diff --git a/CHANGELOG.md b/CHANGELOG.md
index c123a06da..8f517d80a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -42,7 +42,7 @@ Thankyou! -->
## [Unreleased]
### Added
-* #### Dictionary Attributes
+* #### Dictionary Attributes
1. Added `boot_uid` as a `string_t`. [#1335](https://github.com/ocsf/ocsf-schema/pull/1335)
1. Added `raw_data_size` as a `long_t`. [#1347](https://github.com/ocsf/ocsf-schema/pull/1347)
1. Added `assessments` as an array of `assessment` objects. #1343
@@ -50,10 +50,9 @@ Thankyou! -->
1. Added `display_name` attribute as a `string_t`. [#1341](https://github.com/ocsf/ocsf-schema/pull/1341)
1. Added `is_directed` as a `boolean_t`, `relation` as a `string_t`, `query_language` & `query_language_id` a sibling pair. #1343
1. Added `resource_relationship` of type `graph`, `nodes` of type `node`, `edges` of type `edge`. #1343
- 1. Added `meets_criteria` as a `boolean_t`. #1343
+ 1. Added `fix_coverage` as `string_t` and `fix_coverage_id` as `int_t`. #1350
1. Added `eid`, `iccid`, and `meid` as `string_t`. #1346
1. Added `is_backed_up`, `is_mobile_account_active`, and `is_shared` as `boolean_t`. #1346
-
* #### Objects
1. Added `assessment` object to capture evaluations/assessments of configurations/signals. #1343
1. Added `node`, `edge`, `graph` objects. #1343
@@ -71,9 +70,9 @@ Thankyou! -->
1. Added `data` to `policy` object. #1343
1. Added `display_name` attribute to the `user` and `ldap_person` objects. [#1341](https://github.com/ocsf/ocsf-schema/pull/1341)
1. Added `resource_relationship` to `resource_details` object. #1343
+ 1. Added `fix_coverage`, `fix_coverage_id` to `vulnerability` object. #1350
1. Added `eid`, `iccid`, `is_backed_up`, `is_mobile_account_active`, `is_shared`, and `meid` to `device`. #1346
1. Added `is_backed_up` to `resource_details`. #1346
-
### Misc
1. Updated description of `config_state` to reflect the addition of the `assessments` object. #1343
diff --git a/dictionary.json b/dictionary.json
index ff6a3a2ef..32ac0dc63 100644
--- a/dictionary.json
+++ b/dictionary.json
@@ -2327,6 +2327,26 @@
"since": "1.1.0"
}
},
+ "fix_coverage": {
+ "caption": "Fix Coverage",
+ "description": "The fix coverage, normalized to the caption of the fix_coverage_id value. See specific usage.",
+ "type": "string_t"
+ },
+ "fix_coverage_id": {
+ "caption": "Fix Coverage ID",
+ "description": "The normalized identifier for fix coverage. See specific usage.",
+ "type": "integer_t",
+ "enum":{
+ "0": {
+ "caption": "Unknown",
+ "description": "The fix coverage is unknown."
+ },
+ "99": {
+ "caption": "Other",
+ "description": "The fix coverage is not mapped. See the fix_coverage attribute, which contains a data source specific value."
+ }
+ }
+ },
"fixed_in_version": {
"caption": "Fixed In Version",
"description": "The software package version in which a reported vulnerability was patched/fixed.",
diff --git a/objects/vulnerability.json b/objects/vulnerability.json
index a92965c1a..fe9671316 100644
--- a/objects/vulnerability.json
+++ b/objects/vulnerability.json
@@ -35,6 +35,28 @@
"fix_available": {
"requirement": "optional"
},
+ "fix_coverage": {
+ "description": "The fix coverage, normalized to the caption of the fix_coverage_id value.",
+ "requirement": "optional"
+ },
+ "fix_coverage_id": {
+ "description": "The normalized identifier for fix coverage, applicable to this vulnerability. Typically useful, when there are multiple affected packages but only a subset have available fixes.",
+ "requirement": "optional",
+ "enum":{
+ "1": {
+ "caption": "Complete",
+ "description": "All affected packages and components have available fixes or patches to remediate the vulnerability."
+ },
+ "2": {
+ "caption": "Partial",
+ "description": "Only some of the affected packages and components have available fixes or patches, while others remain vulnerable."
+ },
+ "3": {
+ "caption": "None",
+ "description": "No fixes or patches are currently available for any of the affected packages and components."
+ }
+ }
+ },
"is_exploit_available": {
"requirement": "optional"
},