EXCEPTION of type 'IndexError' occurred with message: list index out of range
the oscap result xml has the following layout
<?xml version="1.0" encoding="UTF-8"?>
<oval_results xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns="http://oval.mitre.org/XMLSchema/oval-results-5" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-results-5 oval-results-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd">
<generator>
<oval:product_name>cpe:/a:open-scap:oscap</oval:product_name>
<oval:product_version>1.2.17</oval:product_version>
<oval:schema_version>5.11.1</oval:schema_version>
<oval:timestamp>2024-01-04T14:47:47</oval:timestamp>
<terms_of_use xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5">Copyright (C) 2024 Canonical LTD. All rights reserved. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for more details. You should have received a copy of the GNU General Public License version 3 along with this program. If not, see http://www.gnu.org/licenses/.</terms_of_use>
</generator>
<directives>
<definition_true reported="true" content="full"/>
<definition_false reported="true" content="full"/>
<definition_unknown reported="true" content="full"/>
<definition_error reported="true" content="full"/>
<definition_not_evaluated reported="true" content="full"/>
<definition_not_applicable reported="true" content="full"/>
</directives>
<oval_definitions xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:lin-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:win-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd">
<generator>
<oval:product_name>Canonical USN OVAL Generator</oval:product_name>
<oval:product_version>1</oval:product_version>
<oval:schema_version>5.11.1</oval:schema_version>
<oval:timestamp>2024-01-04T12:42:14</oval:timestamp>
<terms_of_use xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5">Copyright (C) 2024 Canonical LTD. All rights reserved. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for more details. You should have received a copy of the GNU General Public License version 3 along with this program. If not, see http://www.gnu.org/licenses/.</terms_of_use>
</generator>
<definitions>
<definition id="oval:com.ubuntu.jammy:def:991000000" version="1" class="patch">
<metadata>
<title>LSN-0099-1 -- Kernel Live Patch Security Notice</title>
<affected family="unix">
<platform>Ubuntu 22.04 LTS</platform>
</affected>
<reference source="USN" ref_id="LSN-0099-1" ref_url="https://ubuntu.com/security/notices/LSN-0099-1"/>
<reference source="CVE" ref_id="CVE-2023-42752" ref_url="https://ubuntu.com/security/CVE-2023-42752"/>
<reference source="CVE" ref_id="CVE-2023-3777" ref_url="https://ubuntu.com/security/CVE-2023-3777"/>
<reference source="CVE" ref_id="CVE-2023-3609" ref_url="https://ubuntu.com/security/CVE-2023-3609"/>
<reference source="CVE" ref_id="CVE-2023-42753" ref_url="https://ubuntu.com/security/CVE-2023-42753"/>
<reference source="CVE" ref_id="CVE-2023-4623" ref_url="https://ubuntu.com/security/CVE-2023-4623"/>
<reference source="CVE" ref_id="CVE-2023-3567" ref_url="https://ubuntu.com/security/CVE-2023-3567"/>
<reference source="CVE" ref_id="CVE-2023-40283" ref_url="https://ubuntu.com/security/CVE-2023-40283"/>
<reference source="CVE" ref_id="CVE-2023-5197" ref_url="https://ubuntu.com/security/CVE-2023-5197"/>
<reference source="CVE" ref_id="CVE-2023-3776" ref_url="https://ubuntu.com/security/CVE-2023-3776"/>
<reference source="CVE" ref_id="CVE-2023-4622" ref_url="https://ubuntu.com/security/CVE-2023-4622"/>
<reference source="CVE" ref_id="CVE-2023-4004" ref_url="https://ubuntu.com/security/CVE-2023-4004"/>
<reference source="CVE" ref_id="CVE-2023-34319" ref_url="https://ubuntu.com/security/CVE-2023-34319"/>
<reference source="CVE" ref_id="CVE-2022-3643" ref_url="https://ubuntu.com/security/CVE-2022-3643"/>
<reference source="CVE" ref_id="CVE-2023-31436" ref_url="https://ubuntu.com/security/CVE-2023-31436"/>
<description>...</description>
<advisory xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" from="security@ubuntu.com">
<severity>High</severity>
<issued date="2023-11-28"/>
<cve href="https://ubuntu.com/security/CVE-2023-42752" priority="high" public="20231013" cvss_score="5.5" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" cvss_severity="medium" usns="6439-1,6440-1,6441-1,6442-1,6443-1,6444-1,6445-1,6446-1,6440-2,6439-2,6441-2,6444-2,6445-2,6446-2,6440-3,6446-3,6441-3,6460-1,6466-1">CVE-2023-42752</cve>
