CvssSeverityType
Summary
Specifies the CVSS base, temporal, threat, or environmental severity type.
Description
CvssSeverityType specifies the CVSS severity type, defined in the CVSS specifications as the textual representation of the numeric CVSS score. The severity type entries are inclusive of and applicable to enumerations found in CVSS versions 3 and 4. CvssSeverityType is a mandatory field because baseSeverity is required in the CVSS version 3.0, 3.1, and 4.0 schemas. The field can be used to document the base, temporal, threat, or environmental severity.
Metadata
https://spdx.org/rdf/3.0.0/terms/Security/CvssSeverityType
Name | CvssSeverityType |
Entries
- critical: When a CVSS score is between 9.0 - 10.0
- high: When a CVSS score is between 7.0 - 8.9
- low: When a CVSS score is between 0 - 3.9
- medium: When a CVSS score is between 4 - 6.9
- none: When a CVSS score is 0