Provide help to determine whether or not a CVE is warranted
Submitted by Wayne Beaton
A CVE is generally warranted when a vulnerability is identified in released code. The converse is that a CVE is generally not warranted for a vulnerability detected in a random commit or milestone build; though, there is some grey area.
We need more here.