[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (CSAF-14) Add CVSSv3 support to CVRF
[ https://issues.oasis-open.org/browse/CSAF-14?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=65016#comment-65016 ] Vincent Danen commented on CSAF-14: ----------------------------------- Quick note based on conversation in the meeting today, here is where the score set has a minimum of one occurrence: http://www.icasi.org/cvrf-v1-1-dictionary-of-elements/#38cvs The optional part is the CVSS Score Sets, but once that is set there is a minimum occurrence. Unfortunately, and what I missed, is that you need to have this which poses the problem of people no longer providing V2 scores. I'm not sure we can have a backwards-incompatible change here after all (if the assumption is "Score Set" will always be V2). > Add CVSSv3 support to CVRF > -------------------------- > > Key: CSAF-14 > URL: https://issues.oasis-open.org/browse/CSAF-14 > Project: OASIS Common Security Advisory Framework (CSAF) TC > Issue Type: New Feature > Reporter: Vincent Danen > Assignee: Feng Cao > > To track the addition of CVSSv3 for the next (hopefully quick) revision of CVRF (i.e. CVRF 1.2). This should be very easy to do quickly with no compatibility issues. -- This message was sent by Atlassian JIRA (v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]