diff --git a/README.md b/README.md
index 612735a6e34..1ce3f4b645c 100644
--- a/README.md
+++ b/README.md
@@ -12,5 +12,6 @@ Documentation about this format is available at https://cveproject.github.io/cve
A mindmap version of the CVE record structure is at https://cveproject.github.io/cve-schema/schema/v5.0/docs/mindmap.html
-A basic example record in 5.0 format is available at https://github.com/cveproject/cve-schema/blob/master/schema/v5.0/docs/basic-example.json
+A basic example record in 5.0 format with minimally required fields is available at https://github.com/cveproject/cve-schema/blob/master/schema/v5.0/docs/basic-example.json
+An advanced example record in 5.0 format is available at https://github.com/cveproject/cve-schema/blob/master/schema/v5.0/docs/advanced-example.json
diff --git a/schema/v5.0/docs/advanced-example.json b/schema/v5.0/docs/advanced-example.json
new file mode 100644
index 00000000000..f91154fecd7
--- /dev/null
+++ b/schema/v5.0/docs/advanced-example.json
@@ -0,0 +1,310 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.0",
+ "cveMetadata": {
+ "id": "CVE-1337-1234",
+ "assigner": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6",
+ "assignerShortName": "example",
+ "requester": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6",
+ "serial": 1,
+ "state": "PUBLISHED"
+ },
+ "containers": {
+ "cna": {
+ "providerMetadata": {
+ "id": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6",
+ "shortName": "example",
+ "title": "Buffer overflow in Example Enterprise allows Privilege Escalation.",
+ "datePublic": "2021-09-08T16:24:00.000Z",
+ "updated": "2021-09-08T16:24:00.000Z"
+ },
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "lang": "en",
+ "cweId": "CWE-78",
+ "description": "CWE-78 OS Command Injection",
+ "type": "CWE"
+ }
+ ]
+ }
+ ],
+ "impacts": [
+ {
+ "capecId": "CAPEC-233",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "CAPEC-233 Privilege Escalation"
+ }
+ ]
+ }
+ ],
+ "affected": [
+ {
+ "vendor": "Example.org",
+ "product": "Example Enterprise",
+ "platforms": [
+ "Windows",
+ "MacOS",
+ "XT-4500"
+ ],
+ "collectionURL": "https://example.org/packages",
+ "packageName": "example_enterprise",
+ "repo": "git://example.org/source/example_enterprise",
+ "modules": [
+ "Web-Management-Interface"
+ ],
+ "programFiles": [
+ "git://example.org/source/example_enterprise/example.php"
+ ],
+ "programRoutines": [
+ {
+ "name": "parseFilename"
+ }
+ ],
+ "versions": [
+ {
+ "version": "1.0.0",
+ "status": "affected",
+ "lessThan": "1.0.6",
+ "versionType": "semver"
+ },
+ {
+ "version": "2.1.0",
+ "status": "unaffected",
+ "lessThan": "2.1.*",
+ "changes": [
+ {
+ "at": "2.1.6",
+ "status": "affected"
+ },
+ {
+ "at": "2.1.9",
+ "status": "unaffected"
+ }
+ ],
+ "versionType": "semver"
+ },
+ {
+ "version": "3.0.0",
+ "status": "unaffected",
+ "lessThan": "*",
+ "versionType": "semver"
+ }
+ ],
+ "defaultStatus": "unaffected"
+ }
+ ],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges. This issue affects: 1.0 versions before 1.0.6, 2.1 versions from 2.16 until 2.1.9.",
+ "supportingMedia": [
+ {
+ "type": "text/html",
+ "base64": false,
+ "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges.
This issue affects:
- 1.0 versions before 1.0.6
- 2.1 versions from 2.16 until 2.1.9.
"
+ }
+ ]
+ },
+ {
+ "lang": "eo",
+ "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn. Ĉi tiu afero efikas: 1.0-versioj antaŭ 1.0.6, 2.1-versioj de 2.16 ĝis 2.1.9.",
+ "supportingMedia": [
+ {
+ "type": "text/html",
+ "base64": false,
+ "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise ĉe Windows, macOS kaj XT-4500 permesas al malproksimaj neaŭtentikigitaj atakantoj eskaladi privilegiojn.
Ĉi tiu afero efikas:
- 1.0-versioj antaŭ 1.0.6
- 2.1-versioj de 2.16 ĝis 2.1.9.
"
+ }
+ ]
+ }
+ ],
+ "metrics": [
+ {
+ "format": "CVSS",
+ "scenarios": [
+ {
+ "lang": "en",
+ "value": "GENERAL"
+ }
+ ],
+ "cvssV3_1": {
+ "version": "3.1",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH",
+ "baseScore": 9.8,
+ "baseSeverity": "CRITICAL",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ },
+ {
+ "format": "CVSS",
+ "scenarios": [
+ {
+ "lang": "en",
+ "value": "If the enhanced host protection mode is turned on, this vulnerability can only be exploited to run os commands as user 'nobody'. Privilege escalation is not possible."
