Model CVSSv4 macrovectors as an SSVC tree #329
Assignees
Labels
enhancement
New feature or request
Comments
|
Here is the JSON representation of the CVSSv4 as a Decision Tree - we can save it for later. |
|
We definitely arranged the equivalency sets in a decision tree. However, the process for community voting on assigning relative ranking (and therefore the labels 0.1 to 10.0) is probably more interesting than the fact that the equivalence sets are arranged into a decision tree. Is there anything else to do for this? I don't see any further concrete value add. |
Yeah, I want this to exist in python because I want to be able to do things with it like use some of the other tooling I'm building on it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVSS v4 uses the concept of macrovectors. I'm not going to explain that here, check out the CVSS v4 spec for that.
It might be interesting to use SSVC to construct a model of CVSSv4 macrovectors -> CVSSv4 categories (Low, Medium, High, Critical) for demonstration purposes.
The text was updated successfully, but these errors were encountered: