Not that it’s relevant to adopt right away, but do note that there is a CVSS 
4.0 now (that was finished quite recently) which is supposed to produce more 
useful severity scores.

> On Nov 6, 2023, at 2:17 PM, Volkan Yazıcı <vol...@yazi.ci> wrote:
> 
> I have created #1948 <https://github.com/apache/logging-log4j2/pull/1948>
> refactoring the Log4j security page. See the PR description for details.
> Reviews are welcome.

Reply via email to