Hello,
You need to stay within the context of the matched b:entry
element; modify your stylesheet thusly:
<xsl:template match="b:entry">
<div>
<xsl:number format="1."/>
<xsl:value-of select="@name"/>
<xsl:text> : </xsl:text>
<xsl:value-of select="@CVSS_base_score"/>
</div>
</xsl:template>
and you will get what you want.
Regards,
EB
-----Original Message-----
From: Badrul Anuar [mailto:askbard(_at_)gmail(_dot_)com]
Sent: Thursday, June 18, 2009 9:24 PM
To: xsl-list(_at_)lists(_dot_)mulberrytech(_dot_)com
Subject: [xsl] XSL with namespace from NVD
HI
I try to extract some information from the NVD datafeed. The data
is in XML.
I only want make some analysis on the data.
For the trial version, I try to extract some attributes, but the first
entry is repeated for every entry.
For example.
This is the XML:
the original XML can be found from
http://nvd.nist.gov/download/nvdcve-recent.xml
--------------XML-start-----------------
<?xml version='1.0' encoding='UTF-8'?>
<nvd
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns="http://nvd.nist.gov/feeds/cve/1.2";
nvd_xml_version="1.2" pub_date="2009-06-18"
xsi:schemaLocation="http://nvd.nist.gov/feeds/cve/1.2
http://nvd.nist.gov/schema/nvdcve.xsd";>
<entry CVSS_vector="(AV:N/AC:M/Au:N/C:P/I:P/A:P)"
CVSS_base_score="6.8" CVSS_exploit_subscore="8.6"
CVSS_impact_subscore="6.4" name="CVE-2009-0791" seq="2009-0791"
severity="Medium" type="CVE" published="2009-06-09" CVSS_version="2.0"
CVSS_score="6.8" modified="2009-06-09">
<desc>
<descript source="cve">Multiple integer overflows in the
pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7 allow remote
attackers to cause a denial of service (application crash) or possibly
execute arbitrary code via a crafted PDF file that triggers a
heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2)
FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5)
PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may
overlap CVE-2009-1179.</descript>
</desc>
<loss_types>
<avail />
<conf />
<int />
</loss_types>
<range>
<network />
<user_init />
</range>
<refs>
<ref source="CONFIRM" patch="1"
url="https://bugzilla.redhat.com/show_bug.cgi?id=491840";>https://b
ugzilla.redhat.com/show_bug.cgi?id=491840</ref>
</refs>
<vuln_soft>
<prod vendor="apple" name="cups">
<vers num="1.3.7" />
</prod>
</vuln_soft>
</entry>
<entry CVSS_vector="(AV:N/AC:L/Au:N/C:N/I:N/A:P)"
CVSS_base_score="5.0" CVSS_exploit_subscore="10.0"
CVSS_impact_subscore="2.9" name="CVE-2009-0949" seq="2009-0949"
severity="Medium" type="CVE" published="2009-06-09" CVSS_version="2.0"
CVSS_score="5.0" modified="2009-06-09">
<desc>
<descript source="cve">The ippReadIO function in
cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize
memory for IPP request packets, which allows remote attackers to cause
a denial of service (NULL pointer dereference and daemon crash) via a
scheduler request with two consecutive IPP_TAG_UNSUPPORTED
tags.</descript>
</desc>
<loss_types>
<avail />
</loss_types>
<range>
<network />
</range>
<refs>
<ref source="DEBIAN" patch="1"
url="http://www.debian.org/security/2009/dsa-1811";>DSA-1811</ref>
<ref source="SECUNIA"
url="http://secunia.com/advisories/35322"; adv="1">35322</ref>
</refs>
<vuln_soft>
<prod vendor="apple" name="cups">
<vers num="1.1" />
</prod>
</vuln_soft>
</entry>
<entry CVSS_vector="(AV:N/AC:L/Au:N/C:N/I:N/A:P)"
CVSS_base_score="5.0" CVSS_exploit_subscore="10.0"
CVSS_impact_subscore="2.9" name="CVE-2009-1196" seq="2009-1196"
severity="Medium" type="CVE" published="2009-06-09" CVSS_version="2.0"
CVSS_score="5.0" modified="2009-06-09">
<desc>
<descript source="cve">The directory-services
functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote
attackers to cause a denial of service (cupsd daemon outage or crash)
via manipulations of the timing of CUPS browse packets, related to a
"pointer use-after-delete flaw."</descript>
</desc>
<loss_types>
<avail />
</loss_types>
<range>
<network />
</range>
<refs>
<ref source="SECUNIA"
url="http://secunia.com/advisories/35340"; adv="1">35340</ref>
</refs>
<vuln_soft>
<prod vendor="apple" name="cups">
<vers num="1.1.17" />
<vers num="1.1.22" />
</prod>
</vuln_soft>
</entry>
</nvd>
--------------XML-end-----------------
And I use the XSL with this code
----XSL-start------------
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
xmlns:b="http://nvd.nist.gov/feeds/cve/1.2";
version="1.0">
<xsl:output method="html"/>
<xsl:template match="//b:entry">
<div>
<xsl:number format="1."/>
<xsl:value-of select="//b:entry/@name"/>
<xsl:text> : </xsl:text>
<xsl:value-of select="//b:entry/@CVSS_base_score"/>
</div>
</xsl:template>
</xsl:stylesheet>
-----XSL-end----------
the output is
1.CVE-2009-0791 : 6.8
2.CVE-2009-0791 : 6.8
3.CVE-2009-0791 : 6.8
My question is how to make sure the output is taken for each entry.
I would like to have the output like
1.CVE-2009-0791 : 6.8
2.CVE-2009-0949 : 5.0
3.CVE-2009-1196 : 5.0
Thank you in advance
--~------------------------------------------------------------------
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
To unsubscribe, go to: http://lists.mulberrytech.com/xsl-list/
or e-mail:
<mailto:xsl-list-unsubscribe(_at_)lists(_dot_)mulberrytech(_dot_)com>
--~--
--~------------------------------------------------------------------
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
To unsubscribe, go to: http://lists.mulberrytech.com/xsl-list/
or e-mail: <mailto:xsl-list-unsubscribe(_at_)lists(_dot_)mulberrytech(_dot_)com>
--~--