From e2e1d9751aff0f6413b0fb96dc2bb335d1d166d9 Mon Sep 17 00:00:00 2001
From: Daniel Hawton <daniel@hawton.org>
Date: Wed, 10 Apr 2024 04:28:24 -0600
Subject: [PATCH] Fix CVSS Vector Calculator Link Gen (#14863)

Not sure if NVD changed the format of the calculator link or we just
missed this, but basically the vector calculator does not support
`CVSS:x.x/` as part of the vector to define the version to use. It's a
seperate arg. Split it out, but default to 3.1 which is the newest
version.

Signed-off-by: Daniel Hawton <daniel.hawton@solo.io>
---
 content/en/news/security/istio-security-2019-001/index.md | 3 ++-
 content/en/news/security/istio-security-2019-002/index.md | 3 ++-
 content/en/news/security/istio-security-2019-003/index.md | 3 ++-
 content/en/news/security/istio-security-2019-004/index.md | 3 ++-
 content/en/news/security/istio-security-2019-005/index.md | 3 ++-
 content/en/news/security/istio-security-2019-006/index.md | 2 +-
 content/en/news/security/istio-security-2019-007/index.md | 3 ++-
 content/en/news/security/istio-security-2022-003/index.md | 2 +-
 content/en/news/security/istio-security-2022-004/index.md | 2 +-
 content/en/news/security/istio-security-2022-005/index.md | 2 +-
 content/en/news/security/istio-security-2022-006/index.md | 2 +-
 content/en/news/security/istio-security-2022-007/index.md | 2 +-
 content/en/news/security/istio-security-2022-008/index.md | 2 +-
 content/en/news/security/istio-security-2023-001/index.md | 3 ++-
 content/en/news/security/istio-security-2023-002/index.md | 2 +-
 content/en/news/security/istio-security-2023-003/index.md | 2 +-
 content/en/news/security/istio-security-2023-004/index.md | 2 +-
 content/en/news/security/istio-security-2024-001/index.md | 2 +-
 content/en/news/security/istio-security-2024-002/index.md | 2 +-
 content/zh/news/security/istio-security-2019-001/index.md | 3 ++-
 content/zh/news/security/istio-security-2019-002/index.md | 3 ++-
 content/zh/news/security/istio-security-2019-003/index.md | 3 ++-
 content/zh/news/security/istio-security-2019-004/index.md | 3 ++-
 content/zh/news/security/istio-security-2019-005/index.md | 3 ++-
 content/zh/news/security/istio-security-2019-006/index.md | 2 +-
 content/zh/news/security/istio-security-2019-007/index.md | 3 ++-
 content/zh/news/security/istio-security-2022-003/index.md | 2 +-
 content/zh/news/security/istio-security-2022-004/index.md | 2 +-
 content/zh/news/security/istio-security-2022-005/index.md | 2 +-
 content/zh/news/security/istio-security-2022-006/index.md | 2 +-
 content/zh/news/security/istio-security-2022-007/index.md | 2 +-
 content/zh/news/security/istio-security-2022-008/index.md | 2 +-
 content/zh/news/security/istio-security-2023-001/index.md | 3 ++-
 content/zh/news/security/istio-security-2023-002/index.md | 2 +-
 content/zh/news/security/istio-security-2023-003/index.md | 2 +-
 content/zh/news/security/istio-security-2023-004/index.md | 2 +-
 content/zh/news/security/istio-security-2024-001/index.md | 2 +-
 layouts/news/security-grid.html                           | 4 +++-
 layouts/shortcodes/security_bulletin.html                 | 3 ++-
 39 files changed, 56 insertions(+), 39 deletions(-)

diff --git a/content/en/news/security/istio-security-2019-001/index.md b/content/en/news/security/istio-security-2019-001/index.md
index 333b9d9b90..7f1b49a185 100644
--- a/content/en/news/security/istio-security-2019-001/index.md
+++ b/content/en/news/security/istio-security-2019-001/index.md
@@ -4,7 +4,8 @@ subtitle: Security Bulletin
 description: Incorrect access control.
