github.com/CycloneDX/sbom-utility@v0.16.0/examples/cyclonedx/VEX/CISA-Use-Cases/Case-1/vex-fixed.json

github.com/CycloneDX/sbom-utility@v0.16.0/examples/cyclonedx/VEX/CISA-Use-Cases/Case-1/vex-fixed.json (about)

     1  {
     2    "bomFormat": "CycloneDX",
     3    "specVersion": "1.4",
     4    "version": 1,
     5    "metadata" : {
     6      "timestamp" : "2022-03-03T00:00:00Z",
     7      "component" : {
     8        "name" : "DEF",
     9        "version": "1.1",
    10        "type" : "application",
    11        "bom-ref" : "product-DEF"
    12      }
    13    },
    14    "vulnerabilities": [
    15      {
    16        "id": "CVE-2021-44228",
    17        "source": {
    18          "name": "NVD",
    19          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44228"
    20        },
    21        "analysis": {
    22          "state": "resolved",
    23          "detail": "This version of Product DEF has been fixed."
    24        },
    25        "affects": [
    26          {
    27            "ref": "product-DEF"
    28          }
    29        ]
    30      }
    31    ]
    32  }