Official examples use this impact order (vulnerable system first, all three, then subsequent system, all three):
VC → VI → VA → SC → SI → SA
GHSA-28g4-38q8-3cwc hass:
VC → SC → VI → SI → VA → SA
Same information, different ordering.
Current vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N
Correct/Canonical vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
can we get cvss v4 vector string updated, so our build process dont fail at parsing the vector strings.
thanks.
Official examples use this impact order (vulnerable system first, all three, then subsequent system, all three):
VC → VI → VA → SC → SI → SA
GHSA-28g4-38q8-3cwc hass:
VC → SC → VI → SI → VA → SA
Same information, different ordering.
Current vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N
Correct/Canonical vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
can we get cvss v4 vector string updated, so our build process dont fail at parsing the vector strings.
thanks.