 cves: [CVE-2019-12243]
 cvss: "8.9"
-vector: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C"
+vector: "AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.6"]
 publishdate: 2019-05-28
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2019-002/index.md b/content/en/news/security/istio-security-2019-002/index.md
index ceeb8b82f5..817659698c 100644
--- a/content/en/news/security/istio-security-2019-002/index.md
+++ b/content/en/news/security/istio-security-2019-002/index.md
@@ -4,7 +4,8 @@ subtitle: Security Bulletin
 description: Denial of service affecting JWT access token parsing.
 cves: [CVE-2019-12995]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C"
+cvss_version: "3.0"
 releases: ["1.0 to 1.0.8", "1.1 to 1.1.9", "1.2 to 1.2.1"]
 publishdate: 2019-06-28
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2019-003/index.md b/content/en/news/security/istio-security-2019-003/index.md
index 5057f3b871..3237262716 100644
--- a/content/en/news/security/istio-security-2019-003/index.md
+++ b/content/en/news/security/istio-security-2019-003/index.md
@@ -4,7 +4,8 @@ subtitle: Security Bulletin
 description: Denial of service in regular expression parsing.
 cves: [CVE-2019-14993]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.12", "1.2 to 1.2.3"]
 publishdate: 2019-08-13
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2019-004/index.md b/content/en/news/security/istio-security-2019-004/index.md
index 73f7e3e50d..24ef51dc20 100644
--- a/content/en/news/security/istio-security-2019-004/index.md
+++ b/content/en/news/security/istio-security-2019-004/index.md
@@ -4,7 +4,8 @@ subtitle: Security Bulletin
 description: Multiple denial of service vulnerabilities related to HTTP2 support in Envoy.
 cves: [CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.12", "1.2 to 1.2.3"]
 publishdate: 2019-08-13
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2019-005/index.md b/content/en/news/security/istio-security-2019-005/index.md
index bf8a9eb3cc..59fcd677d2 100644
--- a/content/en/news/security/istio-security-2019-005/index.md
+++ b/content/en/news/security/istio-security-2019-005/index.md
@@ -4,7 +4,8 @@ subtitle: Security Bulletin
 description: Denial of service caused by the presence of numerous HTTP headers in client requests.
 cves: [CVE-2019-15226]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.15", "1.2 to 1.2.6", "1.3 to 1.3.1"]
 publishdate: 2019-10-08
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2019-006/index.md b/content/en/news/security/istio-security-2019-006/index.md
index a850656a6e..0a3c6bf22b 100644
--- a/content/en/news/security/istio-security-2019-006/index.md
+++ b/content/en/news/security/istio-security-2019-006/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: Denial of service.
 cves: [CVE-2019-18817]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C"
 releases: ["1.3 to 1.3.4"]
 publishdate: 2019-11-07
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2019-007/index.md b/content/en/news/security/istio-security-2019-007/index.md
index 788a3b3ac8..67d51bf28f 100644
--- a/content/en/news/security/istio-security-2019-007/index.md
+++ b/content/en/news/security/istio-security-2019-007/index.md
@@ -4,7 +4,8 @@ subtitle: Security Bulletin
 description: Heap overflow and improper input validation in Envoy.
 cves: [CVE-2019-18801,CVE-2019-18802]
 cvss: "9.0"
-vector: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
+vector: "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
+cvss_version: "3.0"
 releases: ["1.2 to 1.2.9", "1.3 to 1.3.5", "1.4 to 1.4.1"]
 publishdate: 2019-12-10
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2022-003/index.md b/content/en/news/security/istio-security-2022-003/index.md
index d0cecd1f35..b62cd5bc39 100644
--- a/content/en/news/security/istio-security-2022-003/index.md
+++ b/content/en/news/security/istio-security-2022-003/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: Multiple CVEs related to istiod Denial of Service and Envoy.
