-
As a very first test, we would like to convert `Document Publisher` alone from CVRF 1.2 to CSAF, by establishing a general read / write workflow.
- [x] Create first entrypoint for `cvrf2csaf.py` (`…
-
As part of #3, we already integrated a 1-to-1 mapping between a flat XML element (`DocumentPublisher`).
Here, we would go into the first recursive conversion: DocumentTracking
This will provide…
-
Searching for a single CVEId returns the whole list of security updates since 2016
curl -X GET "https://api.msrc.microsoft.com/Updates('CVE-2020-17160')?api-version=2020" -H "accept: application/js…
-
# Enhancement for the Use of the Category Attribute
This issue is quite wordy and may be split for processing into three issues.
But, it may help to provide the full picture initially better as a…
-
The README says some of the data sources are only licensed for non-commercial usage. It's difficult for me as a potential user to tell whether I can or cannot use trivy in a particular scenario.
It…
-
- Is this an issue with SCAP Workbench?
- If so, report it here: https://github.com/OpenSCAP/scap-workbench/issues
- Is this an issue with SCAP Security Guide (i.e., related to the content of sc…
-
Group directories by OS.
- suse
- cvrf
- debian
- tracker
- oval
- redhat
- securitydataapi
- oval
- oracle
- redhat
Then, we have to make sure these scripts work properly.
…
-
Hi Team,
I found one issue on the generating Trivy DB for SUSE Enterprise Server by using the latest code.
I used the latest code to generate an offline DB and use it to scan a SUSE Enterprise…
-
As discussed in the CSAF TC September 2020 monthly meeting, this issue has been opened to help the TC review the CSAF 2.0 Documentation Draft "Conformance" Section (section 5).
I have included the …
-
We should provide some guidance how and where a publisher should provide the security advisories. This will also help the users to find the security advisories at a publisher’s / vendor’s website. Mor…