Skip to content
JSON Schema for Vulnerability Description Ontology (VDO)
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
editor
examples/CVE-2014-8606
.gitignore
LICENSE.txt
README.md
vdo_schema.json

README.md

VDO JSON Schema

VDO JSON Schema is an implementation of JSON Schema for Vulnerability Description Ontology (VDO).

Vulnerability Description Ontology (VDO) is a framework for describing vulnerabilities and is defined in NISTIR 8138 (Draft). VDO defines basic building blocks of vulnerability and a set of values they should take. So it will free you from using free format text description and assist in the automation of vulnerability management process.

VDO JSON Schema displays possible autocomplete suggestions and inserts a suggestion in an editor that can understand the structure of JSON Schema.

autocompletion-demo

Getting started

Currently we have schema for two major editors, Atom and Visual Studio Code.

Atom

  1. Install vdo-schema-provider and autocomplete-json packages
  2. Run npm install in the vdo-schema-provider directory (vdo-schema-provider requires file-url)
  3. Copy vdo_schema.json to vdo-schema-provider directory
  4. By default settings, the autocompletion will be enabled if a file name matches CVE-*.json.

vdo-schema-provider is a custom schema provider for VDO JSON Schema. See SchemaProvider · bali182/autocomplete-json Wiki for additional information about custom schema provider.

Visual Studio Code

Copy .vscode and vdo_schema.json to your working directory. By default settings, the autocompletion will be enabled if a file name matches CVE-*.json.

See JSON editing in Visual Studio Code for additional information.

Other editors

If you with to have this in other editors, please inform us. We also appreciate if you make it by yourself and create a pull request.

Notes

  • JSON Schema version: draft-07
  • Our VDO representation does NOT completely compliant with NISTIR 8138.
You can’t perform that action at this time.