-
Notifications
You must be signed in to change notification settings - Fork 293
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Severity lowered by @advisory-database[bot] #491
Comments
@Geolim4 Looks like github was the assigning CNA for that CVE and the score given was medium It's unclear to me why this popped back up, but we reset our ghsa score to align with the score sent to mitre. |
@darakian weird, does it looks like a bug to you ? |
No, I don't see any bug behavior here. Maybe we didn't score the initial issue properly and that's a conversation we can have if you feel strongly about the severity level, but given the values the behavior seems correct to me. |
It's not that bad, I was just wondering why the severity was recalculated wrongly based on the CVSS score I calculated originally, but if it's ok on your POV, that's fine for me despite it can looks weird for repo maintainers. |
Cool. Sorry about the confusion and thanks for the feedback 👍 |
For some reason, the bot has lowered the priority of GHSA-484f-743f-6jx2: 2e8e721
I don't understand why, since it has been validated with "HIGH" severity initially: GHSA-484f-743f-6jx2
The text was updated successfully, but these errors were encountered: