Fields¶
These elements stand for a context-specific chunk of information in the database; they narrow down the search results. There are four types of field elements: CVEMatch, firmware, issue, and file.
For example, to search for all issues that have a high severity field, use:
Different field types have different types of information stored in the system. For example, firmware related items do not have a severity field, so the above query would be invalid for a firmware-related search, and would result in an error.
Info
The field element must be followed by a compatible operator, which in turn defines the value type. For example, the CONTAINS operator can only be preceded by a vector field and the type of the value has to match the vector's type.
List of fields¶
CVEMatch¶
| Field name | Type |
|---|---|
| component.key | String |
| component.licenseExplanation | String |
| component.name | String |
| component.tag | Symbol (ANDROID,AUTOSAR,BOOTLOADER,CRYPTOGRAPHY,DISTRIBUTION,GO,JAR,JAVASCRIPT,LIBRARY,OS,PYTHON,QNX,RTOS) |
| component.update | String |
| component.version | String |
| cve.cvss2.accessComplexity | Symbol (HIGH, LOW, MEDIUM) |
| cve.cvss2.accessVector | Symbol (ADJACENT_NETWORK, LOCAL, NETWORK) |
| cve.cvss2.authentication | Symbol (MULTIPLE, NONE, SINGLE) |
| cve.cvss2.availabilityImpact | Symbol (COMPLETE, NONE, PARTIAL) |
| cve.cvss2.baseScore | Float |
| cve.cvss2.confidentialityImpact | Symbol (COMPLETE, NONE, PARTIAL) |
| cve.cvss2.integrityImpact | Symbol (COMPLETE, NONE, PARTIAL) |
| cve.cvss2.overallScore | Float |
| cve.cvss2.severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| cve.cvss2.temporalScore | Float |
| cve.cvss2.vector | String |
| cve.cvss3.attackComplexity | Symbol (HIGH, LOW) |
| cve.cvss3.attackVector | Symbol (ADJACENT_NETWORK, LOCAL, NETWORK, PHYSICAL) |
| cve.cvss3.availabilityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss3.availabilityRequirement | Symbol (HIGH, LOW, MEDIUM, NOT_DEFINED) |
| cve.cvss3.baseScore | Float |
| cve.cvss3.confidentialityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss3.confidentialityRequirement | Symbol (HIGH, LOW, MEDIUM, NOT_DEFINED) |
| cve.cvss3.environmentalScore | Float |
| cve.cvss3.exploitMaturity | Symbol (FUNCTIONAL, HIGH, NOT_DEFINED, POC, UNPROVEN) |
| cve.cvss3.integrityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss3.integrityRequirement | Symbol (HIGH, LOW, MEDIUM, NOT_DEFINED) |
| cve.cvss3.modifiedAttackComplexity | Symbol (HIGH, LOW, NOT_DEFINED) |
| cve.cvss3.modifiedAttackVector | Symbol (ADJACENT_NETWORK, LOCAL, NETWORK, NOT_DEFINED, PHYSICAL) |
| cve.cvss3.modifiedAvailabilityImpact | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cve.cvss3.modifiedConfidentialityImpact | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cve.cvss3.modifiedIntegrityImpact | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cve.cvss3.modifiedPrivilegesRequired | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cve.cvss3.modifiedScope | Symbol (CHANGED, NOT_DEFINED, UNCHANGED) |
| cve.cvss3.modifiedUserInteraction | Symbol (NONE, NOT_DEFINED, REQUIRED) |
| cve.cvss3.overallScore | Float |
| cve.cvss3.privilegesRequired | Symbol (HIGH, LOW, NONE) |
| cve.cvss3.remediationLevel | Symbol (NOT_DEFINED, OFFICIAL_FIX, TEMPORARY_FIX, UNAVAILABLE, WORKAROUND) |
| cve.cvss3.reportConfidence | Symbol (CONFIRMED, NOT_DEFINED, REASONABLE, UNKNOWN) |
| cve.cvss3.scope | Symbol (CHANGED, UNCHANGED) |
| cve.cvss3.severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| cve.cvss3.temporalScore | Float |
| cve.cvss3.userInteraction | Symbol (NONE, REQUIRED) |
| cve.cvss3.vector | String |
| cve.cvss4.attackComplexity | Symbol (HIGH, LOW) |
| cve.cvss4.attackRequirements | Symbol (NONE, PRESENT) |
| cve.cvss4.attackVector | Symbol (ADJACENT_NETWORK, LOCAL, NETWORK, PHYSICAL) |
| cve.cvss4.availabilityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss4.baseScore | Float |
| cve.cvss4.confidentialityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss4.integrityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss4.privilegesRequired | Symbol (HIGH, LOW, NONE) |
| cve.cvss4.severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| cve.cvss4.subsequentAvailabilityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss4.subsequentConfidentialityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss4.subsequentIntegrityImpact | Symbol (HIGH, LOW, NONE) |
| cve.cvss4.userInteraction | Symbol (ACTIVE, NONE, PASSIVE) |
| cve.cvss4.vector | String |
| cve.description | String |
| cve.epssPercentile | Float |
| cve.epssProbability | Float |
| cve.exploitMaturity | Symbol (FUNCTIONAL, HIGH, NOT_DEFINED, POC, UNPROVEN) |
| cve.id | String |
| cve.name | String |
| cve.reference.name | String |
| cve.reference.source | String |
| cve.reference.tag | String |
| cve.reference.url | String |
| cve.severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| id | UUID |
| justification | Symbol (CODE_NOT_PRESENT,CODE_NOT_REACHABLE,CODE_PRESENT,CODE_REACHABLE,CONFIGURATION_MET,DEPENDENCY_MET,ENVIRONMENT_MET,PROTECTED_AT_PERIMETER,PROTECTED_AT_RUNTIME,PROTECTED_BY_COMPILER,PROTECTED_BY_MITIGATING_CONTROL,REQUIRES_CONFIGURATION,REQUIRES_DEPENDENCY,REQUIRES_ENVIRONMENT) |
| response | Symbol (CAN_NOT_FIX, ROLLBACK, UPDATE, WILL_NOT_FIX, WORKAROUND_AVAILABLE) |
| score | Integer |
| severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| ssvc.automatable | Symbol (NO, YES) |
| ssvc.decision | Symbol (ACT, ATTEND, TRACK, TRACK_STAR) |
| ssvc.exploitation | Symbol (ACTIVE, NONE, POC) |
| ssvc.missionPrevalence | Symbol (ESSENTIAL, MINIMAL, SUPPORT) |
| ssvc.technicalImpact | Symbol (PARTIAL, TOTAL) |
| ssvc.wellBeingImpact | Symbol (IRREVERSIBLE, MATERIAL, MINIMAL) |
| stableKey | String |
| status | Symbol (ACCEPTED_RISK,DEFERRED,FALSE_POSITIVE,FIXED,FOCUS,NONE,NOT_AFFECTED,TRIAGE) |
Firmware¶
| Field name | Type |
|---|---|
| binary.md5 | String |
| binary.originalFilename | String |
| binary.sha1 | String |
| binary.sha256 | String |
| binary.uploadSize | Integer |
| enableMonitoring | Boolean |
| id | UUID |
| label | String |
| name | String |
| notes | String |
| product.category | String |
| product.id | UUID |
| product.name | String |
| product.vendor | String |
| uploader | String |
| version | String |
Issue¶
| Field name | Type |
|---|---|
| certificate.fingerprintSha1 | String |
| certificate.fingerprintSha256 | String |
| certificate.issuer | String |
| certificate.signatureAlgorithmOid | String |
| certificate.subject | String |
