Whatever is in the UI is the most up-to-date and correct information for this and all other similar issues at the point in time we look at the vulnerability. As more data comes in, this is reflected in the display.
Linux vulnerabilities do not always have all data when they are first added, they are enriched over time with the additional metadata (CVSS vector, distro-specific metadata etc) and changed accordingly as that data is made available. When there is no data we take a risk-averse approach of treating vulnerabilities as high until proven otherwise.
It is highly likely that this vulnerability (like all Linux vulnerabilities) will also be updated and its metadata adjusted as we get more data (the CVSS vector is now available on NVD for instance so this vulnerability will likely be adjusted to Medium when that comes into the system).
So we recommend you wait for a while and check again, and you will see the CVSS score in the API response as well.