CvssSeverityType
Summary
Specifies the CVSS base, temporal, threat, or environmental severity type.
Description
CvssSeverityType specifies the Common Vulnerability Scoring System (CVSS) severity type, defined in the CVSS specifications as the textual representation of the numeric CVSS score.
The severity type entries are inclusive of and applicable to enumerations found in Common Vulnerability Scoring System v3.0: Specification Document and Common Vulnerability Scoring System version 4.0: Specification Document.
CvssSeverityType is a mandatory field because baseSeverity is required in the CVSS 3.0 schema, CVSS 3.1 schema, and CVSS 4.0 schema.
The field can be used to document the base, temporal, threat, or environmental severity.
Metadata
https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType
Name | CvssSeverityType |
Entries
- critical: When a CVSS score is between 9.0 - 10.0
- high: When a CVSS score is between 7.0 - 8.9
- low: When a CVSS score is between 0.1 - 3.9
- medium: When a CVSS score is between 4.0 - 6.9
- none: When a CVSS score is 0.0