 cves: [CVE-2022-23635, CVE-2021-43824, CVE-2021-43825, CVE-2021-43826, CVE-2022-21654, CVE-2022-21655, CVE-2022-23606]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.11.0", "1.11.0 to 1.11.6", "1.12.0 to 1.12.3", "1.13.0"]
 publishdate: 2022-02-22
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2022-004/index.md b/content/en/news/security/istio-security-2022-004/index.md
index 4390529cfc..ab4c5a534d 100644
--- a/content/en/news/security/istio-security-2022-004/index.md
+++ b/content/en/news/security/istio-security-2022-004/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: Unauthenticated control plane denial of service attack due to stack exhaustion.
 cves: [CVE-2022-24726, CVE-2022-24921]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.11.0", "1.11.0 to 1.11.7", "1.12.0 to 1.12.4", "1.13.0 to 1.13.1"]
 publishdate: 2022-03-09
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2022-005/index.md b/content/en/news/security/istio-security-2022-005/index.md
index 96c716b2e8..c897353d37 100644
--- a/content/en/news/security/istio-security-2022-005/index.md
+++ b/content/en/news/security/istio-security-2022-005/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: Ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing.
 cves: [CVE-2022-31045, CVE-2022-29225, CVE-2022-29224, CVE-2022-29226, CVE-2022-29228, CVE-2022-29227]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.12.0", "1.12.0 to 1.12.7", "1.13.0 to 1.13.4", "1.14.0"]
 publishdate: 2022-06-09
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2022-006/index.md b/content/en/news/security/istio-security-2022-006/index.md
index 285e44372d..669c6c7ae9 100644
--- a/content/en/news/security/istio-security-2022-006/index.md
+++ b/content/en/news/security/istio-security-2022-006/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: Ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing.
 cves: [CVE-2022-31045]
 cvss: "5.9"
-vector: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["1.13.6", "1.14.2"]
 publishdate: 2022-07-26
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2022-007/index.md b/content/en/news/security/istio-security-2022-007/index.md
index 036854c02f..2ffeb20111 100644
--- a/content/en/news/security/istio-security-2022-007/index.md
+++ b/content/en/news/security/istio-security-2022-007/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: Denial of service attack due to Go Regex Library.
 cves: [CVE-2022-39278]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.13", "1.13.0 to 1.13.8", "1.14.0 to 1.14.4", "1.15.0 to 1.15.1"]
 publishdate: 2022-10-12
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2022-008/index.md b/content/en/news/security/istio-security-2022-008/index.md
index 10266d540d..3c4c755f80 100644
--- a/content/en/news/security/istio-security-2022-008/index.md
+++ b/content/en/news/security/istio-security-2022-008/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: Identity impersonation if user has localhost access.
 cves: [CVE-2022-39388]
 cvss: "7.6"
-vector: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"
+vector: "AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"
 releases: ["1.15.2"]
 publishdate: 2022-11-09
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2023-001/index.md b/content/en/news/security/istio-security-2023-001/index.md
index 4564ac2081..ddb5cb9c72 100644
--- a/content/en/news/security/istio-security-2023-001/index.md
+++ b/content/en/news/security/istio-security-2023-001/index.md
@@ -4,7 +4,8 @@ subtitle: Security Bulletin
 description: Multiple CVEs reported by Envoy.
 cves: [CVE-2023-27496, CVE-2023-27488, CVE-2023-27493, CVE-2023-27492, CVE-2023-27491, CVE-2023-27487]
 cvss: "8.2"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"
+cvss_version: "3.0"
 releases: ["All releases prior to 1.15.0", "1.15.0 to 1.15.6", "1.16.0 to 1.16.3", "1.17.0 to 1.17.1"]
 publishdate: 2023-04-04
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2023-002/index.md b/content/en/news/security/istio-security-2023-002/index.md
index a16366bf81..8d7123ef27 100644
--- a/content/en/news/security/istio-security-2023-002/index.md
+++ b/content/en/news/security/istio-security-2023-002/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: CVE reported by Envoy.
