Cybersecurity
CSAF and VEX Workshop and Roundtable Discussions
StandardCommon Security Advisory Framework Version 2.0
A language to exchange Security Advisories formulated in JSON. CSAF v2.0 is the definitive reference for the language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.
Common Security Advisory Framework Version 2.0
A language to exchange Security Advisories formulated in JSON. CSAF v2.0 is the definitive reference for the language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.
Produced by:
OASIS Common Security Advisory Framework (CSAF) TCVoting history:
November 2022
Voting History for OASIS Standard, November 2022
Voting History for Approved Errata 01, January 2024
OASIS Standard:
OASIS Standard
JSON schemas:
Aggregator
CSAF
Provider
Approved Errata 01
Editable source (md)
HTML
PDF
JSON schemas:
Aggregator
CSAF
Provider
ZIP distribution files
Cite as:
[csaf-v2.0]
Common Security Advisory Framework Version 2.0. Edited by Langley Rock, Stefan Hagen, and Thomas Schmidt. 18 November 2022. OASIS Standard. https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html. Latest stage: https://docs.oasis-open.org/csaf/csaf/v2.0/csaf-v2.0.html.
[csaf-v2.0-errata01]
Common Security Advisory Framework Version 2.0 Errata 01. Edited by Langley Rock, Stefan Hagen, and Thomas Schmidt. 26 January 2024. OASIS Approved Errata. https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/csaf-v2.0-errata01-os.html. Latest stage: https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csaf-v2.0-errata01.html.
Common Security Advisory Framework Version 2.0 OASIS Standard is now published
Using CSAF to Respond to Supply Chain Vulnerabilities at Large Scale
Common Security Advisory Framework Version 2.0 approved as an OASIS Standard
New Version of CSAF Standard from OASIS Provides Vulnerability Exploitability Exchange and Enhances the Security for Software Bills of Materials (SBOMs) Ecosystem
EU Cybersecurity Act Conference
Call for Consent for Common Security Advisory Framework Version 2.0 as OASIS Standard
STIX™ Best Practices Guide Version 1.0.0 published by CTI TC
Open Command and Control (OpenC2) Architecture v1.0 approved as a Committee Specification
First STIX/TAXII 2.1 PlugFest Demonstrates Interoperability Between Cybersecurity Tools
No results with the selected filters