cvss-suite 1.0.1 → 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/cvss_suite.gemspec +45 -1
- data/lib/cvss_suite/cvss.rb +5 -5
- data/lib/cvss_suite/version.rb +1 -1
- metadata +45 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ea284092d41dfe479cb616872fe7ec5a21df942
|
|
4
|
+
data.tar.gz: ad6f1417558619068e54d1e310d1b3f7a496bad7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 89b23a2086ef76bf0e5858dac1bea67a3f0f5d3fb37cfc7e134bfbdd9e949faecdb7126e5191a0d74c1408f19d3d07db5b8ada00fc40bbe89f417911e952a9ae
|
|
7
|
+
data.tar.gz: 0cf55d0f5e3dbee3fccecdffdeef10b6668c644f5105e3338ce7c9100a726632103928be666bad16169e1d621ef59331c73e548681310934dd95172fe648da32
|
data/cvss_suite.gemspec
CHANGED
|
@@ -12,7 +12,51 @@ Gem::Specification.new do |spec|
|
|
|
12
12
|
|
|
13
13
|
spec.summary = %q{Ruby gem for processing cvss vectors.}
|
|
14
14
|
spec.description = %q{This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
|
15
|
-
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
|
15
|
+
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
|
16
|
+
|
|
17
|
+
Homepage is still in progress and will be published soon (along with full documentation).
|
|
18
|
+
|
|
19
|
+
## Usage
|
|
20
|
+
|
|
21
|
+
```ruby
|
|
22
|
+
require 'cvss_suite'
|
|
23
|
+
|
|
24
|
+
cvss = CvssSuite.new('AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M')
|
|
25
|
+
|
|
26
|
+
vector = cvss.vector # 'AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M'
|
|
27
|
+
version = cvss.version # 2
|
|
28
|
+
|
|
29
|
+
# Scores
|
|
30
|
+
base_score = cvss.base_score # 4.9
|
|
31
|
+
temporal_score = cvss.temporal_score # 3.6
|
|
32
|
+
environmental_score = cvss.environmental_score # 3.2
|
|
33
|
+
overall_score = cvss.overall_score # 3.2
|
|
34
|
+
|
|
35
|
+
# Available options
|
|
36
|
+
access_vector = cvss.base.access_vector.name # 'Access Vector'
|
|
37
|
+
remediation_level = cvss.temporal.remediation_level.name # 'Remediation Level'
|
|
38
|
+
|
|
39
|
+
access_vector.choices.each do |choice|
|
|
40
|
+
choice[:name] # 'Local', 'Adjacent Network', 'Network'
|
|
41
|
+
choice[:abbreviation] # 'L', 'A', 'N'
|
|
42
|
+
choice[:selected] # false, true, false
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
# Selected options
|
|
46
|
+
cvss.base.access_vector.selected_choice[:name] # Adjacent Network
|
|
47
|
+
cvss.temporal.remediation_level.selected_choice[:name] # Temporary Fix
|
|
48
|
+
|
|
49
|
+
# Exceptions
|
|
50
|
+
|
|
51
|
+
CvssSuite.new('random_string') # will throw a RuntimeError: Vector is not valid!
|
|
52
|
+
CvssSuite.new() # will throw a ArgumentError
|
|
53
|
+
|
|
54
|
+
cvss = CvssSuite.new('AV:N/AC:P/C:P/AV:U/RL:OF/RC:C') # invalid vector, authentication is missing
|
|
55
|
+
|
|
56
|
+
version = cvss.version # 2
|
|
57
|
+
|
|
58
|
+
cvss.base_score # will throw a RuntimeError: Vector is not valid!
