You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently do no checking that CVSS scores in the severity fields are valid. We end up ingesting invalid scores, which also end up being served by the API which could be an issue downstream.
We currently do no checking that CVSS scores in the
severity
fields are valid. We end up ingesting invalid scores, which also end up being served by the API which could be an issue downstream.Case in point: this GHSA OSV record has a CVSS 3.1 score labelled as
CVSS_V4
.Our website is currently 500-ing when trying to render this vulnerability because of this.
The text was updated successfully, but these errors were encountered: