Skip to content

Fields

These elements stand for a context-specific chunk of information in the database; they narrow down the search results. There are four types of field elements: CVEMatch, firmware, issue, and file.

For example, to search for all issues that have a high severity field, use:

 severity = HIGH

Different field types have different types of information stored in the system. For example, firmware related items do not have a severity field, so the above query would be invalid for a firmware-related search, and would result in an error.

Info

The field element must be followed by a compatible operator, which in turn defines the value type. For example, the CONTAINS operator can only be preceded by a vector field and the type of the value has to match the vector's type.

List of fields

CVEMatch

Field name Type
component.key String
component.licenseExplanation String
component.name String
component.tags
(vector field)		 Symbol (CRYPTOGRAPHY,
BOOTLOADER,
OS,
JAR,
RTOS,
JAVASCRIPT,
PYTHON,
GO,
DISTRIBUTION,
LIBRARY,
AUTOSAR)
component.update String
component.version String
cve.cvss2.baseScore Float
cve.cvss2.exploitabilityScore Float
cve.cvss2.impactScore Float
cve.cvss2.vector String
cve.cvss3.baseScore Float
cve.cvss3.exploitabilityScore Float
cve.cvss3.impactScore Float
cve.cvss3.vector String
cve.description String
cve.epssPercentile Float
cve.epssProbability Float
cve.exploitMaturity Symbol (HIGH, FUNCTIONAL, POC, NOT_DEFINED, UNPROVEN)
cve.id String
cve.name String
cve.references.name String
cve.references.source String
cve.references.tags
(vector field)		 String
cve.references.url String
cve.severity Symbol (CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL)
id UUID
score Integer
stableKey String
status Symbol (ACCEPTED_RISK, DEFERRED, FALSE_POSITIVE, FIXED, FOCUS, NONE)

Firmware

Field name Type
binary.md5 String
binary.originalFilename String
binary.sha1 String
binary.sha256 String
binary.uploadSize Integer
enableMonitoring Boolean
id UUID
labels
(vector field)		 String
name String
notes String
product.category String
product.id UUID
product.name String
product.vendor String
uploader String
version String

Issue

Field name Type
certificate.fingerprintSha1 String
certificate.fingerprintSha256 String
certificate.issuer String
certificate.signatureAlgorithmOid String
certificate.subject String
commands
(vector field)		 String
confidence Symbol (HIGH, MODERATE, LOW)
credentialType Symbol (AWS_CREDENTIALS,
CURL_COMMAND,
JSON_FILE,
OPENSSL_COMMAND,
PYTHON_FILE,
SSHPASS_COMMAND,
WGETRC_FILE,
WGET_COMMAND,
BASIC_AUTH)
cvss3.attackComplexity Symbol (LOW, MEDIUM, HIGH)
cvss3.attackVector Symbol (NETWORK, ADJACENT_NETWORK, LOCAL, PHYSICAL)
cvss3.availabilityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss3.baseScore Float
cvss3.confidentialityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss3.exploitMaturity Symbol (HIGH, FUNCTIONAL, POC, NOT_DEFINED, UNPROVEN)
cvss3.integrityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss3.overallScore Float
cvss3.privilegesRequired Symbol (NONE, LOW, HIGH)
cvss3.remediationLevel Symbol (NOT_DEFINED, OFFICIAL_FIX, TEMPORARY_FIX, WORKAROUND, UNAVAILABLE)
cvss3.reportConfidence Symbol (NOT_DEFINED, UNKNOWN, REASONABLE, CONFIRMED)
cvss3.scope Symbol (UNCHANGED, CHANGED)
cvss3.severity Symbol (CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL)
cvss3.temporalScore Float
cvss3.userInteraction Symbol (NONE, REQUIRED, PASSIVE, ACTIVE)
cvss3.vector String
cvss4.attackComplexity Symbol (LOW, MEDIUM, HIGH)
cvss4.attackRequirements Symbol (NONE, PRESENT)
cvss4.attackVector Symbol (NETWORK, ADJACENT_NETWORK, LOCAL, PHYSICAL)
cvss4.availabilityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss4.baseScore Float
cvss4.confidentialityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss4.integrityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss4.privilegesRequired Symbol (NONE, LOW, HIGH)
cvss4.severity Symbol (CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL)
cvss4.subsequentAvailabilityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss4.subsequentConfidentialityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss4.subsequentIntegrityImpact Symbol (NONE, LOW, HIGH, COMPLETE, PARTIAL)
cvss4.userInteraction Symbol (NONE, REQUIRED, PASSIVE, ACTIVE)
cvss4.vector String
description String
error String
exponent Integer
file.category String
file.magic String
file.magicMime String
file.md5 String
file.meanEntropy Float
file.name String
file.path String
file.sha1 String
file.sha256 String
file.size Integer
file.stableKey String
file.target String
hash String
hashType Symbol (APACHE_MD5, DES_CRYPT, MD5_CRYPT, SHA256_CRYPT, SHA512_CRYPT)
host String
hosts
(vector field)		 String
id UUID
info String
keyLength Integer
keyType String
line String
md5Fingerprint String
missmatchType Symbol (PUBKEY_CHANGED, RENEWED, SIGNATURE_CHANGED, UNKNOWN)
name String
originalFilename String
password String
passwordType Symbol (CHPASSWD_COMMAND, EMPTY_PASSWORD, HASHED_PASSWORD, HTACCESS_FILE)
privateKey.keySize Integer
privateKey.keyType String
privateKey.publicKey String
privateKey.sshFingerprintMd5 String
privateKey.sshFingerprintSha256 String
privateKey.sshPublicKey String
severity Symbol (CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL)
sha256Fingerprint String
signatureName String
signatureOid String
stableKey String
status Symbol (ACCEPTED_RISK, DEFERRED, FALSE_POSITIVE, FIXED, FOCUS, NONE)
targetUsers
(vector field)		 String
type Symbol (AndroidConfigurationPropertyIssue,
AuthorizedKeyIssue,
BinaryStartDangerousServiceIssue,
CertificateCAVerificationFailedIssue,
CertificateExpiredIssue,
CertificateKeyLengthIssue,
CertificateRSAPublicExponentIssue,
CertificateSignatureIssue,
CertificateTrustedCAMissmatchIssue,
CertificateVerificationFailedIssue,
CertificateVersionIssue,
CodeInjectionIssue,
CommandInjectionIssue,
CustomIssue,
DropbearCLIArgumentIssue,
ELFMissingCanaryIssue,
ELFMissingFullRelROIssue,
ELFMissingImmediateBindingIssue,
ELFMissingFortifyIssue,
ELFMissingNXIssue,
ELFNonPICIssue,
ELFNonStrippedIssue,
FileInclusionIssue,
FormatStringIssue,
HardcodedAccountPasswordIssue,
HardcodedCredentialIssue,
HardcodedPrivateKeyCertificateIssue,
HardcodedSSHHostKeyIssue,
HeaderInjectionIssue,
InformationLeakageDSStoreIssue,
InformationLeakagePHPInfoIssue,
InformationLeakageSVNIssue,
InformationLeakageVIMSwapIssue,
InsecureDeserializationIssue,
InsecureManagementProtocolIssue,
InvalidCertificateIssue,
LooseEqualityIssue,
MaliciousSoftwareIssue,
MissingPeerVerificationIssue,
ObjectInstantiationIssue,
ObsoleteProtocolIssue,
OpenSSHDaemonOptionIssue,
PathTraversalIssue,
PlaintextCommunicationIssue,
PrivateKeyIssue,
PrivilegeEscalationIssue,
ScriptMissingPeerVerificationIssue,
ScriptPlaintextCommunicationIssue,
SQLInjectionIssue,
StackBufferOverflowIssue,
StartDangerousServiceIssue,
TestIssue,
UnwantedSoftwareIssue,
VulnerabilityPatternIssue,
WeakCipherIssue,
WeakCryptoIssue)
user String
users
(vector field)		 String
verificationError Symbol (AKID_ISSUER_SERIAL_MISMATCH,
AKID_SKID_MISMATCH,
CHAIN_TOO_LONG,
DIFFERENT_CRL_SCOPE,
EXCLUDED_VIOLATION,
EXPIRED,
INVALID_CA,
INVALID_EXTENSION,
INVALID_NON_CA,
INVALID_POLICY_EXTENSION,
KEYUSAGE_NO_CERTSIGN,
KEYUSAGE_NO_CRL_SIGN,
KEYUSAGE_NO_DIGITAL_SIGNATURE,
LOCAL_VERIFED,
MISSING_ISSUER,
MISSING_NOT_AFTER,
MISSING_NOT_BEFORE,
NO_EXPLICIT_POLICY,
PERMITTED_VIOLATION,
PROXY_CERTIFICATES_NOT_ALLOWED,
PROXY_PATH_LENGTH_EXCEEDED,
SELF_SIGNED,
SIGNATURE_FAILURE,
SUBJECT_ISSUER_MISMATCH,
SUBTREE_MINMAX,
UNABLE_TO_GET_CRL_ISSUER,
UNHANDLED_CRITICAL_CRL_EXTENSION,
UNHANDLED_CRITICAL_EXTENSION,
UNKNOWN_ISSUER,
UNNESTED_RESOURCE,
UNSUPPORTED_EXTENSION_FEATURE)
version String
vimVersion String

File

Field name Type
category String
elf.bits Integer
elf.canary Boolean
elf.compiler String
elf.cpuFamily String
elf.endian Symbol (BIG, LITTLE)
elf.fortify Boolean
elf.immediateBinding Boolean
elf.interpreter String
elf.loadAddress Integer
elf.machine String
elf.neededLibraries
(vector field)		 String
elf.nx Boolean
elf.pic Boolean
elf.relro Symbol (FULL, PARTIAL, NO)
elf.rpath String
elf.static Boolean
elf.stripped Boolean
entropy.blockSize Integer
entropy.highest Float
entropy.lowest Float
entropy.mean Float
magic String
magicMime String
md5 String
meanEntropy Float
name String
path String
sha1 String
sha256 String
size Integer
stableKey String
target String