Test set of CVE IDs

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Test set of CVE IDs

Adinolfi, Daniel R

Folks,

 

During our last Board meeting, there was a discussion of the feasibility of creating a set of test CVE ID to use when developing new software or testing processes.

 

Such a set of data was made available when the CVE ID Syntax change occurred, and we provided this:

 

<https://cve.mitre.org/cve/identifiers/tech-guidance.html#test_data>

 

If this test data is not sufficient, what requirements are missing? What are the more specific use cases for "test CVE IDs" that you would like to accomplish?

 

Thanks.

 

-Dan

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Test set of CVE IDs

kseifried@redhat.com


On Fri, Jan 6, 2017 at 6:43 AM, Adinolfi, Daniel R <[hidden email]> wrote:

Folks,

 

During our last Board meeting, there was a discussion of the feasibility of creating a set of test CVE ID to use when developing new software or testing processes.

 

Such a set of data was made available when the CVE ID Syntax change occurred, and we provided this:

 

<https://cve.mitre.org/cve/identifiers/tech-guidance.html#test_data>

 

If this test data is not sufficient, what requirements are missing? What are the more specific use cases for "test CVE IDs" that you would like to accomplish?


These are all from year 2014, also only 28 of them, I'm thinking more cases where I run the scripts/system/whatever to convert a bunch of data into CVEs, and grind it through my whole system (once I have one) using a set of CVE #'s which I can hardcode the final presentation systems/etc to ignore (e.g. for the sake of argument CVE-YEAR-98765****). This isn't a needed use case really yet, but long term with automation I'm wondering how we do as close to live testing as possible (hence the request).

 

 

Thanks.

 

-Dan




--

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Loading...