1cvereport(1) cvereport Manual cvereport(1)
2
6 cvereport - Generate an HTML report for the cvechecker output
7
9 cvereport [-d | -D] <targetdir> <acknowledgementfile>
10
12 The cvereport tool will generate an HTML report based on the cvechecker
13 output. The report is generated based on some simple XML/XSLT transfor‐
14 mations and uses an acknowledgement file to keep track of the state of
15 the CVE entries matching your system.
16
18 COMMAND USAGE
19 The command requires two user-specified options:
20 · The targetdir is an existing, writeable directory where cvereport can
22 store its report.html output.
23 · The acknowledgementfile is an existing, readable XML file that con‐
25 tains the analysis of the CVE entries for your system
26 The difference between -d and -D is that
28 · -d runs the standard cvechecker report, whereas
30 · -D runs the cvechecker report including matches for higher versions
32 of the installed software
33 ACKNOWLEDGEMENT FILE FORMAT
35 The XML file for the acknowledgements uses the following syntax:
36 <?xml version="1.0"?>
38 <acknowledgements>
39 <resolution id="resolution_id_1">Comment about why a CVE entry is irrelevant for your system</resolution>
40 <resolution id="resolution_id_2">Another comment</resolution>
41 <comment id="comment_id_1">Comment why the CVE is acknowledged, but not resolved</comment>
42 <file name="/path/to/filename1" cve="CVE-2000-1234" state="irrelevant" resolution="resolution_id_1" />
43 <file name="/path/to/filename2" cve="CVE-2000-5678" state="irrelevant" resolution="resolution_id_2" />
44 <file name="/path/to/filename3" cve="CVE-2001-9012" state="acknowledged" comment="comment_id_1" />
45 </acknowledgements>
46 The use of comments or resolutions within the file entity is not manda‐
48 tory, but recommended.
49
51 cvereport is part of the cvechecker tool. cvereport was written by Sven
52 Vermeulen <sven.vermeulen@siphos.be>.
53September 1, 2010 27 November 2010 cvereport(1)