Adding CVSS scores for older vulnerabilities #31
Description
Proposed New Idea/Feature (required)
Currently cve.org is lacking CVSS scores for most of the vulnerabilities older than 2024, whether the score comes from the vendor themselves, NIST NVD or an ADP like CISA. An easy example is Log4Shell: https://www.cve.org/CVERecord?id=CVE-2021-44228 while another is libwebp: https://www.cve.org/CVERecord?id=CVE-2023-4863. The average user may not be able to determine who provided the CVSS score either (vendor or external CNA) because that isn't specified. The general public would rely more on cve.org if their CVE database had more CVSS scores and related information populated.
Additional Notes (Optional)
N/A