csaf: track aggregate_severity

Signed-off-by: RTann <[email protected]>
quay · Jan 10, 2025 · f18415f · f18415f
1 parent 3811f8f
commit f18415f
Showing 1 changed file with 13 additions and 4 deletions.
diff --git a/toolkit/types/csaf/csaf.go b/toolkit/types/csaf/csaf.go
@@ -46,10 +46,11 @@ type CSAF struct {
 //
 // https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#321-document-property
 type DocumentMetadata struct {
-	Title      string      `json:"title"`
-	Tracking   Tracking    `json:"tracking"`
-	References []Reference `json:"references"`
-	Publisher  Publisher   `json:"publisher"`
+	Title             string            `json:"title"`
+	Tracking          Tracking          `json:"tracking"`
+	References        []Reference       `json:"references"`
+	Publisher         Publisher         `json:"publisher"`
+	AggregateSeverity AggregateSeverity `json:"aggregate_severity"`
 }
 
 // Document references holds a list of references associated with the whole document.
@@ -82,6 +83,14 @@ type Publisher struct {
 	Namespace        string `json:"namespace"`
 }
 
+// AggregateSeverity provides information on the severity of one or more vulnerabilities in the document.
+//
+// https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#3212-document-property---aggregate-severity
+type AggregateSeverity struct {
+	Namespace string `json:"namespace"`
+	Text      string `json:"text"`
+}
+
 // Vulnerability contains information about a CVE and its associated threats.
 //
 // https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#323-vulnerabilities-property