+ }
+ ],
+ "cvssV3_1": {
+ "version": "3.1",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "availabilityImpact": "LOW",
+ "baseScore": 7.3,
+ "baseSeverity": "HIGH",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ }
+ ],
+ "solutions": [
+ {
+ "lang": "en",
+ "value": "This issue is fixed in 1.0.6, 2.1.9, and 3.0.0 and all later versions.",
+ "supportingMedia": [
+ {
+ "type": "text/html",
+ "base64": false,
+ "value": "This issue is fixed in 1.0.6, 2.1.9, and 3.0.0 and all later versions."
+ }
+ ]
+ }
+ ],
+ "workarounds": [
+ {
+ "lang": "en",
+ "value": "Disable the web management interface with the command\n> service disable webmgmt",
+ "supportingMedia": [
+ {
+ "type": "text/html",
+ "base64": false,
+ "value": "Disable the web management interface with the command
> service disable webmgmt
"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "lang": "en",
+ "value": "Web management interface should be enabled.\n> service status webmgmt\nwebmgmt running",
+ "supportingMedia": [
+ {
+ "type": "text/html",
+ "base64": false,
+ "value": "Web management interface should be enabled.
> service status webmgmt
webmgmt running
"
+ }
+ ]
+ }
+ ],
+ "exploits": [
+ {
+ "lang": "en",
+ "value": "Example.org is not aware of any malicious exploitation of the issue however exploits targeting this issue are publicly available.",
+ "supportingMedia": [
+ {
+ "type": "text/html",
+ "base64": false,
+ "value": "Example.org is not aware of any malicious exploitation of the issue however exploits targeting this issue are publicly available."
+ }
+ ]
+ }
+ ],
+ "timeline": [
+ {
+ "time": "2001-09-01T07:31:00.000Z",
+ "lang": "en",
+ "value": "Issue discovered by Alice using Acme Autofuzz"
+ },
+ {
+ "time": "2021-09-02T16:36:00.000Z",
+ "lang": "en",
+ "value": "Confirmed by Bob"
+ },
+ {
+ "time": "2021-09-07T16:37:00.000Z",
+ "lang": "en",
+ "value": "Fixes released"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Alice",
+ "type": "finder"
+ },
+ {
+ "lang": "en",
+ "value": "Bob",
+ "type": "analyst"
+ },
+ {
+ "lang": "en",
+ "value": "Acme Autofuzz",
+ "type": "tool"
+ }
+ ],
+ "references": [
+ {
+ "url": "https://example.org/ESA-22-11-CVE-1337-1234",
+ "name": "ESA-22-11",
+ "tags": [
+ "vendor-advisory"
+ ]
+ },
+ {
+ "url": "https://example.com/blog/alice/pwning_example_enterprise",
+ "name": "Pwning Example Enterprise",
+ "tags": [
+ "technical-description",
+ "third-party-advisory"
+ ]
+ },
+ {
+ "url": "https://example.org/bugs/EXAMPLE-1234",
+ "name": "EXAMPLE-1234",
+ "tags": [
+ "issue-tracking"
+ ]
+ },
+ {
+ "url": "https://example.org/ExampleEnterprise",
+ "tags": [
+ "product"
+ ]
+ }
+ ],
+ "source": {
+ "defects": [
+ "EXAMPLE-1234"
+ ],
+ "advisory": "ESA-22-11",
+ "discovery": "EXTERNAL"
+ },
+ "taxonomyMappings": [
+ {
+ "taxonomyName": "ATT&CK",
+ "taxonomyVersion": "v9",
+ "taxonomyRelations": [
+ {
+ "taxonomyId": "T1190",
+ "relationshipName": "mitigated by",
+ "relationshipValue": "M1048"
+ }
+ ]
+ }
+ ]
+ }
+ }
+ }
\ No newline at end of file
diff --git a/schema/v5.0/docs/basic-example.json b/schema/v5.0/docs/basic-example.json
index fca64e1b026..d26ba3d36ef 100644
--- a/schema/v5.0/docs/basic-example.json
+++ b/schema/v5.0/docs/basic-example.json
@@ -1 +1,52 @@
-["to be generated"]
\ No newline at end of file
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.0",
+ "cveMetadata": {
+ "id": "CVE-1337-1234",
+ "assigner": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6",
+ "state": "PUBLISHED"
+ },
+ "containers": {
+ "cna": {
+ "providerMetadata": {
+ "id": "b3476cb9-2e3d-41a6-98d0-0f47421a65b6"
+ },
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "lang": "en",
+ "description": "CWE-78 OS Command Injection"
+ }
+ ]
+ }
+ ],
+ "affected": [
+ {
+ "vendor": "Example.org",
+ "product": "Example Enterprise",
+ "versions": [
+ {
+ "version": "1.0.0",
+ "status": "affected",
+ "lessThan": "1.0.6",
+ "versionType": "semver"
+ }
+ ],
+ "defaultStatus": "unaffected"
+ }
+ ],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, MacOS and XT-4500 allows remote unauthenticated attackers to escalate privileges.\n\nThis issue affects:\n * 1.0 versions before 1.0.6\n * 2.1 versions from 2.16 until 2.1.9."
+ }
+ ],
+ "references": [
+ {
+ "url": "https://example.org/ESA-22-11-CVE-1337-1234"
+ }
+ ]
+ }
+ }
+ }
\ No newline at end of file