Within our vulnerability database, we typically include 2 separate dates known as the published
date and the disclosed
date for our vulnerabilities.
published
date refers to the date and time of which we at Snyk have published the specific vulnerability.disclosed
date refers to the date and time of which the maintainer or source of the vulnerability has been published.
For example, when a source provides us with the date and time they first published a specific vulnerability, we would become our own disclosed
date.
Some other situations occur when sources don't have an official publication date of a vulnerability, we try and default to the earliest known official publication date, such as the NVD disclosed timestamp.