You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CVSS V3 have a baseScore which corresponds to a baseSeverity:
High: 7.0 - 8.9
Medium: 4.0 - 6.9
Low: < 4.0
The relationship between these fields is not enforced by the schema and therefore they can contradict each other. Cve-services should prevent this and throw an error explaining that the values must be consistent with the above ranges.
Definition of Done
Create a new 400 error with an error message explaining the above restriction
Create new middleware function that checks CVE POSTs/PUTs for consistent CVSS scores and severities
Apply new middleware to CVE POST/PUT endpoints
Create unit tests for new middleware
Note
Confirm that the requirements are the same for CVSS V4.
The text was updated successfully, but these errors were encountered:
Summary
CVSS V3 have a baseScore which corresponds to a baseSeverity:
High: 7.0 - 8.9
Medium: 4.0 - 6.9
Low: < 4.0
The relationship between these fields is not enforced by the schema and therefore they can contradict each other. Cve-services should prevent this and throw an error explaining that the values must be consistent with the above ranges.
Definition of Done
Note
The text was updated successfully, but these errors were encountered: