Within our vulnerability database, we typically include 2 separate dates known as the
published date and the
disclosed date for our vulnerabilities.
published date refers to the date and time of which we at Snyk have published the specific vulnerability.
disclosed date refers to the date and time of which the maintainer or source of the vulnerability has been published.
For example, when a source provides us with the date and time they first published a specific vulnerability, we would become our own
Some other situations occur when sources don't have an official publication date of a vulnerability, we try and default to the earliest known official publication date, such as the NVD disclosed timestamp.