Red Hat Severity Rating and State

Inspecting Red Hat OVAL definitions for Red Hat Severity Rating and State

Once you have identified the OVAL v2 streams to inspect you can

1. Query OVAL definitions with CVE and CPE

2. Verify package or module meets test criteria (refer to examples below)

3. Pull severity, class type, CVE and RHSA URLs. Indicate if the package is vulnerable or not. Optionally, use other fields like the description, dates, platform, title.

OVAL CVE Definition Examples