Comment 3 for bug 1880992
Revision history for this message
| Steve Beattie (sbeattie) wrote Re: [Bug 1880992] Re: check-cves should compute and display CVSS score for triage | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
On Thu, May 28, 2020 at 03:12:39AM -0000, Alex Murray wrote:
> Since we parse out the full attributes of the score, we could easily try
> and show more than just the vector string and the base score but I am
> not sure how we could do this in a concise manner - so currently this
> will look like either of the following, depending on whether using
> traditional or experimental output modes:
Thanks. On the one hand, I can't get my brain to grok the random string
of single letters. On the other, I'm not sure the number tells me much
either. I did have the idea of maybe reporting something like:
Confidentiality: [high|medium|low] Integrity: [high|medium|low] Availability: [high|medium|low]
as I tend to think of those as the most relevant portions of the CVSS
array elements. But that may be a bias that I have, and am open to other
thoughts here.
--
Steve Beattie
<email address hidden>
http://