diff --git a/cyclonedx.go b/cyclonedx.go
index 7bff7d1..0b3b914 100644
--- a/cyclonedx.go
+++ b/cyclonedx.go
@@ -527,6 +527,8 @@ type VulnerabilityAnalysis struct {
Justification ImpactAnalysisJustification `json:"justification,omitempty" xml:"justification,omitempty"`
Response *[]ImpactAnalysisResponse `json:"response,omitempty" xml:"responses>response,omitempty"`
Detail string `json:"detail,omitempty" xml:"detail,omitempty"`
+ FirstIssued string `json:"firstIssued,omitempty" xml:"firstIssued,omitempty"`
+ LastUpdated string `json:"lastUpdated,omitempty" xml:"lastUpdated,omitempty"`
}
type VulnerabilityRating struct {
diff --git a/testdata/snapshots/cyclonedx-go-TestRoundTripJSON-func1-valid-vulnerability.json b/testdata/snapshots/cyclonedx-go-TestRoundTripJSON-func1-valid-vulnerability.json
index 4f335d6..447d1d1 100644
--- a/testdata/snapshots/cyclonedx-go-TestRoundTripJSON-func1-valid-vulnerability.json
+++ b/testdata/snapshots/cyclonedx-go-TestRoundTripJSON-func1-valid-vulnerability.json
@@ -99,7 +99,9 @@
"will_not_fix",
"update"
],
- "detail": "An optional explanation of why the application is not affected by the vulnerable component."
+ "detail": "An optional explanation of why the application is not affected by the vulnerable component.",
+ "firstIssued": "2022-01-01T00:00:00.000Z",
+ "lastUpdated": "2022-02-01T00:00:00.000Z"
},
"affects": [
{
diff --git a/testdata/snapshots/cyclonedx-go-TestRoundTripXML-func1-valid-vulnerability.xml b/testdata/snapshots/cyclonedx-go-TestRoundTripXML-func1-valid-vulnerability.xml
index d430733..33463a0 100644
--- a/testdata/snapshots/cyclonedx-go-TestRoundTripXML-func1-valid-vulnerability.xml
+++ b/testdata/snapshots/cyclonedx-go-TestRoundTripXML-func1-valid-vulnerability.xml
@@ -96,6 +96,8 @@
update
An optional explanation of why the application is not affected by the vulnerable component.
+ 2022-01-01T00:00:00.000Z
+ 2022-02-01T00:00:00.000Z
diff --git a/testdata/valid-vulnerability.json b/testdata/valid-vulnerability.json
index 84bf6a1..75199af 100644
--- a/testdata/valid-vulnerability.json
+++ b/testdata/valid-vulnerability.json
@@ -97,7 +97,9 @@
"state": "not_affected",
"justification": "code_not_reachable",
"response": ["will_not_fix", "update"],
- "detail": "An optional explanation of why the application is not affected by the vulnerable component."
+ "detail": "An optional explanation of why the application is not affected by the vulnerable component.",
+ "firstIssued": "2022-01-01T00:00:00.000Z",
+ "lastUpdated": "2022-02-01T00:00:00.000Z"
},
"affects": [
{
diff --git a/testdata/valid-vulnerability.xml b/testdata/valid-vulnerability.xml
index 1a231fa..f502534 100644
--- a/testdata/valid-vulnerability.xml
+++ b/testdata/valid-vulnerability.xml
@@ -97,6 +97,8 @@
update
An optional explanation of why the application is not affected by the vulnerable component.
+ 2022-01-01T00:00:00.000Z
+ 2022-02-01T00:00:00.000Z