Vijay Sarvepalli
Vijay Sarvepalli
CERT/CC is using CSAF currently as a rich Vulnerability format for representing all the information in our Vulnerability Notice https://kb.cert.org/vuls/ in a machine readable format. Each Vulnerability Note is available...
Hello @kestewart Can you send an example, it will be easier to work off of it. I was trying to read through the docs, there are quite a few updates,...
Hello @swinslow Very helpful. I believe the work done for Medical Proof of Concept had a desire to represent examples where a package was analyzed and some signature could provide...
Hello @iainDe Have you seen this case - https://github.com/CERTCC/VINCE/pull/19 ? Limited CSAF output via API is available, we are working with CSAF oasis group members @tschmidtb51 @santosomar to take this...
#55 is a related recommendation and feedback we received from Oasis CSAF working group.
Related issues #96 and #97 - more improvements needs to support CSAF properly.
Hello @tschmidtb51 This is on purpose as we have two API's that release CSAF documents. The public API and the private authenticated API. The private API has a different data...
Thanks this information is very helpful.. We have another ticket in our internal VINCE system which is related to this topic. Being able to provide CHANGELOG And track changes as...
Is this more than the SSVC scoring that will be published? If there are other aspects apart from "adpContainer/metrics" object listed below, we need to decide what aspects of ADP...
Hello @Masato20240324 Is this a question or are you just commenting on Internationalization of SSVC JSON file?