|
|
59
|
+
```}
|
|
16
60
|
spec.homepage = "https://github.com/siemens/cvss-suite"
|
|
17
61
|
|
|
18
62
|
# Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
|
data/lib/cvss_suite/cvss.rb
CHANGED
|
@@ -15,19 +15,19 @@ class Cvss
|
|
|
15
15
|
attr_reader :version
|
|
16
16
|
|
|
17
17
|
##
|
|
18
|
-
# Returns the vector itself
|
|
18
|
+
# Returns the vector itself.
|
|
19
19
|
|
|
20
|
-
attr_reader :
|
|
20
|
+
attr_reader :vector
|
|
21
21
|
|
|
22
22
|
##
|
|
23
23
|
# Creates a new CVSS vector by a +vector+ and a +version+.
|
|
24
24
|
#
|
|
25
|
-
# Raises an exception if it is called on Cvss class
|
|
25
|
+
# Raises an exception if it is called on Cvss class.
|
|
26
26
|
|
|
27
27
|
def initialize(vector, version)
|
|
28
28
|
raise 'Do not instantiate this class!' if self.class == Cvss
|
|
29
29
|
@version = version
|
|
30
|
-
@
|
|
30
|
+
@vector = vector
|
|
31
31
|
@properties = []
|
|
32
32
|
extract_metrics
|
|
33
33
|
init_metrics
|
|
@@ -75,7 +75,7 @@ class Cvss
|
|
|
75
75
|
|
|
76
76
|
def prepared_vector
|
|
77
77
|
start_of_vector = @vector_string.index('AV')
|
|
78
|
-
@
|
|
78
|
+
@vector[start_of_vector..-1]
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
def required_amount_of_properties
|
data/lib/cvss_suite/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cvss-suite
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oliver Hamboerger
|
|
@@ -111,6 +111,50 @@ dependencies:
|
|
|
111
111
|
description: |-
|
|
112
112
|
This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
|
113
113
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
|
114
|
+
|
|
115
|
+
Homepage is still in progress and will be published soon (along with full documentation).
|
|
116
|
+
|
|
117
|
+
## Usage
|
|
118
|
+
|
|
119
|
+
```ruby
|
|
120
|
+
require 'cvss_suite'
|
|
121
|
+
|
|
122
|
+
cvss = CvssSuite.new('AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M')
|
|
123
|
+
|
|
124
|
+
vector = cvss.vector # 'AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M'
|
|
125
|
+
version = cvss.version # 2
|
|
126
|
+
|
|
127
|
+
# Scores
|
|
128
|
+
base_score = cvss.base_score # 4.9
|
|
129
|
+
temporal_score = cvss.temporal_score # 3.6
|
|
130
|
+
environmental_score = cvss.environmental_score # 3.2
|
|
131
|
+
overall_score = cvss.overall_score # 3.2
|
|
132
|
+
|
|
133
|
+
# Available options
|
|
134
|
+
access_vector = cvss.base.access_vector.name # 'Access Vector'
|
|
135
|
+
remediation_level = cvss.temporal.remediation_level.name # 'Remediation Level'
|
|
136
|
+
|
|
137
|
+
access_vector.choices.each do |choice|
|
|
138
|
+
choice[:name] # 'Local', 'Adjacent Network', 'Network'
|
|
139
|
+
choice[:abbreviation] # 'L', 'A', 'N'
|
|
140
|
+
choice[:selected] # false, true, false
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
# Selected options
|
|
144
|
+
cvss.base.access_vector.selected_choice[:name] # Adjacent Network
|
|
145
|
+
cvss.temporal.remediation_level.selected_choice[:name] # Temporary Fix
|
|
146
|
+
|
|
147
|
+
# Exceptions
|
|
148
|
+
|
|
149
|
+
CvssSuite.new('random_string') # will throw a RuntimeError: Vector is not valid!
|
|
150
|
+
CvssSuite.new() # will throw a ArgumentError
|
|
151
|
+
|
|
152
|
+
cvss = CvssSuite.new('AV:N/AC:P/C:P/AV:U/RL:OF/RC:C') # invalid vector, authentication is missing
|
|
153
|
+
|
|
154
|
+
version = cvss.version # 2
|
|
155
|
+
|
|
156
|
+
cvss.base_score # will throw a RuntimeError: Vector is not valid!
|
|
157
|
+
```
|
|
114
158
|
email:
|
|
115
159
|
- oliver.hamboerger@siemens.com
|
|
116
160
|
executables: []
|