 cves: [CVE-2023-35945]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.16.0", "1.16.0 to 1.16.5", "1.17.0 to 1.17.3", "1.18.0"]
 publishdate: 2023-07-14
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2023-003/index.md b/content/en/news/security/istio-security-2023-003/index.md
index 8ae4c1fb3d..83abb8cc6e 100644
--- a/content/en/news/security/istio-security-2023-003/index.md
+++ b/content/en/news/security/istio-security-2023-003/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: CVEs reported by Envoy.
 cves: [CVE-2023-35941,CVE-2023-35942,CVE-2023-35943,CVE-2023-35944]
 cvss: "8.6"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
 releases: ["All releases prior to 1.16.0", "1.16.0 to 1.16.6", "1.17.0 to 1.17.4", "1.18.0 to 1.18.1"]
 publishdate: 2023-07-25
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2023-004/index.md b/content/en/news/security/istio-security-2023-004/index.md
index d17f3b3e1b..94eed560eb 100644
--- a/content/en/news/security/istio-security-2023-004/index.md
+++ b/content/en/news/security/istio-security-2023-004/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: CVEs reported by Envoy and Go.
 cves: [CVE-2023-44487, CVE-2023-39325]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.17.0", "1.17.0 to 1.17.6", "1.18.0 to 1.18.3", "1.19.0 to 1.19.1"]
 publishdate: 2023-10-11
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2024-001/index.md b/content/en/news/security/istio-security-2024-001/index.md
index 5b8d2e1434..d1990b654a 100644
--- a/content/en/news/security/istio-security-2024-001/index.md
+++ b/content/en/news/security/istio-security-2024-001/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: CVEs reported by Envoy.
 cves: [CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327]
 cvss: "8.6"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
+vector: "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
 releases: ["All releases prior to 1.19.0", "1.19.0 to 1.19.6", "1.20.0 to 1.20.2"]
 publishdate: 2024-02-09
 keywords: [CVE]
diff --git a/content/en/news/security/istio-security-2024-002/index.md b/content/en/news/security/istio-security-2024-002/index.md
index 9bd0c08369..533cc76788 100644
--- a/content/en/news/security/istio-security-2024-002/index.md
+++ b/content/en/news/security/istio-security-2024-002/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: CVEs reported by Envoy and Go.
 cves: [CVE-2024-27919, CVE-2024-30255, CVE-2023-45288]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.19.0", "1.19.0 to 1.19.8", "1.20.0 to 1.20.4", "1.21.0"]
 publishdate: 2024-04-08
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2019-001/index.md b/content/zh/news/security/istio-security-2019-001/index.md
index 1c5cf5fc89..8bd14d7dd8 100644
--- a/content/zh/news/security/istio-security-2019-001/index.md
+++ b/content/zh/news/security/istio-security-2019-001/index.md
@@ -4,7 +4,8 @@ subtitle: 安全公告
 description: 错误的权限控制。
 cves: [CVE-2019-12243]
 cvss: "8.9"
-vector: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C"
+vector: "AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.6"]
 publishdate: 2019-05-28
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2019-002/index.md b/content/zh/news/security/istio-security-2019-002/index.md
index 37ec350296..6a4aaa4f87 100644
--- a/content/zh/news/security/istio-security-2019-002/index.md
