-
As it was mention in several issues already (#1100, #1079) it might be beneficial to add a "generic" [CSAF](https://docs.oasis-open.org/csaf/csaf/v2.0/csaf-v2.0.html) importer. This would help to inge…
-
**What would you like to be added**:
The RedHat provider currently uses the v2 OVAL files for RedHat vulnerability data; however, those will only continue to be updated until the end of 2024. We n…
-
Hi,
I wanted to know if the secvisogram supports CVSS V4?
And if not, if it's planned to be integrated?
Thanks
Eric
-
Currently, we only enforce that a `csaf_security_advisory` has at least one `product_status`. That allows the production of CSAF security advisories with all products in status `fixed`. One might impl…
-
Looking at #771, it might be helpful to add a profile to inform recipients that a specific document was superseded by a different one.
## Profile S: Superseded
This profile MUST be used for any …
-
Kay wants to **search** and then refine the inital search results by adding **filters**
until the wanted result subset is shown for CSAF documents.
Kay would understand if the initial search takes…
-
Introduce VEX Support to DejaCode
enhance data model to support a Product VEX List
provide Export capabilities to product VEX documents that comply with industry-recognized formats
Here…
-
Hi guys, this is not to report a bug but more a way of asking a question.
Context:
- I upload the sbom [quarkus-bom-3.2.11.Final-redhat-00001.json](https://github.com/user-attachments/files/16562…
-
CSAF team,
The CSAF scores object https://github.com/oasis-tcs/csaf/blob/164cad8c37edd1265900f6ca3ca3fa3ff84f1a2e/csaf_2.0/json_schema/csaf_json_schema.json#L1255 currently support cvss_v2 and cvss…
-
Export the results of the vulnerabilities triage and processing as CSAF VEX document