Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Date of First Known Exploitation (first_known_exploitation_date) #849

Open
santosomar opened this issue Dec 18, 2024 · 1 comment
Open

Date of First Known Exploitation (first_known_exploitation_date) #849

santosomar opened this issue Dec 18, 2024 · 1 comment
Labels
tc-discussion-needed

Comments

@santosomar
Copy link
Contributor

Consider the addition of Date of First Known Exploitation (first_known_exploitation_date)

Background information:

As discussed in today's meeting (2024-12-18) and as a follow up to Stefan's statement above, we will also create a new issue to address address the second element discussed here (Date of First Known Exploitation (first_known_exploitation_date)) in a separate issue.

The issue was further discussed during the 2024-12-18 TC meeting with focus on part 1 renaming the existing field release_date to disclosure_date. Omar moved to reinstate the field name for the date a vulnerability was first published from release_date to disclosure_date, Denny seconded. No discussion, no objections, the motion carries.

Originally posted by @santosomar in #782 (comment)
@santosomar santosomar changed the title As discussed in today's meeting (2024-12-18) and as a follow up to [Stefan's statement above](https://github.com/oasis-tcs/csaf/issues/782#issuecomment-2552050595), we will also create a new issue to address address the second element discussed here (Date of First Known Exploitation (first_known_exploitation_date)) in a separate issue. Date of First Known Exploitation (first_known_exploitation_date): Dec 18, 2024
@santosomar santosomar changed the title Date of First Known Exploitation (first_known_exploitation_date): Date of First Known Exploitation (first_known_exploitation_date) Dec 18, 2024
@santosomar
Copy link
Contributor Author

santosomar commented Dec 18, 2024
edited
Loading

Date of First Known Exploitation (first_known_exploitation_date)

  • Type: String of format date-time.
  • Definition: Records the date and time the vulnerability was first observed to be exploited in the wild. This is good for representing CISA KEVs, etc.
  • Exclusions: Does not include exploitation in lab or testing environments.

Rationale:
This should be an OPTIONAL field.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
tc-discussion-needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@santosomar