OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

csaf message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Item: Various possible enhancements to the JSON format for representing vulnerabilities

Hi CSAF-TC,

In working on the JSON format, I've observed the following possible areas of enhancement:

- Drop "ordinal" from JSON output - this field adds no value to the serialized output, that I can tell. I am planning to update the export logic of the conversion tool to automatically supply ordinals for the XML format, which made me think they should just be dropped from the JSON.

- use JSON schema for CVSS? Omar suggested this in an email on May 15. Seems like it might be a good idea...

- Change CVSSScoreSets to just "Scoring" in JSON, with children for v3.0 v3.1, etc.

- Why does Relationship include a _list_ of products? I believe it should just be one. Anyone know differently?

Eric.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]