TristanCacqueray
commented
4 months ago You are right, the parser presently only supports the strings used in the advisories.
Open unorsk opened 4 months ago
TristanCacqueray
commented
4 months ago You are right, the parser presently only supports the strings used in the advisories.
unorsk
commented
4 months ago You are right, the parser presently only supports the strings used in the advisories.
Cool, sounds like something I could fix. Probably after https://github.com/haskell/security-advisories/issues/208 gets merged.
Is it just me or the cvss parser doesn't fully support the cvss31 standard (some metrics haven't been implemented) These aren't important semantically since their presence doesn't affect the score calculation, but practically the parser would fail parsing a cvss string containing one of these.