And related to this, the CVSS Scores on these don't agree for the same CVE - either a mistake or it was updated after creation, or another issue - a couple others I checked did match (though you don't list scores on most announcements):
CVE: 2019-7619:
3.7 - Elastic Stack 6.8.4 security update
CVSSv3: 3.7 - AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 - https://nvd.nist.gov/vuln/detail/CVE-2019-7619#vulnCurrentDescriptionTitle
CVSS:3.1:/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N