Skip to content

Provide help to determine whether or not a CVE is warranted

Submitted by Wayne Beaton @wbeaton

Link to original bug (#558854)

Description

A CVE is generally warranted when a vulnerability is identified in released code. The converse is that a CVE is generally not warranted for a vulnerability detected in a random commit or milestone build; though, there is some grey area.

We need more here.