Require support for CVSS_V2 vectors/scores

[mahesh-ppro]

Hello team,

We are uploading most of our vulnerabilities from Aquasec into defectdojo and about 20% of the vulnerabilities in Aquasec have either CVSS_V2 or CVSS_v4 vectors which are currently not supported in defectdojo. As the support is not there we do not get the vector and scores for these scoring systems in get findings call to defectdojo.

We have a custom mechanism to decide and update the severity of the findings based on CVSS score and EPSS score along with few other parameters as per our business use case.

Is there any plan to support CVSS_V2 and newly added CVSS_V4 scoring system ?

Thanks, Mahesh