Skip to content

Vulnerabilities Property called Remediation should be able to contain arrays of remediation #3

New issue
New issue
Open
#6
Open
Vulnerabilities Property called Remediation should be able to contain arrays of remediation#3
#6
Labels
bugSomething isn't working
@S-Panta

Description

@S-Panta
S-Panta
opened on Oct 16, 2024

The protocols specifies that remediation field contains List of remediations (remediations) of value type array with 1 or more Remediation items of value type object contains a list of remediations.
See more:
https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#32312-vulnerabilities-property---remediations
CSAFParser class fails to return such array

csaf/csaf/parser.py

Lines 188 to 192 in 4decb1b

if "remediations" in vulnerability:
for remediation in vulnerability["remediations"]:
vuln_info.set_remediation(remediation["category"])
vuln_info.set_action(remediation["details"])
self.vulnerabilities.append(vuln_info.get_vulnerability())

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions