JSON 1.1 Vulnerability Feed

Due to changes required to support CVSS v3.1 scoring, the JSON vulnerability feeds must be modified. This will require the consumers of this data to update their internal processes. We will be providing the JSON 1.1 schema on the data feeds page and the information below to prepare for this transition. In addition to the CVSS v3.1 support, we are also removing the data provided in the affects section as this was not providing the level of CPE detail necessary.  Instead, please refer to the CPE Match Feed (https://nvd.nist.gov/vuln/data-feeds#cpeMatch).  This was released in July for a much richer data set. The CPE Match Feed announcement can be read at https://nvd.nist.gov/general/News/CPE-Match-Feed-1-0-Release. The JSON 1.1 data feeds will be available on September 9th, 2019.  At that time the current JSON 1.0 data feeds will no longer available.

Schema files:

These are the schema files for the 1.1 feeds. Please note that these are currently labled as "beta". We will be releasing the schemas without references to "beta" on September 9th.

Changes from JSON 1.0 to 1.1 Vulnerability Feeds:                                "version": {
                               "description": "CVSS Version",
                               "type": "string",
                               "enum": [ "3.0", "3.1" ]
                                }                                 "vectorString": {
                                 "type": "string",
                                "pattern": "^CVSS:3.[01]/((AV:[NALP]...
                                  "required": [ "data_type", "data_format", "data_version", "CVE_data_meta", "affects", "problemtype", "references", "description" ],