[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] XSL with namespace from NVD
HI I try to extract some information from the NVD datafeed. The data is in XML. I only want make some analysis on the data. For the trial version, I try to extract some attributes, but the first entry is repeated for every entry. For example. This is the XML: the original XML can be found from http://nvd.nist.gov/download/nvdcve-recent.xml --------------XML-start----------------- <?xml version='1.0' encoding='UTF-8'?> <nvd xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://nvd.nist.gov/feeds/cve/1.2" nvd_xml_version="1.2" pub_date="2009-06-18" xsi:schemaLocation="http://nvd.nist.gov/feeds/cve/1.2 http://nvd.nist.gov/schema/nvdcve.xsd"> <entry CVSS_vector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)" CVSS_base_score="6.8" CVSS_exploit_subscore="8.6" CVSS_impact_subscore="6.4" name="CVE-2009-0791" seq="2009-0791" severity="Medium" type="CVE" published="2009-06-09" CVSS_version="2.0" CVSS_score="6.8" modified="2009-06-09"> <desc> <descript source="cve">Multiple integer overflows in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.</descript> </desc> <loss_types> <avail /> <conf /> <int /> </loss_types> <range> <network /> <user_init /> </range> <refs> <ref source="CONFIRM" patch="1" url="https://bugzilla.redhat.com/show_bug.cgi?id=491840">https://bugzilla.redhat.com/show_bug.cgi?id=491840</ref> </refs> <vuln_soft> <prod vendor="apple" name="cups"> <vers num="1.3.7" /> </prod> </vuln_soft> </entry> <entry CVSS_vector="(AV:N/AC:L/Au:N/C:N/I:N/A:P)" CVSS_base_score="5.0" CVSS_exploit_subscore="10.0" CVSS_impact_subscore="2.9" name="CVE-2009-0949" seq="2009-0949" severity="Medium" type="CVE" published="2009-06-09" CVSS_version="2.0" CVSS_score="5.0" modified="2009-06-09"> <desc> <descript source="cve">The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.</descript> </desc> <loss_types> <avail /> </loss_types> <range> <network /> </range> <refs> <ref source="DEBIAN" patch="1" url="http://www.debian.org/security/2009/dsa-1811">DSA-1811</ref> <ref source="SECUNIA" url="http://secunia.com/advisories/35322" adv="1">35322</ref> </refs> <vuln_soft> <prod vendor="apple" name="cups"> <vers num="1.1" /> </prod> </vuln_soft> </entry> <entry CVSS_vector="(AV:N/AC:L/Au:N/C:N/I:N/A:P)" CVSS_base_score="5.0" CVSS_exploit_subscore="10.0" CVSS_impact_subscore="2.9" name="CVE-2009-1196" seq="2009-1196" severity="Medium" type="CVE" published="2009-06-09" CVSS_version="2.0" CVSS_score="5.0" modified="2009-06-09"> <desc> <descript source="cve">The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service (cupsd daemon outage or crash) via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."</descript> </desc> <loss_types> <avail /> </loss_types> <range> <network /> </range> <refs> <ref source="SECUNIA" url="http://secunia.com/advisories/35340" adv="1">35340</ref> </refs> <vuln_soft> <prod vendor="apple" name="cups"> <vers num="1.1.17" /> <vers num="1.1.22" /> </prod> </vuln_soft> </entry> </nvd> --------------XML-end----------------- And I use the XSL with this code ----XSL-start------------ <?xml version="1.0" encoding="utf-8"?> <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:b="http://nvd.nist.gov/feeds/cve/1.2" version="1.0"> <xsl:output method="html"/> <xsl:template match="//b:entry"> <div> <xsl:number format="1."/> <xsl:value-of select="//b:entry/@name"/> <xsl:text> : </xsl:text> <xsl:value-of select="//b:entry/@CVSS_base_score"/> </div> </xsl:template> </xsl:stylesheet> -----XSL-end---------- the output is 1.CVE-2009-0791 : 6.8 2.CVE-2009-0791 : 6.8 3.CVE-2009-0791 : 6.8 My question is how to make sure the output is taken for each entry. I would like to have the output like 1.CVE-2009-0791 : 6.8 2.CVE-2009-0949 : 5.0 3.CVE-2009-1196 : 5.0 Thank you in advance
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|