Skip to content

Commit

Permalink
Update schema.md
Browse files Browse the repository at this point in the history 
Signed-off-by: Oliver Chang <oliverchang@users.noreply.github.com>
  • Loading branch information
@oliverchang
oliverchang authored Nov 20, 2024
1 parent 591e0dc commit d588ce1
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion docs/schema.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -519,7 +519,8 @@ package(s). For example, if a CVE describes a vulnerability in a language
library, and a Linux distribution package contains that library and therefore
publishes an advisory, the distribution's OSV record must not list the CVE ID as
an alias. Similarly, distributions often bundle multiple upstream
vulnerabilities into a single record. `upstream` should be used in these cases.
vulnerabilities into a single record. To refer to these upstream
vulnerabilities, `upstream` should be used.

## upstream field

Expand Down

0 comments on commit d588ce1

Please sign in to comment.