5 ways to fix misleading vulnerability severities with policy

GitLab vulnerability management policies override default CVSS severity levels based on custom rules and your risk model.

• •Match criteria include CVE ID, CWE ID, file path, directory; override operations are Set, Increase, or Decrease Severity
• •Use cases: downgrade CVEs in internal services, upgrade injection vulnerabilities in production code, normalize scanner inconsistencies
• •Policies can align with threat intelligence (CISA KEV, EPSS) to prioritize actively exploited vulnerabilities
• •Scale at group level across hundreds of projects with audit logging of all changes

This summary was automatically generated by AI based on the original article and may not be fully accurate.