Home /
technology Podcasts /
Open Source Security /
Episode 201 - We broke CVSSv3, now how do we fix it?

EPISODE · Jun 15, 2020 · 31 MIN

Episode 201 - We broke CVSSv3, now how do we fix it?

from Open Source Security

Josh and Kurt talk about CVSSv3 and how it's broken. We started with a blog post to explain why the NVD CVSS scores are so wrong, and we ended up researching CVSSv3 and found out it's far more broken than any of us expected in ways we didn't expect. NVD isn't broken, CVSSv3 is. How did we get here? Are there any options that work today? Where should we go next? Show Notes Josh's blog post NVD Red Hat security data Josh's CVE data project Microsoft security ratings scale

NOW PLAYING

Episode 201 - We broke CVSSv3, now how do we fix it?

0:00 31:20

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

58 ~ The end of an era, goodbye Held 🧚🏻‍♀️ 🐍 🐎

Feb 18, 2026 ·26m

Episode 5 – AI-AI-Oh…

Jul 24, 2025 ·73m

Episode 4 – Our BSides A-game

Nov 3, 2024 ·52m

Episode 3 – Artificial Red No.3

Sep 26, 2024 ·67m

Episode 2 – On Ground at DEF CON 32

Sep 16, 2024 ·139m

Episode 1 – Naima & Nathan

Aug 14, 2024 ·76m

Similar Podcasts

Technado (Archived) ACI Learning The Technado crew covers a whirlwind of tech topics each week from interviews with industry experts and up-and-coming companies to commentary on topics like security, vendor certifications, networking, and just about anything IT related. Explicit TCAST: The Future of Data & AI TARTLE The Data Intelligence Podcast (TCAST) explores the intersection of AI, data privacy, and ethical technology. Join Alexander McCaig and Jason Rigby as they decode the future of data ownership, artificial intelligence, and digital privacy with industry leaders, researchers, and innovators.Each episode delivers actionable insights on:AI and machine learning developmentsData privacy and ownership strategiesEthical technology implementationReal-world applications of data intelligenceFuture trends in digital identity and data marketplacesPerfect for tech leaders, data scientists, privacy advocates, and forward-thinking professionals looking to understand and shape the future of data and AI.Presented by TARTLE, pioneers in ethical data exchange and AI enhancement. New episodes every week.The show is hosted by Co-Founder and Source Data Pioneer Alexander McCaig and Head of Conscious Marketing Jason Rigby.What's your data worth? Find out at (https://tartle.co/)Watch the podcast on Yo Explicit Techlore Surveillance Report Techlore Techlore Surveillance Report is your weekly deep-dive into the privacy and security news that matters for your digital freedom. Hosted by Henry Fisher, founder of Techlore and long-time digital rights educator, each episode cuts through the noise to bring you carefully selected stories with the context, analysis, and historical perspective you need to truly understand what's happening to protect yourself (and others!) in the digital space.Topics covered include:• Privacy tool updates and vulnerabilities• Data breaches and cybersecurity incidents• Surveillance technology and government overreach• Big Tech privacy policies and practices• Encryption and security standards• Digital rights legislation and court cases• Open-source software developments• Corporate data practices and accountabilityWhether you're a beginner trying to stay informed or a seasoned expert tracking the ecosystem, Surveillance Report has Explicit BellingChat Bellingcat Join the Bellingcat team as they discuss their latest work for Bellingcat, open source investigation, and their takes on recent news stories. For more information on BellingChat and our investigations please visit www.bellingcat.comTo support our work and to access exclusive content please donate via www.patreon.com/bellingcat Explicit

Frequently Asked Questions

How long is this episode of Open Source Security?

This episode is 31 minutes long.

When was this Open Source Security episode published?

This episode was published on June 15, 2020.

What is this episode about?

Josh and Kurt talk about CVSSv3 and how it's broken. We started with a blog post to explain why the NVD CVSS scores are so wrong, and we ended up researching CVSSv3 and found out it's far more broken than any of us expected in ways we didn't expect....

Can I download this Open Source Security episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.

URL copied to clipboard!