Be more explicit about Class E
In our taxonomy, Class E is not meant to apply to hardening opportunities (which are also technically not vulnerabilities). Be clearer that they are excluded by E. Change-Id: I4830b954104da03bc83e7c3533544a564b4837ce
This commit is contained in:
parent
b9badf287f
commit
ddfbe1e123
|
@ -198,7 +198,8 @@ warrant an advisory.
|
|||
| | OSSN | (some) security implications, e.g., |
|
||||
| | | strengthening opportunities |
|
||||
+----------+-----------+-------------------------------------------+
|
||||
| Class E | | Not a vulnerability at all |
|
||||
| Class E | | Neither a vulnerability nor hardening |
|
||||
| | | opportunity |
|
||||
+----------+-----------+-------------------------------------------+
|
||||
| Class Y | | Vulnerability only found in development |
|
||||
| | | release |
|
||||
|
|
Loading…
Reference in New Issue