<cve href="https://ubuntu.com/security/CVE-2023-3777" priority="high" public="20230803" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6315-1,6316-1,6318-1,6321-1,6325-1,6328-1,6330-1,6332-1,6348-1,6385-1">CVE-2023-3777</cve>
<cve href="https://ubuntu.com/security/CVE-2023-3609" priority="high" public="20230721" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6285-1,6315-1,6317-1,6318-1,6321-1,6324-1,6325-1,6328-1,6329-1,6330-1,6331-1,6332-1,6346-1,6348-1,6357-1,6385-1,6397-1">CVE-2023-3609</cve>
<cve href="https://ubuntu.com/security/CVE-2023-42753" priority="high" public="20230925" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6415-1,6439-1,6440-1,6441-1,6442-1,6444-1,6445-1,6446-1,6440-2,6439-2,6441-2,6444-2,6445-2,6446-2,6440-3,6446-3,6441-3,6466-1">CVE-2023-42753</cve>
<cve href="https://ubuntu.com/security/CVE-2023-4623" priority="high" public="20230906" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6415-1,6439-1,6440-1,6441-1,6442-1,6444-1,6445-1,6446-1,6440-2,6439-2,6441-2,6444-2,6445-2,6446-2,6440-3,6446-3,6441-3,6460-1,6466-1">CVE-2023-4623</cve>
<cve href="https://ubuntu.com/security/CVE-2023-3567" priority="high" public="20230724" cvss_score="7.1" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" cvss_severity="high" usns="6309-1,6327-1,6341-1">CVE-2023-3567</cve>
<cve href="https://ubuntu.com/security/CVE-2023-40283" priority="high" public="20230814" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6343-1,6383-1,6385-1,6386-1,6387-1,6388-1,6396-1,6387-2,6386-2,6386-3,6396-2,6396-3,6466-1">CVE-2023-40283</cve>
<cve href="https://ubuntu.com/security/CVE-2023-5197" priority="medium" public="20230927" cvss_score="6.6" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" cvss_severity="medium" usns="6443-1,6444-1,6445-1,6446-1,6444-2,6445-2,6446-2,6446-3,6454-1,6454-2,6466-1,6454-3,6454-4,6479-1">CVE-2023-5197</cve>
<cve href="https://ubuntu.com/security/CVE-2023-3776" priority="high" public="20230721" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6285-1,6309-1,6315-1,6317-1,6318-1,6321-1,6324-1,6325-1,6327-1,6328-1,6329-1,6330-1,6331-1,6332-1,6341-1,6342-1,6346-1,6348-1,6342-2,6357-1,6385-1,6397-1">CVE-2023-3776</cve>
<cve href="https://ubuntu.com/security/CVE-2023-4622" priority="high" public="20230906" cvss_score="7.0" cvss_vector="CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6415-1,6439-1,6440-1,6441-1,6442-1,6444-1,6445-1,6446-1,6440-2,6439-2,6441-2,6444-2,6445-2,6446-2,6440-3,6446-3,6441-3,6466-1">CVE-2023-4622</cve>
<cve href="https://ubuntu.com/security/CVE-2023-4004" priority="high" public="20230731" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6315-1,6316-1,6318-1,6321-1,6325-1,6328-1,6330-1,6332-1,6348-1,6385-1,6442-1">CVE-2023-4004</cve>
<cve href="https://ubuntu.com/security/CVE-2023-34319" priority="medium" public="20230809" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6343-1,6439-1,6440-1,6441-1,6442-1,6444-1,6445-1,6446-1,6440-2,6439-2,6441-2,6444-2,6445-2,6446-2,6440-3,6446-3,6441-3,6466-1">CVE-2023-34319</cve>
<cve href="https://ubuntu.com/security/CVE-2022-3643" priority="medium" public="20221207" cvss_score="6.5" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" cvss_severity="medium" usns="5794-1,5802-1,5803-1,5804-1,5804-2,5808-1,5813-1,5814-1,5829-1,5830-1,5831-1,5832-1,5860-1,5861-1,5863-1,5875-1,5877-1,5879-1,5918-1">CVE-2022-3643</cve>
<cve href="https://ubuntu.com/security/CVE-2023-31436" priority="high" public="20230428" cvss_score="7.8" cvss_vector="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" cvss_severity="high" usns="6127-1,6130-1,6131-1,6132-1,6135-1,6149-1,6150-1,6162-1,6173-1,6175-1,6186-1,6222-1,6256-1,6385-1,6460-1">CVE-2023-31436</cve>
</advisory>
</metadata>
<criteria>
<extend_definition definition_ref="oval:com.ubuntu.jammy:def:100" applicability_check="true" comment="Ubuntu 22.04 LTS (jammy) is installed."/>
<criteria operator="OR">
<criteria>
<criterion test_ref="oval:com.ubuntu.jammy:tst:9910000001" comment="Long Term Support"/>
<criterion test_ref="oval:com.ubuntu.jammy:tst:9910000000" comment="Long Term Support"/>
</criteria>
</criteria>
</criteria>
</definition>
...
Setup Ubuntu22.04 LTS Faraday 5.0.0 faraday-cli 2.1.1
now having a openscap .xml report I try to import it by using
My faraday server responds with
EXCEPTION of type 'IndexError' occurred with message: list index out of range
the oscap result xml has the following layout