-
CVRF CSAF 1.2 had some information about the language which was hidden in the notes and applied only for specific elements. We can either:
1. define that if such elements exist, the `lang` should be …
-
EPIC: #10
## CVRF 1.2
[Oasis v1.2 -> Aggregate Severity]http://docs.oasis-open.org/csaf/csaf-cvrf/v1.2/cs01/csaf-cvrf-v1.2-cs01.html#_Toc493508891)
## [Oasis implementation view CSAF v2](http…
-
In CVRF CSAF 1.2, we defined vulnerability according to ISO 29147. Currently, we do not have any definition in the document. Therefore, I suggest to either use that from ISO 29174 (which is currently …
-
As discussed here:
https://github.com/csaf-tools/CVRF-CSAF-Converter/issues/14#issuecomment-1039012590
Integrate the mandatory tests into cvrf2csaf.py:
https://github.com/sthagen/turvallisuus…
-
Researching for a complete changelog between CVRF 1.2 and CSAF 2.0, we could not find a complete list.
Therefore, [we asked in Oasis TCS CSAF project](https://github.com/oasis-tcs/csaf/issues/127#i…
-
While working on Vulnerabilities section I noticed the following discrepancy in CVRF:
In the [specification of CVRF 1.2](http://docs.oasis-open.org/csaf/csaf-cvrf/v1.2/cs01/csaf-cvrf-v1.2-cs01.html#_…
-
Currently, it seems to be unclear whether consecutive characters which should be replaced by an `_` get one or multiple `_`.
Example: `Hans Peter_Hase 010-10==?/1,+-`
1. Multiple: `hans_peter_ha…
-
Querying a recently issued CVE, for example CVE-2021-40449 (Released October 12th, 2021), appears to only return the minimal data available from NVD NIST and does NOT include additional data that is a…
-
The current [section 2.1](https://docs.oasis-open.org/csaf/csaf/v2.0/cs01/csaf-v2.0-cs01.html#21-construction-principles) provides a sentence (paragraph 7 counting the list as wun para) that might be …
-
Since a few days ago "Get-MsrcCvrfDocument -ID 2022-Jan" is not returning the expected result of a CVRF Document "January 2022 Security Updates" but instead returns "January 2022 Early Security Releas…