specification icon indicating copy to clipboard operation
specification copied to clipboard
Published 3 weeks ago verified publisher icon CycloneDX

Addition of timestamps to analysis in VEX

Open msymons opened this issue 3 years ago • 0 comments

I would like to see the specification support analysis timestamps in VEX

There are timestamps for each vulnerability:

  • created
  • published
  • updated

Without a timestamp for analysis, it is not possible to determine if (for example) analysis was performed BEFORE the vulnerability was updated. This can really matter in cases where understanding of a vulnerability can change hugely after it was first published.

msymons avatar Apr 27 '22 10:04 msymons