Remove hardcoded "Medium" confidence for Container Scanning vulnerabilities
Problem to solve
We're currently setting the confidence on all container scanning vulnerabilities to Medium. We're not sure of the origin of this decision and it may give users an inaccurate idea of the severity's confidence.
Intended users
Proposal
Let's answer 2 questions:
- Can we dynamically create more accurate confidence for each vulnerability?
- If not, should we instead set the confidence to
Unknown?
What is the type of buyer?
Edited by Olivier Gonzalez