Ubuntu Schema#
UbuntuCVEFeed#
Represents the Ubuntu Security CVE data feed. This is a root node that serves as the parent for all UbuntuCVE and UbuntuSecurityNotice nodes.
Field |
Description |
|---|---|
firstseen |
Timestamp of when a sync job first discovered this node |
lastupdated |
Timestamp of the last time the node was updated |
id |
The feed identifier |
name |
The name of the feed |
url |
The URL of the Ubuntu Security API |
UbuntuCVE::CVE#
Representation of a CVE from the Ubuntu Security API.
Ontology Mapping: This node has the extra label
CVEto enable cross-platform queries for CVEs across different feeds (e.g., NVD CVE feed nodes).
Field |
Description |
|---|---|
firstseen |
Timestamp of when a sync job first discovered this node |
lastupdated |
Timestamp of the last time the node was updated |
id |
Unique identifier, prefixed with |
cve_id |
The original CVE ID without prefix (e.g., |
description |
The CVE description |
ubuntu_description |
Ubuntu-specific description of the vulnerability |
priority |
Ubuntu’s priority rating (critical, high, medium, low, negligible) |
status |
The status of the CVE (e.g., active) |
cvss3 |
The CVSS v3 base score |
published |
The date the CVE was published |
updated_at |
The date the CVE was last updated |
codename |
Ubuntu release codename |
mitigation |
Mitigation information if available |
attack_vector |
CVSS v3 attack vector |
attack_complexity |
CVSS v3 attack complexity |
base_score |
CVSS v3 base score |
base_severity |
CVSS v3 base severity |
confidentiality_impact |
CVSS v3 confidentiality impact |
integrity_impact |
CVSS v3 integrity impact |
availability_impact |
CVSS v3 availability impact |
Relationships#
UbuntuCVE nodes are linked to their feed
(UbuntuCVEFeed)-[:RESOURCE]->(UbuntuCVE)
UbuntuSecurityNotice#
Representation of a Ubuntu Security Notice (USN) from the Ubuntu Security API.
Field |
Description |
|---|---|
firstseen |
Timestamp of when a sync job first discovered this node |
lastupdated |
Timestamp of the last time the node was updated |
id |
The USN ID (e.g., USN-6600-1) |
title |
The title of the security notice |
summary |
A brief summary of the notice |
description |
The full description of the notice |
published |
The date the notice was published |
notice_type |
The type of notice (e.g., USN) |
instructions |
Instructions for remediation |
is_hidden |
Whether the notice is hidden |
Relationships#
UbuntuSecurityNotice nodes are linked to their feed
(UbuntuCVEFeed)-[:RESOURCE]->(UbuntuSecurityNotice)UbuntuSecurityNotice addresses one or more CVEs
(UbuntuSecurityNotice)-[:ADDRESSES]->(UbuntuCVE)