CVSS vector should be generated in Base/Threat/Environmental/Supplemental order #34
Labels
Comments
|
Fixed by #35, merged 🎉 |
|
This may be unrelated to this fix, but it seems like the Supplemental Metrics no longer "stick" when selected: |
|
Thanks for the info Dave, I'll test it and provide a fix as soon as possible :) EDIT: easy to diagnose, I did not implement the behavior of (non-)mandatory metrics, working on it. |
This was referenced Oct 17, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When we asked to reorder the Base and Supplemental sections of the GUI, the vector string got inadvertently reordered as well. In all our docs, JSON, and regex, the official order of the CVSS vector string is:
AV/AC/AT/PR/UI/V[CIA]/S[CIA]/E/[CIA]R/MAV/MAC/MAT/MPR/MUI/MV[CIA]/MS[CIA]/S/AU/R/V/RE/U
(Base/Threat/Environmental/Supplemental)
Please keep the GUI arrangement as-is, but update the vector string generation order.
The text was updated successfully, but these errors were encountered: