The Google Security Blog announces
the release of a schema intended to describe vulnerabilities in a
project-independent manner:

With this schema we hope to define a format that all vulnerability
databases can export. A unified format means that vulnerability
databases, open source users, and security researchers can easily
share tooling and consume vulnerabilities across all of open
source. This means a more complete view of vulnerabilities in open
source for everyone, as well as faster detection and remediation
times resulting from easier automation.

This schema is already being provided by a number projects, including Go,
Rust, Python, DWF, and OSS-Fuzz.

Source: LWN.net – Google’s open-source vulnerability schema