From 8960c67a82f60f3d308ffbf115914102b0052b65 Mon Sep 17 00:00:00 2001
From: Teppei Fukuda <teppei@elab.ic.i.u-tokyo.ac.jp>
Date: Wed, 6 Jun 2018 18:58:24 +0900
Subject: [PATCH] fix(report): use CVSS score not calculated from severity
 preferentially (#663)

---
 models/vulninfos.go | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

diff --git a/models/vulninfos.go b/models/vulninfos.go
index a6ab0f0a..104ca0c2 100644
--- a/models/vulninfos.go
+++ b/models/vulninfos.go
@@ -514,18 +514,11 @@ func severityToV2ScoreRoughly(severity string) float64 {
 
 // FormatMaxCvssScore returns Max CVSS Score
 func (v VulnInfo) FormatMaxCvssScore() string {
-	v2Max := v.MaxCvss2Score()
-	v3Max := v.MaxCvss3Score()
-	if v2Max.Value.Score <= v3Max.Value.Score {
-		return fmt.Sprintf("%3.1f %s (%s)",
-			v3Max.Value.Score,
-			strings.ToUpper(v3Max.Value.Severity),
-			v3Max.Type)
-	}
+	max := v.MaxCvssScore()
 	return fmt.Sprintf("%3.1f %s (%s)",
-		v2Max.Value.Score,
-		strings.ToUpper(v2Max.Value.Severity),
-		v2Max.Type)
+		max.Value.Score,
+		strings.ToUpper(max.Value.Severity),
+		max.Type)
 }
 
 // Cvss2CalcURL returns CVSS v2 caluclator's URL