diff --git a/core/src/main/java/org/owasp/dependencycheck/reporting/SarifRule.java b/core/src/main/java/org/owasp/dependencycheck/reporting/SarifRule.java
index bca3a672c81..57a0f339ae1 100644
--- a/core/src/main/java/org/owasp/dependencycheck/reporting/SarifRule.java
+++ b/core/src/main/java/org/owasp/dependencycheck/reporting/SarifRule.java
@@ -596,18 +596,18 @@ public void setCvssv2IntegrityImpact(String cvssv2IntegrityImpact) {
}
/**
- * Get the value of CVSS2 Confidential Impact.
+ * Get the value of CVSS2 Confidentiality Impact.
*
- * @return the value of CVSS2 Confidential Impact
+ * @return the value of CVSS2 Confidentiality Impact
*/
public String getCvssv2ConfidentialityImpact() {
return cvssv2ConfidentialityImpact;
}
/**
- * Set the value of CVSS2 Confidential Impact.
+ * Set the value of CVSS2 Confidentiality Impact.
*
- * @param cvssv2ConfidentialityImpact new value of CVSS2 Confidential Impact
+ * @param cvssv2ConfidentialityImpact new value of CVSS2 Confidentiality Impact
*/
public void setCvssv2ConfidentialityImpact(String cvssv2ConfidentialityImpact) {
this.cvssv2ConfidentialityImpact = cvssv2ConfidentialityImpact;
diff --git a/core/src/main/resources/schema/dependency-check.4.0.xsd b/core/src/main/resources/schema/dependency-check.4.0.xsd
new file mode 100644
index 00000000000..e885b0b866e
--- /dev/null
+++ b/core/src/main/resources/schema/dependency-check.4.0.xsd
@@ -0,0 +1,285 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/core/src/main/resources/templates/jsonReport.vsl b/core/src/main/resources/templates/jsonReport.vsl
index b7b5044d8c9..ef96e2c37c7 100644
--- a/core/src/main/resources/templates/jsonReport.vsl
+++ b/core/src/main/resources/templates/jsonReport.vsl
@@ -207,7 +207,7 @@
,"accessVector": "$enc.json($vuln.cvssV2.cvssData.accessVector)"
,"accessComplexity": "$enc.json($vuln.cvssV2.cvssData.accessComplexity)"
,"authenticationr": "$enc.json($vuln.cvssV2.cvssData.authentication)"
- ,"confidentialImpact": "$enc.json($vuln.cvssV2.cvssData.confidentialityImpact)"
+ ,"confidentialityImpact": "$enc.json($vuln.cvssV2.cvssData.confidentialityImpact)"
,"integrityImpact": "$enc.json($vuln.cvssV2.cvssData.integrityImpact)"
,"availabilityImpact": "$enc.json($vuln.cvssV2.cvssData.availabilityImpact)"
,"severity": "$enc.json($vuln.cvssV2.cvssData.baseSeverity)"
@@ -284,7 +284,7 @@
,"accessVector": "$enc.json($vuln.cvssV2.cvssData.accessVector)"
,"accessComplexity": "$enc.json($vuln.cvssV2.cvssData.accessComplexity)"
,"authenticationr": "$enc.json($vuln.cvssV2.cvssData.authentication)"
- ,"confidentialImpact": "$enc.json($vuln.cvssV2.cvssData.confidentialityImpact)"
+ ,"confidentialityImpact": "$enc.json($vuln.cvssV2.cvssData.confidentialityImpact)"
,"integrityImpact": "$enc.json($vuln.cvssV2.cvssData.integrityImpact)"
,"availabilityImpact": "$enc.json($vuln.cvssV2.cvssData.availabilityImpact)"
,"severity": "$enc.json($vuln.cvssV2.cvssData.baseSeverity)"
diff --git a/core/src/main/resources/templates/xmlReport.vsl b/core/src/main/resources/templates/xmlReport.vsl
index 49555a2e553..c69fd4cc839 100644
--- a/core/src/main/resources/templates/xmlReport.vsl
+++ b/core/src/main/resources/templates/xmlReport.vsl
@@ -19,7 +19,7 @@ Copyright (c) 2018 Jeremy Long. All Rights Reserved.
@version 2.0
*#
-
+
$version
#foreach($prop in $properties.getMetaData().entrySet())
@@ -240,7 +240,7 @@ Copyright (c) 2018 Jeremy Long. All Rights Reserved.
#if($vuln.cvssV2.cvssData.accessVector)$enc.xml($vuln.cvssV2.cvssData.accessVector)#end
#if($vuln.cvssV2.cvssData.accessComplexity)$enc.xml($vuln.cvssV2.cvssData.accessComplexity)#end
#if($vuln.cvssV2.cvssData.authentication)$enc.xml($vuln.cvssV2.cvssData.authentication)#end
- #if($vuln.cvssV2.cvssData.confidentialityImpact)$enc.xml($vuln.cvssV2.cvssData.confidentialityImpact)#end
+ #if($vuln.cvssV2.cvssData.confidentialityImpact)$enc.xml($vuln.cvssV2.cvssData.confidentialityImpact)#end
#if($vuln.cvssV2.cvssData.integrityImpact)$enc.xml($vuln.cvssV2.cvssData.integrityImpact)#end
#if($vuln.cvssV2.cvssData.availabilityImpact)$enc.xml($vuln.cvssV2.cvssData.availabilityImpact)#end
#if($vuln.cvssV2.cvssData.baseSeverity)$enc.xml($vuln.cvssV2.cvssData.baseSeverity)#end
@@ -313,7 +313,7 @@ Copyright (c) 2018 Jeremy Long. All Rights Reserved.
#if($vuln.cvssV2.cvssData.accessVector)$enc.xml($vuln.cvssV2.cvssData.accessVector)#end
#if($vuln.cvssV2.cvssData.accessComplexity)$enc.xml($vuln.cvssV2.cvssData.accessComplexity)#end
#if($vuln.cvssV2.cvssData.authentication)$enc.xml($vuln.cvssV2.cvssData.authentication)#end
- #if($vuln.cvssV2.cvssData.confidentialityImpact)$enc.xml($vuln.cvssV2.cvssData.confidentialityImpact)#end
+ #if($vuln.cvssV2.cvssData.confidentialityImpact)$enc.xml($vuln.cvssV2.cvssData.confidentialityImpact)#end
#if($vuln.cvssV2.cvssData.integrityImpact)$enc.xml($vuln.cvssV2.cvssData.integrityImpact)#end
#if($vuln.cvssV2.cvssData.availabilityImpact)$enc.xml($vuln.cvssV2.cvssData.availabilityImpact)#end
#if($vuln.cvssV2.cvssData.baseSeverity)$enc.xml($vuln.cvssV2.cvssData.baseSeverity)#end
diff --git a/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java b/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
index c0f4f820b9c..5910f8c17c3 100644
--- a/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
+++ b/core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorIT.java
@@ -198,7 +198,7 @@ public void generateReport(Settings settings, File writeTo, File writeJsonTo, Fi
engine.writeReports("Test Report", "org.owasp", "dependency-check-core", "1.4.8", writeSarifTo, "SARIF", exceptions);
}
//Test XML
- InputStream xsdStream = ReportGenerator.class.getClassLoader().getResourceAsStream("schema/dependency-check.3.1.xsd");
+ InputStream xsdStream = ReportGenerator.class.getClassLoader().getResourceAsStream("schema/dependency-check.4.0.xsd");
StreamSource xsdSource = new StreamSource(xsdStream);
StreamSource xmlSource = new StreamSource(writeTo);
SchemaFactory sf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);