Repository files navigation

This repository contains security advisories published by CIQ. The primary format used for security advisories is theOASIS Common Security Advisory Framework (CSAF) Version 2.0 standard.

Vulnerablity Exploitabilty eXchange (VEX) are stored under thecsaf/vex/ folder with a path like:

csaf/vex/cve/{cve year}/{cve id}.json

VEX json documents meet the requirements of theCSAF VEX document profile with the additional restriction that they only address a single CVE per document.

CSAFproduct_id fields for CIQ products should be in the format:

{mountain product key}:{package name}-{package version}-{release}.{distro}.{arch}