Closed tellison closed 1 year ago
This generated entry looks wrong at the <cpe-tem> and <cpe-23> level
<cpe-tem>
<cpe-23>
File (Ref)
<cpe-item name="cpe:/a:eclipse:temurin:1"> <title xml:lang="en-US">Eclipse Temurin 11.0.12+7.1</title> <references> <reference href="https://github.com/adoptium/temurin11-binaries/releases/tag/jdk-11.0.12%2B7.1">artifacts</reference> <reference href="https://adoptium.net/temurin">website</reference> <reference href="https://eclipse.org">vendor</reference> </references> <cpe-23:cpe23-item name="cpe:2.3:a:eclipse:temurin:1:*:*:*:*:*:*:*"/> </cpe-item>
Looks like it is caused by the presence of jdk-11.0.12%2B7 and jdk-11.0.12%2B7.1 tags (respin?)
jdk-11.0.12%2B7
jdk-11.0.12%2B7.1
Since we already have an entry for temurin 11.0.12 I expect this should be 11.0.12.1, e.g.
11.0.12.1
<cpe-23:cpe23-item name="cpe:2.3:a:eclipse:temurin:11.0.12.1:*:*:*:*:*:*:*"/>
Maybe?
This generated entry looks wrong at the
<cpe-tem>and<cpe-23>levelFile (Ref)
Looks like it is caused by the presence of
jdk-11.0.12%2B7andjdk-11.0.12%2B7.1tags (respin?)Since we already have an entry for temurin 11.0.12 I expect this should be
11.0.12.1, e.g.<cpe-23:cpe23-item name="cpe:2.3:a:eclipse:temurin:11.0.12.1:*:*:*:*:*:*:*"/>Maybe?