Feature: Notify only on CVE score change #497
Assignees
Labels
enhancement
New feature or request
Comments
RolphH
changed the title
|
Indeed, notification filters only support CVSS v3.1 at the moment, we need to improve this. We have a lot of issues to deal with but we will definitely add this one to our backlog ;) |
|
Problem is not that it only supports CVSS3.1 score, but I only want to be notified if that score actually changed. Not that (f.e.) when the SSVC changed , I got notified (which is currently happening), as the metrics changed. Example notification setting:
When there are changes to the metrics like this: we still get an alert. While the CVSS score hasn;'t changed. We only want notification on CVSS score changes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem?
We currently get notified in case metrics changed and CVSSv3.1 score is >=9. However, this also notifies is the CVSSv3.1 score isn't changed but other metrics are changed. This causes false reports as usually the CVE is already known.
Do you have a solution in mind, or a suggestion to improve OpenCVE?
We would like to have an extra notification option to notify on CVSSv3.1 Score change
The text was updated successfully, but these errors were encountered: