You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The exclusively-hosted-service and unsupported-when-assigned tags (glossary, schema) apply to the entire CNA container. Should they instead apply to an affected element?
Real world example: Given a CVE ID that affects Adminer (unsupported, will not be fixed) and AdminerEvo (fork of Adminer, supported, fixed), there is currently not a machine-readable way to specifify that Adminer is EOL.
Example: A CVE ID affects software that exists both as a service and an "on-prem" product. It is not possible to indicate that one affected element is a cloud service while another element is not.
The text was updated successfully, but these errors were encountered:
The exclusively-hosted-service and unsupported-when-assigned tags (glossary, schema) apply to the entire CNA container. Should they instead apply to an
affected
element?Real world example: Given a CVE ID that affects Adminer (unsupported, will not be fixed) and AdminerEvo (fork of Adminer, supported, fixed), there is currently not a machine-readable way to specifify that Adminer is EOL.
Example: A CVE ID affects software that exists both as a service and an "on-prem" product. It is not possible to indicate that one
affected
element is a cloud service while another element is not.The text was updated successfully, but these errors were encountered: