You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a national CERT we often include (parts of) text from vendors in our generated CSAF documents. These texts are in the notes section of the vulnerability properties. In the references section we now have the link to the original advisory.
Currently it is not possible to connect the note to the reference. It would be nice to make that connection. This could be done either by a url field in the note, or via a construct similar to product_id i.e. a unique string per url which can be referenced in the notes section.
The text was updated successfully, but these errors were encountered:
As discussed in today's TC meeting, here is an example, how this could look like:
"notes": [
{
"category": "summary",
"references": "CSAFRef-0001",
"text": "Summarizing the text that should be in here. BTW: It was actually cited or taken from the original advisory linked in the references.",
"title": "Vulnerability summary"
}
],
// ...
"references": [
{
"category": "external",
"id": "CSAFRef-0001",
"summary": "A cool summary",
"url": "https://example.com/an-advisory-url-I-want-to-cite"
}
],
As a national CERT we often include (parts of) text from vendors in our generated CSAF documents. These texts are in the
notes
section of thevulnerability properties
. In thereferences
section we now have the link to the original advisory.Currently it is not possible to connect the
note
to thereference
. It would be nice to make that connection. This could be done either by aurl
field in thenote
, or via a construct similar toproduct_id
i.e. a unique string perurl
which can be referenced in thenotes
section.The text was updated successfully, but these errors were encountered: