Currently, although the website can render different metrics found in containers:cna:metrics, it doesn't take into account the attached scenarios. The end result can lead to confusion for users of the website.
A couple of examples:
In both cases, because the descriptions of the CVEs are concise and clear, a user can deduce how the metric score is to be taken into account.
However this is not always the case and having the extra scenario information would benefit the readability of the metric section.
Currently, although the website can render different metrics found in
containers:cna:metrics, it doesn't take into account the attached scenarios. The end result can lead to confusion for users of the website.A couple of examples:
GENERALscenario; it seems that the metric is universal for said product and vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2023-39916
https://www.cve.org/CVERecord?id=CVE-2024-0012
In both cases, because the descriptions of the CVEs are concise and clear, a user can deduce how the metric score is to be taken into account.
However this is not always the case and having the extra scenario information would benefit the readability of the metric section.