Remove hardcoded "Medium" confidence for Container Scanning vulnerabilities
Problem to solve
We're currently setting the confidence on all container scanning vulnerabilities to Medium
. We're not sure of the origin of this decision and it may give users an inaccurate idea of the severity's confidence.
Intended users
Proposal
Let's answer 2 questions:
- Can we dynamically create more accurate confidence for each vulnerability?
- If not, should we instead set the confidence to
Unknown
?
What is the type of buyer?
Edited by Olivier Gonzalez