Use Effective Severity for Container Analysis Vulnerabilities

grafeas / voucher

🎟 Voucher creates attestations for Binary Authorization

Apache License 2.0

73 stars 20 forks source link

Use Effective Severity for Container Analysis Vulnerabilities #10

Closed ghost closed 3 years ago

ghost commented 3 years ago

When pulling vulnerability information from Google's Container Analysis API, we end up with severity level that doesn't match the one that Google is showing in the Container Analysis UI.

We should update Voucher to prefer the Effective Severity field!

catherinejones commented 3 years ago

Closing issue, as we're now using the Effective Severity field!