|
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring | System (CVSS) is an open |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct not only for the obvious reason that one can recognize the severity of an issue at first glance But also as these numbers form the basis of rewards paid in bug bounty systems Inconsistent CVSS could lead to unfair payouts *What is this Document FFmpeg had no guideline about CVSS This document describes how to select the CVSS for a FFmpeg related CVE It currently only covers the Base Score *What is the CVSS Base Score *AV Attack | Vector (Network, Adjacent, Local, Physical) AC Attack Complexity(Low |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct not only for the obvious reason that one can recognize the severity of an issue at first glance But also as these numbers form the basis of rewards paid in bug bounty systems Inconsistent CVSS could lead to unfair payouts *What is this Document FFmpeg had no guideline about CVSS This document describes how to select the CVSS for a FFmpeg related CVE It currently only covers the Base Score *What is the CVSS Base Score *AV Attack High PR Privileges | Required (None, Low, High) UI User Interaction(None |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct not only for the obvious reason that one can recognize the severity of an issue at first glance But also as these numbers form the basis of rewards paid in bug bounty systems Inconsistent CVSS could lead to unfair payouts *What is this Document FFmpeg had no guideline about CVSS This document describes how to select the CVSS for a FFmpeg related CVE It currently only covers the Base Score *What is the CVSS Base Score *AV Attack High PR Privileges Required S | Scope (Unchanged, Changed) C Confidentiality(None |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct not only for the obvious reason that one can recognize the severity of an issue at first glance But also as these numbers form the basis of rewards paid in bug bounty systems Inconsistent CVSS could lead to unfair payouts *What is this Document FFmpeg had no guideline about CVSS This document describes how to select the CVSS for a FFmpeg related CVE It currently only covers the Base Score *What is the CVSS Base Score *AV Attack High PR Privileges Required S High I | Integrity (None, Low, High) A Availability(None |
| |
|
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software | vulnerabilities |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct | CVSS |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct not only for the obvious reason that one can recognize the severity of an issue at first glance But also as these numbers form the basis of rewards paid in bug bounty systems Inconsistent CVSS could lead to unfair payouts *What is this Document * | Prior |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct not only for the obvious reason that one can recognize the severity of an issue at first glance But also as these numbers form the basis of rewards paid in bug bounty systems Inconsistent CVSS could lead to unfair payouts *What is this Document FFmpeg had no guideline about CVSS This document describes how to select the CVSS for a FFmpeg related CVE It currently only covers the Base Score *What is the CVSS Base Score *AV Attack High PR Privileges Required S | Low |
| |
| This document is work in progress *What is CVSS *The Common Vulnerability Scoring industry standard framework used to measure and communicate the severity of software ranging from to *Why we need this Document *It is important that FFmpeg CVEs have consistent and correct not only for the obvious reason that one can recognize the severity of an issue at first glance But also as these numbers form the basis of rewards paid in bug bounty systems Inconsistent CVSS could lead to unfair payouts *What is this Document FFmpeg had no guideline about CVSS This document describes how to select the CVSS for a FFmpeg related CVE It currently only covers the Base Score *What is the CVSS Base Score *AV Attack High PR Privileges Required S High I High *Things people have set incorrectly *Below are general guidelines and in specific cases other things may apply Attack Vector Quote from | https |
| |
