CVSS (Common Vulnerability Scoring System) - CI/CD Glossary Definition
CVSS is a standard for scoring the severity of a vulnerability on a 0.0 to 10.0 scale from a vector of metrics (attack vector, complexity, privileges required, impact). It converts a CVE into a comparable number.
Severity bands
CVSS v3 maps scores to bands: 0.1-3.9 Low, 4.0-6.9 Medium, 7.0-8.9 High, 9.0-10.0 Critical. Scanners often gate builds on a CVSS threshold.
Related guides
CVE (Common Vulnerabilities and Exposures) - CI/CD Glossary DefinitionCVE (Common Vulnerabilities and Exposures): A CVE is a unique identifier (e.g. `CVE-2021-44228`) assigned to…
Threshold Gate - CI/CD Glossary DefinitionThreshold Gate: A threshold gate is a pipeline check that passes or fails based on whether a measured value c…
False Positive - CI/CD Glossary DefinitionFalse Positive: A false positive is a finding a tool reports that is not actually a real problem, for example…