Vulnerability Export Schema
Reference the vulnerability object schema and properties used in Mondoo JSONL exports.
This is the schema Mondoo uses when exporting vulnerability data to JSONL.
Vulnerability type
object
Vulnerability properties
| Property | Type | Required? | Nullable? |
|---|---|---|---|
| space_mrn | string | Yes | No |
| space_id | string | Yes | No |
| space_name | string | Yes | No |
| asset_id | string | Yes | No |
| asset_mrn | string | Yes | No |
| vuln_mrn | string | Yes | No |
| vuln_id | string | Yes | No |
| type | string | Yes | No |
| summary | string | Yes | No |
| cvss_score | integer | No | No |
| cvss_severity | string | No | No |
| first_detected_on | string | Yes | No |
| resolved_on | string | Yes | No |
| exported_at | string | Yes | No |
| risk_factors | JSON | No | Yes |
| references | JSON | No | Yes |
| base_score | integer | Yes | No |
| risk_score | integer | Yes | No |
space_mrn property
Mondoo identifier for the space containing the asset
space_mrn
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
space_id property
Unique identifier for the space containing the asset
space_id
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
space_name property
Name of the space containing the asset
space_name
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
asset_id property
Unique identifier for the asset
asset_id
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
asset_mrn property
Mondoo identifier for the asset
asset_mrn
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
vuln_mrn property
Mondoo identifier for the vulnerability
vuln_mrn
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
vuln_id property
Unique CVE number or advisory number
vuln_id
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
type property
The type of the vulnerability: CVE or Advisory
type
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
summary property
Brief summary of the vulnerability
summary
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
cvss_score property
CVSS score (0 to 10)
cvss_score
| Type | Required? | Nullable? |
|---|---|---|
| Integer | Yes | No |
cvss_severity property
CVSS severity (Critical, High, Medium, Low, None)
cvss_score
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
first_detected_on property
Timestamp from when the vulnerability was first detected. This is a date-time string matching RFC 3339, section 5.6.
first_detected_on
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
resolved_on property
Optional timestamp from when the vulnerability was resolved. This is a date-time string matching RFC 3339, section 5.6.
resolved_on
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
exported_at property
Timestamp from when this vulnerability data was exported. This is a date-time string matching RFC 3339, section 5.6.
exported_at
| Type | Required? | Nullable? |
|---|---|---|
| String | Yes | No |
risk_factors property
Read Risk Factors.
references property
CVE and advisory references
references
| Type | Required? | Nullable? |
|---|---|---|
| String | No | Yes |
base_score property
CVE or advisory score based on the most recent policy-based scan
base_score
| Type | Required? | Nullable? |
|---|---|---|
| Integer | Yes | No |
risk_score property
CVE or advisory's risk score
risk_score
| Type | Required? | Nullable? |
|---|---|---|
| Integer | Yes | No |