Closed abhisek closed 5 days ago
This issue seems to be data quality issue and related to https://github.com/google/osv.dev/issues/2331
The API should now be correctly returning "type": "CVSS_V4"
in these cases.
Thanks for reporting this! Let us know if you're still encountering this issue.
Describe the bug
The
severity[].type
field for a vulnerability in OSV schema is defined asstring
https://github.com/ossf/osv-schema/blob/main/validation/schema.json#L320However an integer is returned in the OSV API response breaking schema validation in consumer tools.
To Reproduce
js2py==0.74
Expected behaviour
As per schema,
type
should be a string enumScreenshots
Additional context
N/A