search

oasis-open / csaf-parser

OASIS TC Open Repository: CSAF Parser tool for parsing and checking the syntax of the Common Vulnerability Reporting Framework (CVRF) content
https://github.com/oasis-open/csaf-parser
MIT License
23 stars 12 forks source link

XML parsing error when executing example code #23

Open denniskrq opened 2 years ago

denniskrq commented 2 years ago

Environment information:

Reproduction:

  1. Clone the repo
  2. Execute the first sample code python cvrf_util.py --file examples/1.1/ms_cvrf.xml --schema schemata/cvrf/1.1/cvrf.xsd --cvrf-version 1.1 --output-format csv --output-file ms_cvrf.csv --vuln ProductID --include-related-product-elements --unique-products --related-product-tags all
  3. Encounter error: 
    cvrf_util.py: Unable to check cvrf version in document. Cannot parse document or get node based on specified parseable elements!
Probably a cvrf version mismatch...try using different cvrf version.

Log:

04/12/2022 10:41:57 AM -----------------------------------------------
04/12/2022 10:41:57 AM cvrf_util.py v1.2.0
04/12/2022 10:41:57 AM command line args: ['cvrf_util.py', '--file', 'examples/1.1/ms_cvrf.xml', '--schema', 'schemata/cvrf/1.1/cvrf.xsd', '--cvrf-version', '1.1', '--output-format', 'csv', '--output-file', 'ms_cvrf.csv', '--vuln', 'ProductID', '--include-related-product-elements', '--unique-products', '--related-product-tags', 'all']
04/12/2022 10:41:57 AM cvrf_version: 1.1
04/12/2022 10:41:57 AM command line args processed successfully
04/12/2022 10:41:57 AM Namespace(file='examples/1.1/ms_cvrf.xml', cvrf_version='1.1', output_file='ms_cvrf.csv', output_format='csv', include_related_product_elements=True, related_product_tags=['all'], unique_products=True, cvrf=None, vuln=['{http://www.icasi.org/CVRF/schema/vuln/1.1}ProductID'], prod=None, collate_vuln=False, strip_ns=False, validate=False, schema='schemata/cvrf/1.1/cvrf.xsd', catalog=None)
04/12/2022 10:41:57 AM file to parse: examples/1.1/ms_cvrf.xml
04/12/2022 10:41:57 AM schema: schemata/cvrf/1.1/cvrf.xsd
04/12/2022 10:41:57 AM catalog: schemata/catalog_1_1.xml
04/12/2022 10:41:57 AM output format: csv
04/12/2022 10:41:57 AM output file: ms_cvrf.csv
04/12/2022 10:41:57 AM related_product_tags: ProductID,Status,CVE,Title,BaseScore,Vector,TemporalScore,Note,FullProductName,Branch,Revision,Remediation,Acknowledgment,Threat
04/12/2022 10:41:57 AM parse doc for below elements
04/12/2022 10:41:57 AM {http://www.icasi.org/CVRF/schema/vuln/1.1}ProductID
04/12/2022 10:41:57 AM parsing document...
04/12/2022 10:41:57 AM document successfully parsed
04/12/2022 10:41:57 AM verifying cvrf version...
04/12/2022 10:41:57 AM cvrf version from document: 
04/12/2022 10:41:57 AM cvrf version from args: http://www.icasi.org/CVRF/schema/cvrf/1.1
04/12/2022 10:41:57 AM Unable to check cvrf version in document. Cannot parse document or get node based on specified parseable elements!
Probably a cvrf version mismatch...try using different cvrf version.
MrAsimZahid commented 1 year ago

I am facing the same issue.