Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Minor addition to the cvss object #1165

Merged
merged 3 commits into from
Aug 21, 2024
Merged

Minor addition to the cvss object #1165

merged 3 commits into from
Aug 21, 2024

Conversation

floydtree
Copy link
Contributor

Related Issue: n/a

Description of changes:

  1. Adding vendor_name to the cvss object to help represent the source/vendor that provided the cvss scores.
  2. Snippet from a sample source event from Amazon Inspector
"cvss": [
      {
        "baseScore": 10,
        "scoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1",
        "source": "UBUNTU_CVE"
      },
      {
        "baseScore": 10,
        "scoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1",
        "source": "NVD"
      }
    ],

@floydtree floydtree added enhancement New feature or request findings Issues related to Findings Category v1.4.0 or later Changes marked for versions beyond v1.3.0 of OCSF labels Aug 21, 2024
@floydtree
adding a changelog entry
f1e07f7 
Signed-off-by: Rajas Panat <[email protected]>
irakledibm
irakledibm previously approved these changes Aug 21, 2024
View reviewed changes
Copy link
Contributor

@irakledibm irakledibm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small spelling mistake in a CHANGELOG: vendor_namr. Not a big deal.

mikeradka
mikeradka previously requested changes Aug 21, 2024
View reviewed changes
Copy link
Contributor

@mikeradka mikeradka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit - minor typo in the CHANGELOG. Otherwise looks good.

@floydtree
fixing typo in the changelog
8bc139e 
Signed-off-by: Rajas Panat <[email protected]>
@floydtree floydtree dismissed stale reviews from jonrau-at-queryai and irakledibm via 8bc139e August 21, 2024 16:57
@floydtree floydtree merged commit 56bb644 into ocsf:main Aug 21, 2024
3 checks passed
@floydtree floydtree deleted the vulnerability_object_additions branch August 21, 2024 17:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonrau-at-queryai jonrau-at-queryai jonrau-at-queryai approved these changes

@jcburgo jcburgo jcburgo approved these changes

@irakledibm irakledibm irakledibm approved these changes

@mikeradka mikeradka mikeradka approved these changes

@pagbabian-splunk pagbabian-splunk Awaiting requested review from pagbabian-splunk pagbabian-splunk is a code owner

@Aniak5 Aniak5 Awaiting requested review from Aniak5 Aniak5 is a code owner

@zschmerber zschmerber Awaiting requested review from zschmerber zschmerber is a code owner

Assignees
No one assigned
Labels
enhancement New feature or request findings Issues related to Findings Category v1.4.0 or later Changes marked for versions beyond v1.3.0 of OCSF
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@floydtree @mikeradka @irakledibm @jcburgo @jonrau-at-queryai