This document describes the data structure of our Security Advisory documents. These advisories are extracted from trusted sources and contain detailed, structured information about discovered or patched vulnerabilities affecting software or hardware products.

🧱 Core Fields (All Security Advisories)

Field	Type	Description
`summary`	`string`	Short description of the advisory.
`title`	`string`	Title of the source advisory or article.
`published_date`	`string` (ISO 8601)	Date when the advisory was first published.
`last_updated_date`	`string` (ISO 8601)	Date of last update from the source.
`scraped_date`	`string` (ISO 8601)	When our system collected the data.
`url`	`string`	Link to the original advisory or page.
`publishing_company`	`string`	Name of the organization publishing the advisory.
`version_info`	`string`	Version or revision information (if available).
`classification`	`"Security Advisory"`	Always set to this value for this document type.

🛠 Vulnerability-Specific Fields

Field	Type	Description
`CVEs`	`List[string]`	CVE identifiers related to the advisory.
`solution`	`string`	Remediation or workaround details.
`vulnerable_products`	`List[string]`	Affected products (flat list).
`product_vendor`	`string`	Vendor of the affected product(s).
`references`	`List[string]`	List of related references and URLs.
`vendor_severity`	`string`	The severity rating from the vendor.

🧬 Product Features (Structured Affected Components)

This section provides a structured breakdown of affected components as extracted and normalized by AI.

"product_features": [
  {
    "vendor": "Fortinet",
    "product": "FortiOS",
    "version": ["7.2.0", "7.2.1", "7.2.2"],
    "criterias": {
      "operator": "AND",
      "criterion": [
        "< 7.2.5",
        ">= 7.2.0"
      ]
    },
    "resolution": {
      "product_fix": ["7.2.5"],
      "other_fix": ["Mitigation guidance available"]
    },
    "meta_data": [
      {
        "source_snippet": "FortiOS versions before 7.2.5 are affected",
        "confidence": "high"
      }
    ]
  }
]

Each entry contains:

vendor: Name of the vendor.
product: Product name.
version: List of explicitly affected versions.
criterias: Object with logical operator and individual version constraints.
resolution: Fix information separated into product-specific and alternative fixes.
meta_data: Array of metadata objects, such as source evidence and confidence level.

📊 Severity Ratings (Optional)

If severity is provided by the vendor or third parties:

"severities": [
  {
    "origin_name": "Vendor Advisory",
    "severity": "Critical"
  }
]

📈 CVSS Scores (Optional)

If a CVE includes CVSS scoring metadata:

"cvss": [
  {
    "cve_id": "CVE-2024-12345",
    "cvss_version": "3.1",
    "cvss_risk_assessment": "High",
    "cvss_score": {
      "value": 7.8,
      "label": "High"
    },
    "cvss_vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "parsed_cvss_vector": {
      "Attack Vector": "Network",
      "Attack Complexity": "Low",
      "Privileges Required": "None",
      "User Interaction": "None",
      "Scope": "Unchanged",
      "Confidentiality": "High",
      "Integrity": "High",
      "Availability": "High"
    }
  }
]

✅ Integration Guidance

Use classification == "Security Advisory" to detect relevant documents.
Parse cvss_vector or use cvss_score.label for risk level.
vulnerable_products is a flat list for fast filtering.
The solution field is always present, even if only to state "no fix available".
Dates follow ISO 8601 format (e.g., 2025-06-01T12:00:00Z).