves_with_release_impact_enhanced.jq](jq_queries/cves_with_release_impact_enhanced.jq)

Expand Down
Loading