Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allowed Characters in Descriptions and Workarounds #240

Closed
eslerm opened this issue Jul 10, 2023 · 1 comment
Closed

Allowed Characters in Descriptions and Workarounds #240

eslerm opened this issue Jul 10, 2023 · 1 comment

Comments

@eslerm
Copy link

eslerm commented Jul 10, 2023

In CVEProject/cvelistV5#21 it was asked that newlines be removed from JSON5 descriptions in the cvelistV5 repo.

Looking at the schema, any string between 1 and 4096 characters is valid.

Are CNAs allowed to embed HTML formatting into CVE descriptions?
@chandanbn
Copy link
Collaborator

The descriptions are supposed to be plain text - newlines, spaces and tabs allowed for readability.

For anything more, one can utilize supportingMedia construct to include alternative representation of the plain text like markdown, HTML, images etc.,

CVE descriptions are technical writings - it would be hard and restrictive to define an allowed list of characters.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chandanbn @eslerm