+++ b/content/zh/news/security/istio-security-2019-002/index.md
@@ -4,7 +4,8 @@ subtitle: 安全公告
 description: CVE-2019-12995 所披露的安全漏洞。
 cves: [CVE-2019-12995]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C"
+cvss_version: "3.0"
 releases: ["1.0 to 1.0.8", "1.1 to 1.1.9", "1.2 to 1.2.1"]
 publishdate: 2019-06-28
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2019-003/index.md b/content/zh/news/security/istio-security-2019-003/index.md
index f3bde4beb8..3cbfb5566c 100644
--- a/content/zh/news/security/istio-security-2019-003/index.md
+++ b/content/zh/news/security/istio-security-2019-003/index.md
@@ -4,7 +4,8 @@ subtitle: 安全公告
 description: 解析正则表达式导致的拒绝服务。
 cves: [CVE-2019-14993]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.12", "1.2 to 1.2.3"]
 publishdate: 2019-08-13
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2019-004/index.md b/content/zh/news/security/istio-security-2019-004/index.md
index e99084ded4..ba7c97b9f5 100644
--- a/content/zh/news/security/istio-security-2019-004/index.md
+++ b/content/zh/news/security/istio-security-2019-004/index.md
@@ -4,7 +4,8 @@ subtitle: 安全公告
 description: 与 Envoy 中的 HTTP2 支持相关的多个拒绝服务的漏洞。
 cve: [CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.12", "1.2 to 1.2.3"]
 publishdate: 2019-08-13
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2019-005/index.md b/content/zh/news/security/istio-security-2019-005/index.md
index b2361d069b..957b1e7de7 100644
--- a/content/zh/news/security/istio-security-2019-005/index.md
+++ b/content/zh/news/security/istio-security-2019-005/index.md
@@ -4,7 +4,8 @@ subtitle: 安全公告
 description: 由于客户端请求中存在大量 HTTP（请求）头 而导致的拒绝服务。
 cves: [CVE-2019-15226]
 cvss: "7.5"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+cvss_version: "3.0"
 releases: ["1.1 to 1.1.15", "1.2 to 1.2.6", "1.3 to 1.3.1"]
 publishdate: 2019-10-08
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2019-006/index.md b/content/zh/news/security/istio-security-2019-006/index.md
index 38f77926b6..b254457907 100644
--- a/content/zh/news/security/istio-security-2019-006/index.md
+++ b/content/zh/news/security/istio-security-2019-006/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: 拒绝服务。
 cves: [CVE-2019-18817]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C"
 releases: ["1.3 to 1.3.4"]
 publishdate: 2019-11-07
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2019-007/index.md b/content/zh/news/security/istio-security-2019-007/index.md
index f36a31da97..4fe58b29da 100644
--- a/content/zh/news/security/istio-security-2019-007/index.md
+++ b/content/zh/news/security/istio-security-2019-007/index.md
@@ -4,7 +4,8 @@ subtitle: 安全公告
 description: Envoy 中的堆溢出及错误的输入验证。
 cves: [CVE-2019-18801,CVE-2019-18802]
 cvss: "9.0"
-vector: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
+vector: "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
+cvss_version: "3.0"
 releases: ["1.2 to 1.2.9", "1.3 to 1.3.5", "1.4 to 1.4.1"]
 publishdate: 2019-12-10
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2022-003/index.md b/content/zh/news/security/istio-security-2022-003/index.md
index 260b01342f..f7441f32fe 100644
--- a/content/zh/news/security/istio-security-2022-003/index.md
+++ b/content/zh/news/security/istio-security-2022-003/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: Multiple CVEs related to istiod Denial of Service and Envoy.
