openscap icon indicating copy to clipboard operation
openscap copied to clipboard
verified publisher icon OpenSCAP

bringing oscap up to speed with NVD

Open JLT032 opened this issue 4 years ago • 0 comments

Description of Problem:

Thanks for taking time to read this.

Multiple functionalities for oscap are not up to speed with the current state of things

module CVE does not process JSON when XML feeds were abandoned in 2019 module CVSS does not support CVSS3 strings when both 3.0 and 3.1 are commonly used it must be safe to assume other features may also require a fresh up

OpenSCAP Version:

OpenSCAP command line tool (oscap) 1.3.5

Operating System & Version:

Linux

Steps to Reproduce:

  1. run oscap with CVE command such as find with a JSON feed or with an XML from https://cve.mitre.org/data/downloads/index.html
  2. run oscal with CVSS command such as score or desribe with a CVSS3 string
  3. more ?

Actual Results:

doesn't work

Expected Results:

Additional Information / Debugging Steps:

JLT032 avatar Dec 03 '21 00:12 JLT032