Tools to download or provide CSAF (Common Security Advisory Framework) documents.

vexctl is a tool to attest VEX impact statements

Secvisogram is a web tool for creating and editing security advisories in the CSAF 2.0 format

Secvisogram is a web tool for creating and editing security advisories in the CSAF 2.0 format

OASIS TC Open Repository: A GitHub repository for management of non-normative information about the work of the CSAF Technical Committee, including documentation

Library to ingest and generate VEX documents

A CVRF CSAF Converter, taking care about OASIS specification.

A web based CSAF Management System as Free Software

A library and CLI to work with CSAF and SBOM data

CSAF CMS Backend is a REST-based backend to support the creation and management of CSAF 2.0 documents

CSAF generator and validator

Vulnogram is a tool for creating Security Advisories and CVE ID information.

A parser and validator for CSAF documents written in Rust

Experimental CSAF envelope and body profile validator.

csaf-validator-lib is a library that can be used to check whether a given CSAF 2.0 document is valid.

Web app (module) to display a CSAF 2 document and to browse CSAF 2 ROLIE feeds. ⚠️ The web demo is often not allowed to access servers:

Repository for [GitHub Pages version](https://secvisogram.github.io/) of [Secvisogram](https://github.com/secvisogram/secvisogram)

CSAF Backend PoC

CSAF (Common Security Advisory Framework) Perl Toolkit

CPAN Security Advisory CSAF