 cves: [CVE-2022-23635, CVE-2021-43824, CVE-2021-43825, CVE-2021-43826, CVE-2022-21654, CVE-2022-21655, CVE-2022-23606]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.11.0", "1.11.0 to 1.11.6", "1.12.0 to 1.12.3", "1.13.0"]
 publishdate: 2022-02-22
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2022-004/index.md b/content/zh/news/security/istio-security-2022-004/index.md
index 45a306578c..ea9c680328 100644
--- a/content/zh/news/security/istio-security-2022-004/index.md
+++ b/content/zh/news/security/istio-security-2022-004/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: 由于堆栈耗尽而导致控制平面不能拒绝未经身份验证的服务攻击。
 cves: [CVE-2022-24726, CVE-2022-24921]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.11.0", "1.11.0 to 1.11.7", "1.12.0 to 1.12.4", "1.13.0 to 1.13.1"]
 publishdate: 2022-03-09
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2022-005/index.md b/content/zh/news/security/istio-security-2022-005/index.md
index 818d39b821..05dadbd820 100644
--- a/content/zh/news/security/istio-security-2022-005/index.md
+++ b/content/zh/news/security/istio-security-2022-005/index.md
@@ -4,7 +4,7 @@ subtitle: Security Bulletin
 description: 在某些配置中，发送给 Envoy 的格式错误的请求头可能会导致意外的内存访问冲突，从而产生未定义的行为或崩溃。
 cves: [CVE-2022-31045, CVE-2022-29225, CVE-2022-29224, CVE-2022-29226, CVE-2022-29228, CVE-2022-29227]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["All releases prior to 1.12.0", "1.12.0 to 1.12.7", "1.13.0 to 1.13.4", "1.14.0"]
 publishdate: 2022-06-09
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2022-006/index.md b/content/zh/news/security/istio-security-2022-006/index.md
index cfed42cd78..bd2bbf7c87 100644
--- a/content/zh/news/security/istio-security-2022-006/index.md
+++ b/content/zh/news/security/istio-security-2022-006/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: 在某些配置中，发送给 Envoy 的格式错误的标头可能会导致意外的内存访问，从而导致未定义的行为或崩溃。
 cves: [CVE-2022-31045]
 cvss: "5.9"
-vector: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["1.13.6", "1.14.2"]
 publishdate: 2022-07-26
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2022-007/index.md b/content/zh/news/security/istio-security-2022-007/index.md
index c96c86af72..466488a1b6 100644
--- a/content/zh/news/security/istio-security-2022-007/index.md
+++ b/content/zh/news/security/istio-security-2022-007/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: 由于 Go 语言正则表达式库造成拒绝服务 (DoS) 攻击。
 cves: [CVE-2022-39278]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["1.13 之前的所有版本", "1.13.0 到 1.13.8", "1.14.0 到 1.14.4", "1.15.0 到 1.15.1"]
 publishdate: 2022-10-12
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2022-008/index.md b/content/zh/news/security/istio-security-2022-008/index.md
index 0871f998e4..f6284bee9c 100644
--- a/content/zh/news/security/istio-security-2022-008/index.md
+++ b/content/zh/news/security/istio-security-2022-008/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: 用户具有 localhost 访问权限时有身份模仿的风险。
 cves: [CVE-2022-39388]
 cvss: "7.6"
-vector: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"
+vector: "AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"
 releases: ["1.15.2"]
 publishdate: 2022-11-09
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2023-001/index.md b/content/zh/news/security/istio-security-2023-001/index.md
index b0db682ce0..8ecbe0c536 100644
--- a/content/zh/news/security/istio-security-2023-001/index.md
+++ b/content/zh/news/security/istio-security-2023-001/index.md
@@ -4,7 +4,8 @@ subtitle: 安全公告
 description: Envoy 上报的众多 CVE 漏洞。
 cves: [CVE-2023-27496, CVE-2023-27488, CVE-2023-27493, CVE-2023-27492, CVE-2023-27491, CVE-2023-27487]
 cvss: "8.2"
-vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"
+cvss_version: "3.0"
 releases: ["1.15.0 之前的所有版本", "1.15.0 到 1.15.6", "1.16.0 到 1.16.3", "1.17.0 到 1.17.1"]
 publishdate: 2023-04-04
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2023-002/index.md b/content/zh/news/security/istio-security-2023-002/index.md
index 22ed816651..284a85cb51 100644
--- a/content/zh/news/security/istio-security-2023-002/index.md
+++ b/content/zh/news/security/istio-security-2023-002/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: Envoy 上报的 CVE 漏洞。
 cves: [CVE-2023-35945]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["1.16.0 以及之前的所有版本", "1.16.0 到 1.16.5", "1.17.0 到 1.17.3", "1.18.0"]
 publishdate: 2023-07-14
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2023-003/index.md b/content/zh/news/security/istio-security-2023-003/index.md
index aa5f3e8a3e..6925f14bd1 100644
--- a/content/zh/news/security/istio-security-2023-003/index.md
+++ b/content/zh/news/security/istio-security-2023-003/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: Envoy 上报的 CVE 漏洞。
 cves: [CVE-2023-35941,CVE-2023-35942,CVE-2023-35943,CVE-2023-35944]
 cvss: "8.6"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
 releases: ["1.16.0 以及之前的所有版本", "1.16.0 到 1.16.6", "1.17.0 到 1.17.4", "1.18.0 到 1.18.1"]
 publishdate: 2023-07-25
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2023-004/index.md b/content/zh/news/security/istio-security-2023-004/index.md
index fcb4a75aae..703b59a9ec 100644
--- a/content/zh/news/security/istio-security-2023-004/index.md
+++ b/content/zh/news/security/istio-security-2023-004/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: Envoy 和 Go 上报的 CVE 漏洞。
 cves: [CVE-2023-44487, CVE-2023-39325]
 cvss: "7.5"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+vector: "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 releases: ["1.17.0 以及之前的所有版本", "1.17.0 到 1.17.6", "1.18.0 到 1.18.3", "1.19.0 到 1.19.1"]
 publishdate: 2023-10-11
 keywords: [CVE]
diff --git a/content/zh/news/security/istio-security-2024-001/index.md b/content/zh/news/security/istio-security-2024-001/index.md
index 27f0c4a5ef..b5d229a762 100644
--- a/content/zh/news/security/istio-security-2024-001/index.md
+++ b/content/zh/news/security/istio-security-2024-001/index.md
@@ -4,7 +4,7 @@ subtitle: 安全公告
 description: Envoy 上报的 CVE 漏洞。
 cves: [CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327]
 cvss: "8.6"
-vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
+vector: "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
 releases: ["1.19.0 之前的所有版本", "1.19.0 到 1.19.6", "1.20.0 到 1.20.2"]
 publishdate: 2024-02-09
 keywords: [CVE]
diff --git a/layouts/news/security-grid.html b/layouts/news/security-grid.html
index 44c228216a..acaa3e44ee 100644
--- a/layouts/news/security-grid.html
+++ b/layouts/news/security-grid.html
@@ -42,7 +42,9 @@
 
                                     <td class="score">
                                         {{ if .Params.cvss }}
-                                            <a href="https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector={{ .Params.vector }}">{{ .Params.cvss }}</a>
+                                        <a href="https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector={{ .Params.vector }}&version={{ default "3.1" .Params.cvss_version }}">
+                                            {{ .Params.cvss }}
+                                        </a>
                                         {{ end }}
                                     </td>
 
diff --git a/layouts/shortcodes/security_bulletin.html b/layouts/shortcodes/security_bulletin.html
index 2786123801..3fdfdef28d 100644
--- a/layouts/shortcodes/security_bulletin.html
+++ b/layouts/shortcodes/security_bulletin.html
@@ -2,6 +2,7 @@
 {{ $cvss := .Page.Params.cvss }}
 {{ $vector := .Page.Params.vector }}
 {{ $releases := .Page.Params.releases }}
+{{ $cvss_version := default "3.1" .Page.Params.cvss_version }}
 
 <table>
     <thead>
@@ -20,7 +21,7 @@
         </tr>
         <tr>
             <td>{{ i18n "security_bulletin_cvss" }}</td>
-            <td>{{ $cvss }} <a href="https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector={{ $vector }}">{{ $vector }}</a></td>
+            <td>{{ $cvss }} <a href="https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector={{ $vector }}&version={{ $cvss_version }}">{{ $vector }}</a></td>
         </tr>
         <tr>
             <td>{{ i18n "security_bulletin_affected_releases" }}</td>