| command | String |
| confidence | Symbol (HIGH, LOW, MODERATE) |
| credentialType | Symbol (AWS_CREDENTIALS,BASIC_AUTH,CURL_COMMAND,JSON_FILE,OPENSSL_COMMAND,PYTHON_FILE,SSHPASS_COMMAND,WGETRC_FILE,WGET_COMMAND) |
| cvss3.attackComplexity | Symbol (HIGH, LOW) |
| cvss3.attackVector | Symbol (ADJACENT_NETWORK, LOCAL, NETWORK, PHYSICAL) |
| cvss3.availabilityImpact | Symbol (HIGH, LOW, NONE) |
| cvss3.availabilityRequirement | Symbol (HIGH, LOW, MEDIUM, NOT_DEFINED) |
| cvss3.baseScore | Float |
| cvss3.confidentialityImpact | Symbol (HIGH, LOW, NONE) |
| cvss3.confidentialityRequirement | Symbol (HIGH, LOW, MEDIUM, NOT_DEFINED) |
| cvss3.environmentalScore | Float |
| cvss3.exploitMaturity | Symbol (FUNCTIONAL, HIGH, NOT_DEFINED, POC, UNPROVEN) |
| cvss3.integrityImpact | Symbol (HIGH, LOW, NONE) |
| cvss3.integrityRequirement | Symbol (HIGH, LOW, MEDIUM, NOT_DEFINED) |
| cvss3.modifiedAttackComplexity | Symbol (HIGH, LOW, NOT_DEFINED) |
| cvss3.modifiedAttackVector | Symbol (ADJACENT_NETWORK, LOCAL, NETWORK, NOT_DEFINED, PHYSICAL) |
| cvss3.modifiedAvailabilityImpact | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cvss3.modifiedConfidentialityImpact | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cvss3.modifiedIntegrityImpact | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cvss3.modifiedPrivilegesRequired | Symbol (HIGH, LOW, NONE, NOT_DEFINED) |
| cvss3.modifiedScope | Symbol (CHANGED, NOT_DEFINED, UNCHANGED) |
| cvss3.modifiedUserInteraction | Symbol (NONE, NOT_DEFINED, REQUIRED) |
| cvss3.overallScore | Float |
| cvss3.privilegesRequired | Symbol (HIGH, LOW, NONE) |
| cvss3.remediationLevel | Symbol (NOT_DEFINED, OFFICIAL_FIX, TEMPORARY_FIX, UNAVAILABLE, WORKAROUND) |
| cvss3.reportConfidence | Symbol (CONFIRMED, NOT_DEFINED, REASONABLE, UNKNOWN) |
| cvss3.scope | Symbol (CHANGED, UNCHANGED) |
| cvss3.severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| cvss3.temporalScore | Float |
| cvss3.userInteraction | Symbol (NONE, REQUIRED) |
| cvss3.vector | String |
| cvss4.attackComplexity | Symbol (HIGH, LOW) |
| cvss4.attackRequirements | Symbol (NONE, PRESENT) |
| cvss4.attackVector | Symbol (ADJACENT_NETWORK, LOCAL, NETWORK, PHYSICAL) |
| cvss4.availabilityImpact | Symbol (HIGH, LOW, NONE) |
| cvss4.baseScore | Float |
| cvss4.confidentialityImpact | Symbol (HIGH, LOW, NONE) |
| cvss4.integrityImpact | Symbol (HIGH, LOW, NONE) |
| cvss4.privilegesRequired | Symbol (HIGH, LOW, NONE) |
| cvss4.severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| cvss4.subsequentAvailabilityImpact | Symbol (HIGH, LOW, NONE) |
| cvss4.subsequentConfidentialityImpact | Symbol (HIGH, LOW, NONE) |
| cvss4.subsequentIntegrityImpact | Symbol (HIGH, LOW, NONE) |
| cvss4.userInteraction | Symbol (ACTIVE, NONE, PASSIVE) |
| cvss4.vector | String |
| description | String |
| error | String |
| exponent | Integer |
| file.category | String |
| file.component.key | String |
| file.component.licenseExplanation | String |
| file.component.name | String |
| file.component.tag | Symbol (ANDROID,AUTOSAR,BOOTLOADER,CRYPTOGRAPHY,DISTRIBUTION,GO,JAR,JAVASCRIPT,LIBRARY,OS,PYTHON,QNX,RTOS) |
| file.component.update | String |
| file.component.version | String |
| file.elf.bits | Integer |
| file.elf.canary | Boolean |
