-
Some elements of CVSSv4 vectors have implications for interaction with Vultron states. We should map those out as a crosswalk similar to https://certcc.github.io/Vultron/reference/ssvc_crosswalk
-
**Is your feature request related to a problem? Please describe.**
Following on from the recent work on CVSSv4 integration it would be great to introduce another calculator into the mix. I have ofte…
-
CVSS 4.0 official publication is scheduled for Q4, 2023. CSAF 2.x schema needs to add the new
"cvss_v4": {
"$ref": "https://www.first.org/cvss/cvss-v4.0.json"
…
-
CVSS v4 uses the concept of macrovectors. I'm not going to explain that here, check out the [CVSS v4 spec](https://www.first.org/cvss/v4.0/specification-document#CVSS-v4-0-Scoring-using-MacroVectors-a…
-
Hello,
I've noticed that this project seems to be dual licensed, however it is not evident from the project's LICENSE file nor from Readme.
The original code is under LGPL-3.0 license, however t…
-
Inspired by CERTCC/Vultron#6, as well as with a similar goal of integration as #314, we should create a document explaining how SSVC and CVSSv4 intersect/overlap. As in #314, I think this might be as …
-
## Use case
The CVSS v3 Standard does not take into account how likely it is to exploit a vulnerability or if a user interaction is necessary for the vulnerability to exist. This is addressed in CVSS…
-
### Current Behavior
Currently, all vulnerabilities in the GitHub Security Advisories database do not have a CVSS score, even though they are available on the GitHub page.
For instance, `CVE-2019-1…
-
I am not convinced this is something we should fix in the JSON schema, or even if we want to be bothered with it.
But strongly typed languages interpret "1" and "1.0" differently and can cause erro…
-
Hello,
Following the last update that should fixes floating point errors, I noticed that there were still some rounding errors due to floating point residual in the python code.
Used vector : CV…