[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Difference between OVAL and JSON feeds



Hello

I'm a software engineer at Wazuh Inc. and I have a simple question regarding your security feeds. I'd like to know what are the differences between these two security feeds:
- https://security-tracker.debian.org/tracker/data/json
- https://www.debian.org/security/oval/oval-definitions-{RELEASE}.xml

The first one, in JSON format, seems to have all the vulnerabilities content from all Debian releases. The second one has a different endpoint for each release.

My first question would be: Is the JSON feed containing all the information from all the OVAL feeds? I counted the number of CVEs within the JSON feed that are related to Bookworm and also counted the CVEs in the Bookworm OVAL feed, and there is a discrepancy: 27173 (JSON) vs. 24493 (OVAL).

My second question would be: If they are not the same, which feed should be optimal to query?

Thanks in advance
Best regards


--
Tomas Sarquis
Software Engineer
+54 351 741 1244
Wazuh
The Open Source Security Platform

Reply to: