Ignore CVSS V4.0 metrics in CVE loading. - sec-certs.git - Tool for analysis of security certificates (Common Criteria, FIPS 140...).

diff options

author	J08nY	2025-11-12 17:01:36 +0100
committer	J08nY	2025-11-12 17:01:36 +0100
commit	5141d057df002944225d856bf227b17fa0d37f39 (patch)
tree	8a816eb940f40058b96b01d5f1a69ebc8efa0c56 /src/sec_certs/data/reference_annotations/split/valid.json
parent	6aef9e96f682bb83abdb3faa7962537c33239d61 (diff)
download	sec-certs-5141d057df002944225d856bf227b17fa0d37f39.tar.gz sec-certs-5141d057df002944225d856bf227b17fa0d37f39.tar.zst sec-certs-5141d057df002944225d856bf227b17fa0d37f39.zip

Ignore CVSS V4.0 metrics in CVE loading.

THe NVD no longer offers the "exploitabilityScore" and "impactScore" for CVSS V4.0 in their API: https://csrc.nist.gov/schema/nvd/api/2.0/cve_api_json_2.0.schema (See the "cvss-v40" entry) We should figure out what to do as more CVEs will likely have this in the future and we will lack data. The cvssData scheme is here: https://csrc.nist.gov/schema/nvd/api/2.0/external/cvss-v4.0.json

Diffstat (limited to 'src/sec_certs/data/reference_annotations/split/valid.json')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: