vulnrepconv

command
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 22, 2020 License: BSD-3-Clause Imports: 6 Imported by: 0

Documentation

Overview

Usage: vulnrepconv -input <fname> [-output <fname>]

The tool vulnrepconv converts vulnerability reports to/from CVRF(xml) and CSAF(json) formats. Note that there are some features of the JSON format not available in the XML format (notably, translation support), so this tool cannot fully convert a document from JSON --> XML --> JSON, but it will get about as close as possible. Round trips from XML --> JSON --> XML will work. See the Limitations section for details.

The input file is required. If no output file is indicated, then the output is written to STDOUT.

The type of file is assumed based on file extension. Input and output files must have either a ".xml" or a ".json" extension.

Limitations

Round trip conversions from XML-->JSON-->XML work, but may not be identical, due to a number of factors: - namespace prefixes might change - whitespaces might change - attribute ordering might change - xml:lang attributes will be discarded - CDATA and comments may change

A carefully constructed XML file, however, will be able to successfully round-trip back to a byte-for-byte identical file.

See Also

The tool is primarily a command line wrapper around the vulnrep package. For details about vulnerability representation, please see that package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL