File: docker-cloud/builds/image-scan.md, CC @londoncalling
/cc @NathanMcCauley @toli
/cc @amegianeg
I'm sorry @londoncalling but do not know anything about Nautilus. I guess @toli can help
Hey all, the vulnerability scores (a.k.a. CVSS) are defined by the entity that issues the vulnerability (one example is NVD: https://nvd.nist.gov)
We follow the severity range from here: https://www.first.org/cvss/specification-document#5-Qualitative-Severity-Rating-Scale
which is:
None: 0.0
Low/Minor: 0.1-3.9
Medium/Major: 4.0-6.9
High/Critical: 7.0-8.9
Critical: 9.0-10.0
Thanks @venalen I'll add some of this clarification information to the docs.