cvereport(1)cvereport Manual cvereport(1)NAMEcvereport - Generate an HTML report for the cvechecker output
SYNOPSIScvereport [-d | -D] <targetdir> <acknowledgementfile>
DESCRIPTION
The cvereport tool will generate an HTML report based on the cvechecker
output. The report is generated based on some simple XML/XSLT transfor‐
mations and uses an acknowledgement file to keep track of the state of
the CVE entries matching your system.
USAGE
COMMAND USAGE
The command requires two user-specified options:
· The targetdir is an existing, writeable directory where cvereport can
store its report.html output.
· The acknowledgementfile is an existing, readable XML file that con‐
tains the analysis of the CVE entries for your system
The difference between -d and -D is that
· -d runs the standard cvechecker report, whereas
· -D runs the cvechecker report including matches for higher versions
of the installed software
ACKNOWLEDGEMENT FILE FORMAT
The XML file for the acknowledgements uses the following syntax:
<?xml version="1.0"?>
<acknowledgements>
<resolution id="resolution_id_1">Comment about why a CVE entry is irrelevant for your system</resolution>
<resolution id="resolution_id_2">Another comment</resolution>
<comment id="comment_id_1">Comment why the CVE is acknowledged, but not resolved</comment>
<file name="/path/to/filename1" cve="CVE-2000-1234" state="irrelevant" resolution="resolution_id_1" />
<file name="/path/to/filename2" cve="CVE-2000-5678" state="irrelevant" resolution="resolution_id_2" />
<file name="/path/to/filename3" cve="CVE-2001-9012" state="acknowledged" comment="comment_id_1" />
</acknowledgements>
The use of comments or resolutions within the file entity is not manda‐
tory, but recommended.
AUTHORcvereport is part of the cvechecker tool. cvereport was written by Sven
Vermeulen <sven.vermeulen@siphos.be>.
September 1, 2010 27 November 2010 cvereport(1)
