Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability Threat Element Error #5

Open
dstrohl opened this issue Oct 20, 2020 · 1 comment
Open

Vulnerability Threat Element Error #5

dstrohl opened this issue Oct 20, 2020 · 1 comment
Labels
CVRF 1.2 Docs CVRF 1.2 Documentation Issues

Comments

@dstrohl
Copy link

dstrohl commented Oct 20, 2020

In version 1.2 (http://docs.oasis-open.org/csaf/csaf-cvrf/v1.2/cs01/csaf-cvrf-v1.2-cs01.html#_Toc493508771)
Section 6.11.1

It indicates that "Date" is an attribute, however in examples 61 and 62, date is added as an element.
(note also that on example 62, the opening element tag for "Date" uses a "/", which is incorrect)

Example 61: Exploit Status:

none 2011-11-26T00:00:00+00:00 CVRFPID-0000

Example 62: Exploit Status without Product ID:

proof of concept 2011-11-26T00:00:00+00:00

I'm not sure if this is incorrectly marked as being a date attribute and it should be an element, or if it's incorrectly exampled as being an element, but it should be one or the other.
@santosomar santosomar added the CVRF 1.2 Docs CVRF 1.2 Documentation Issues label May 4, 2021
@santosomar
Copy link
Contributor

This is also being addressed/changed in the current CSAF 2.0 Schema and CSAF 2.0 prose

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
CVRF 1.2 Docs CVRF 1.2 Documentation Issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@santosomar @dstrohl