OASIS Common Security Advisory Framework (CSAF) TC

 View Only
Back to discussions
Expand all | Collapse all

CSDPR01 Feedback #1086 from TC member

  • 1.  CSDPR01 Feedback #1086 from TC member

    Posted 07-07-2025 01:21

    Dear TC members,

    As per TC process, I announce that I, Christoph Plutte, have commented (#1086) on the CSDPR01:

    Add qualitative severity rating to metrics (in case no CVSS available) · Issue #1086 · oasis-tcs/csaf

    Best regards,

    Christoph Plutte

    Ericsson PSIRT

    GitHub remove preview
    Add qualitative severity rating to metrics (in case no CVSS available) · Issue #1086 · oasis-tcs/csaf
    In CSAF 2.1, the metrics element holds CVSS, EPSS and SSVC metrics. However, this limits the ability to provide a severity rating for a vulnerability to the aforementioned three standards. There are cases, when organization might want to...
    View this on GitHub >



    ------------------------------
    Christoph Plutte
    Ericsson AB
    KISTA
    ------------------------------


Related Content