affected_repository_list? #3

MaineK00n · 2024-12-24T09:17:29Z

cpe:/a:redhat:enterprise_linux:8::appstream is determined to be a repository for E4S.

  "cpe:/a:redhat:enterprise_linux:8::appstream": [
    "rhel-8-for-x86_64-appstream-rpms",
    "rhel-8-for-aarch64-appstream-source-rpms",
    "rhel-8-for-ppc64le-appstream-e4s-debug-rpms",
    "rhel-8-for-aarch64-appstream-rpms",
    "rhel-8-for-aarch64-appstream-debug-rpms",
    "rhel-8-for-ppc64le-appstream-e4s-rpms",
    "rhel-8-for-x86_64-appstream-e4s-rpms",
    "rhel-8-for-ppc64le-appstream-e4s-source-rpms",
    "rhel-8-for-x86_64-appstream-e4s-source-rpms",
    "rhel-8-for-x86_64-appstream-e4s-debug-rpms",
    "rhel-8-for-ppc64le-appstream-debug-rpms",
    "rhel-8-for-x86_64-appstream-source-rpms",
    "rhel-8-for-s390x-appstream-source-rpms",
    "rhel-8-for-s390x-appstream-rpms",
    "rhel-8-for-ppc64le-appstream-source-rpms",
    "rhel-8-for-ppc64le-appstream-rpms",
    "rhel-8-for-x86_64-appstream-debug-rpms",
    "rhel-8-for-s390x-appstream-debug-rpms"
  ],

Therefore, it will fail to filter on the following criteria.
https://github.com/vulsio/vuls-data-extracted-redhat-vex/blob/363844c43ad9ab14d87345a473c81ba7fe21f044/data/2022/CVE-2022-40897.json#L1357-L1409

To solve this problem, it is necessary to determine what to fileter not in cpe but in repository units.

The text was updated successfully, but these errors were encountered:

MaineK00n self-assigned this Dec 24, 2024

MaineK00n linked a pull request Dec 25, 2024 that will close this issue

feat: use affected_repository_list #4

Merged

MaineK00n mentioned this issue Dec 25, 2024

feat: use affected_repository_list #4

Merged

MaineK00n closed this as completed in #4 Dec 25, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

affected_repository_list? #3

affected_repository_list? #3

MaineK00n commented Dec 24, 2024

affected_repository_list? #3

affected_repository_list? #3

Comments

MaineK00n commented Dec 24, 2024