| file.elf.compiler | String |
| file.elf.cpuFamily | String |
| file.elf.endian | Symbol (BIG, LITTLE) |
| file.elf.fortify | Boolean |
| file.elf.immediateBinding | Boolean |
| file.elf.interpreter | String |
| file.elf.loadAddress | Integer |
| file.elf.machine | String |
| file.elf.neededLibrary | String |
| file.elf.nx | Boolean |
| file.elf.pic | Boolean |
| file.elf.relro | Symbol (FULL, NO, PARTIAL) |
| file.elf.rpath | String |
| file.elf.static | Boolean |
| file.elf.stripped | Boolean |
| file.elf.symbol.exported | Boolean |
| file.elf.symbol.function | Boolean |
| file.elf.symbol.imported | Boolean |
| file.elf.symbol.name | String |
| file.elf.symbol.offset | Integer |
| file.elf.symbol.size | Integer |
| file.elf.symbol.static | Boolean |
| file.elf.symbol.variable | Boolean |
| file.entropy.blockSize | Integer |
| file.entropy.highest | Float |
| file.entropy.lowest | Float |
| file.entropy.mean | Float |
| file.magic | String |
| file.magicMime | String |
| file.md5 | String |
| file.meanEntropy | Float |
| file.name | String |
| file.path | String |
| file.sha1 | String |
| file.sha256 | String |
| file.size | Integer |
| file.stableKey | String |
| file.string | String |
| file.target | String |
| hash | String |
| hashType | Symbol (APACHE_MD5, DES_CRYPT, MD5_CRYPT, SHA256_CRYPT, SHA512_CRYPT) |
| host | String |
| id | UUID |
| info | String |
| justification | Symbol (CODE_NOT_PRESENT,CODE_NOT_REACHABLE,CODE_PRESENT,CODE_REACHABLE,CONFIGURATION_MET,DEPENDENCY_MET,ENVIRONMENT_MET,PROTECTED_AT_PERIMETER,PROTECTED_AT_RUNTIME,PROTECTED_BY_COMPILER,PROTECTED_BY_MITIGATING_CONTROL,REQUIRES_CONFIGURATION,REQUIRES_DEPENDENCY,REQUIRES_ENVIRONMENT) |
| keyLength | Integer |
| keyType | String |
| line | String |
| md5Fingerprint | String |
| missmatchType | Symbol (PUBKEY_CHANGED, RENEWED, SIGNATURE_CHANGED, UNKNOWN) |
| name | String |
| originalFilename | String |
| password | String |
| passwordType | Symbol (CHPASSWD_COMMAND, EMPTY_PASSWORD, HASHED_PASSWORD, HTACCESS_FILE) |
| privateKey.keySize | Integer |
| privateKey.keyType | String |
| privateKey.publicKey | String |
| privateKey.sshFingerprintMd5 | String |
| privateKey.sshFingerprintSha256 | String |
| privateKey.sshPublicKey | String |
| response | Symbol (CAN_NOT_FIX, ROLLBACK, UPDATE, WILL_NOT_FIX, WORKAROUND_AVAILABLE) |
| severity | Symbol (CRITICAL, HIGH, INFORMATIONAL, LOW, MEDIUM) |
| sha256Fingerprint | String |
| signatureName | String |
| signatureOid | String |
| ssvc.automatable | Symbol (NO, YES) |
| ssvc.decision | Symbol (ACT, ATTEND, TRACK, TRACK_STAR) |
| ssvc.exploitation | Symbol (ACTIVE, NONE, POC) |
| ssvc.missionPrevalence | Symbol (ESSENTIAL, MINIMAL, SUPPORT) |
| ssvc.technicalImpact | Symbol (PARTIAL, TOTAL) |
| ssvc.wellBeingImpact | Symbol (IRREVERSIBLE, MATERIAL, MINIMAL) |
| stableKey | String |
| status | Symbol (ACCEPTED_RISK,DEFERRED,FALSE_POSITIVE,FIXED,FOCUS,NONE,NOT_AFFECTED,TRIAGE) |
| targetUser | String |
