-
The object "product_status" should have a least one property as stated in the specification of CVRF 1.2 (see CSAF-6.10-1).
-
The field "type" in items of the array "remediations" should be required as stated in the specification of CVRF 1.2 (see https://docs.oasis-open.org/csaf/csaf-cvrf/v1.2/cs01/csaf-cvrf-v1.2-cs01.html#…
-
The current version of the CSAF CVRF parser supports CVRF 1.2 (XML) only. It does not support the CSAF 2.0 JSON draft schema. This should be reflected in the README.md documentation.
-
https://www.suse.com/support/security/cvrf/
-
The fields "document":"tracking":"version" and "document":"tracking":"revision_history" are not listed as required in CSAF 2.0 (https://github.com/oasis-tcs/csaf/blob/master/sandbox/csaf_2.0/json_sche…
-
**Describe the bug**
There appears to be a significant number of advisories without version information. These advisories sometimes have linked bug pages with some affected versions on them, but this…
-
Looks like the CVSS information is not encoded using the recommended JSON format:
https://github.com/oasis-tcs/csaf/blob/2803752b3012bd7ad49f68acbc6cce0f78833835/sandbox/csaf_2.0/json_schema/csaf_jso…
-
This issue has been opened to change the CVSS "score sets" in CVRF 1.2 to "scores" in CSAF 2.0.
-
Create a new CSAF 2.0 parser to test the draft CSAF 2.0 documents.
-
This issue has been created to collect feedback on the [CSAF 2.0 JSON schema draft](https://github.com/oasis-tcs/csaf/blob/master/sandbox/csaf_2.0/json_schema/csaf_json_schema.json) Product Tree sect…