Original post date: July 26, 2024
Last updated: July 26, 2024
Most developers now that a vulnerability score of 10.0 means “as bad as it can get”, less people know details of the scoring.
The standard behind the scoring has recently received a new version: Common Vulnerability Scoring System (CVSS) 4.0. In the blog post in the Eclipse Foundation blog I’m reviewing the previous 3.1 version and the new 4.0: https://blogs.eclipse.org/post/marta-rybczynska/update-vulnerability-description-cvss-40
Useful for anyone who will have to score a vulnerability one day! Or find out how serious a recently announced one could be.