Common Security Advisory Framework Version 2.0

Approved: 29 Jun 2022

A language to exchange Security Advisories formulated in JSON. CSAF v2.0 is the definitive reference for the language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.d

Cybersecurity

Produced by:

OASIS Common Security Advisory Framework (CSAF) TC

Voting history:

June 2022

OASIS Standard:

Committee Specification 02

Editable source (md)
HTML
PDF

JSON schemas:
Aggregator
CSAF
Provider

Distribution ZIP file

Cite as:

[csaf-v2.0]

Common Security Advisory Framework Version 2.0. Edited by Langley Rock, Stefan Hagen, and Thomas Schmidt. 29 June 2022. OASIS Committee Specification 02. https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.0-cs02.html. Latest stage: https://docs.oasis-open.org/csaf/csaf/v2.0/csaf-v2.0.html.

The work of OASIS is supported by organizations from around the world. Members include:

View all our members