| type | Symbol (AndroidConfigurationPropertyIssue,AuthorizedKeyIssue,BinaryStartDangerousServiceIssue,CertificateCAVerificationFailedIssue,CertificateExpiredIssue,CertificateKeyLengthIssue,CertificateRSAPublicExponentIssue,CertificateSignatureIssue,CertificateTrustedCAMissmatchIssue,CertificateVerificationFailedIssue,CertificateVersionIssue,CodeInjectionIssue,CommandInjectionIssue,CustomIssue,DropbearCLIArgumentIssue,ELFMissingCanaryIssue,ELFMissingFortifyIssue,ELFMissingFullRelROIssue,ELFMissingImmediateBindingIssue,ELFMissingNXIssue,ELFNonPICIssue,ELFNonStrippedIssue,FileInclusionIssue,FormatStringIssue,HardcodedAccountPasswordIssue,HardcodedCredentialIssue,HardcodedPrivateKeyCertificateIssue,HardcodedSSHHostKeyIssue,HeaderInjectionIssue,InformationLeakageDSStoreIssue,InformationLeakagePHPInfoIssue,InformationLeakageSVNIssue,InformationLeakageVIMSwapIssue,InsecureDeserializationIssue,InsecureManagementProtocolIssue,InvalidCertificateIssue,LooseEqualityIssue,MaliciousSoftwareIssue,MissingPeerVerificationIssue,ObjectInstantiationIssue,ObsoleteProtocolIssue,OpenSSHDaemonOptionIssue,PathTraversalIssue,PlaintextCommunicationIssue,PrivateKeyIssue,PrivilegeEscalationIssue,SQLInjectionIssue,ScriptMissingPeerVerificationIssue,ScriptPlaintextCommunicationIssue,StackBufferOverflowIssue,StartDangerousServiceIssue,TestIssue,UnwantedSoftwareIssue,VulnerabilityPatternIssue,WeakCipherIssue,WeakCryptoIssue) |
| user | String |
| verificationError | Symbol (AKID_ISSUER_SERIAL_MISMATCH,AKID_SKID_MISMATCH,CHAIN_TOO_LONG,DIFFERENT_CRL_SCOPE,EXCLUDED_VIOLATION,EXPIRED,INVALID_CA,INVALID_EXTENSION,INVALID_NON_CA,INVALID_POLICY_EXTENSION,KEYUSAGE_NO_CERTSIGN,KEYUSAGE_NO_CRL_SIGN,KEYUSAGE_NO_DIGITAL_SIGNATURE,LOCAL_VERIFED,MISSING_ISSUER,MISSING_NOT_AFTER,MISSING_NOT_BEFORE,NO_EXPLICIT_POLICY,PERMITTED_VIOLATION,PROXY_CERTIFICATES_NOT_ALLOWED,PROXY_PATH_LENGTH_EXCEEDED,SELF_SIGNED,SIGNATURE_FAILURE,SUBJECT_ISSUER_MISMATCH,SUBTREE_MINMAX,UNABLE_TO_GET_CRL_ISSUER,UNHANDLED_CRITICAL_CRL_EXTENSION,UNHANDLED_CRITICAL_EXTENSION,UNKNOWN_ISSUER,UNNESTED_RESOURCE,UNSUPPORTED_EXTENSION_FEATURE) |
| version | String |
| vimVersion | String |
File¶
| Field name | Type |
|---|---|
| category | String |
| component.key | String |
| component.licenseExplanation | String |
| component.name | String |
| component.tag | Symbol (ANDROID,AUTOSAR,BOOTLOADER,CRYPTOGRAPHY,DISTRIBUTION,GO,JAR,JAVASCRIPT,LIBRARY,OS,PYTHON,QNX,RTOS) |
| component.update | String |
| component.version | String |
| elf.bits | Integer |
| elf.canary | Boolean |
| elf.compiler | String |
| elf.cpuFamily | String |
| elf.endian | Symbol (BIG, LITTLE) |
| elf.fortify | Boolean |
| elf.immediateBinding | Boolean |
| elf.interpreter | String |
| elf.loadAddress | Integer |
| elf.machine | String |
| elf.neededLibrary | String |
| elf.nx | Boolean |
| elf.pic | Boolean |
| elf.relro | Symbol (FULL, NO, PARTIAL) |
| elf.rpath | String |
| elf.static | Boolean |
| elf.stripped | Boolean |
| elf.symbol.exported | Boolean |
| elf.symbol.function | Boolean |
| elf.symbol.imported | Boolean |
| elf.symbol.name | String |
| elf.symbol.offset | Integer |
| elf.symbol.size | Integer |
| elf.symbol.static | Boolean |
| elf.symbol.variable | Boolean |
| entropy.blockSize | Integer |
| entropy.highest | Float |
| entropy.lowest | Float |
| entropy.mean | Float |
| magic | String |
| magicMime | String |
| md5 | String |
| meanEntropy | Float |
| name | String |
| path | String |
| sha1 | String |
| sha256 | String |
| size | Integer |
| stableKey | String |
| string | String |
| target | String |