Severity lowered by @advisory-database[bot] #491
Comments
Geolim4
changed the title
|
@Geolim4 Looks like github was the assigning CNA for that CVE and the score given was medium It's unclear to me why this popped back up, but we reset our ghsa score to align with the score sent to mitre. |
|
@darakian weird, does it looks like a bug to you ? |
|
No, I don't see any bug behavior here. Maybe we didn't score the initial issue properly and that's a conversation we can have if you feel strongly about the severity level, but given the values the behavior seems correct to me. |
|
It's not that bad, I was just wondering why the severity was recalculated wrongly based on the CVSS score I calculated originally, but if it's ok on your POV, that's fine for me despite it can looks weird for repo maintainers. |
|
Cool. Sorry about the confusion and thanks for the feedback 👍 |
For some reason, the bot has lowered the priority of GHSA-484f-743f-6jx2: 2e8e721
I don't understand why, since it has been validated with "HIGH" severity initially: GHSA-484f-743f-6jx2
The text was updated successfully, but these errors were encountered: