cvss-suite 1.2.0 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6aacfd5bb6fb48310c6c6c5cb2821a247971ef6115cb7c4c86dddb4335d8dafd
4
- data.tar.gz: 5c881abb0186de84cb10596ff12333a9e8934ed290b8fe762471aaf82f008177
3
+ metadata.gz: 8d6c9f7e41ba7184e8140cf17c6fc0a1b2dced70a3a0e80a603700c2517f413c
4
+ data.tar.gz: 8277aaf7c847feb0d83adcf96f33e85dbbaa4916bb84fb3b1fad5fc1eb99ef57
5
5
  SHA512:
6
- metadata.gz: 293c41865c1905f2ca44a34d7298813484312af93deb77f443411222df307df80f4a40781af2137b05f561e66fd8317196b5a8512ea82c21d565d4eb221492ff
7
- data.tar.gz: 3c33b092a180ca728add5bcb4380881789f98652cf5476eb841ee23ee8b38a72e56cd7be916cfb297aa644d470830280826086561850c4625228a06e43bb82f2
6
+ metadata.gz: 3640b87d41a2b7533b756b416e115e8cde0bb4459a8aefe325d0db82816b48dc0b3f32bd2d6c9dde4ab48ec0bec94efc8572e0c94412618070a45ab04012dd04
7
+ data.tar.gz: fe15648aa4362009d44ef9159e38f40494b09911582845b29732cb6c6512694c6bdf4d3b57ec412a6e9e76c783c197746dd76a2cce79ce298facad8f4a8ac334
@@ -0,0 +1,23 @@
1
+ name: RSpec
2
+
3
+ on: [push,pull_request]
4
+
5
+ jobs:
6
+ build:
7
+
8
+ runs-on: ubuntu-latest
9
+ strategy:
10
+ matrix:
11
+ ruby: [ '2.6', '2.7', '3.0', '3.1' ]
12
+ steps:
13
+ - uses: actions/checkout@v2
14
+ - name: Set up ${{ matrix.ruby }}
15
+ uses: ruby/setup-ruby@v1
16
+ with:
17
+ ruby-version: ${{ matrix.ruby }}
18
+ - name: Install gems
19
+ run: |
20
+ gem install bundler -v ">= 1.10"
21
+ bundle install --jobs 4 --retry 3
22
+ - name: Run tests
23
+ run: bundle exec rspec spec
@@ -0,0 +1,22 @@
1
+ name: Rubocop
2
+
3
+ on: [push,pull_request]
4
+
5
+ jobs:
6
+ build:
7
+
8
+ runs-on: ubuntu-latest
9
+
10
+ steps:
11
+ - uses: actions/checkout@v2
12
+ - name: Set up Ruby 2.6
13
+ uses: ruby/setup-ruby@v1
14
+ with:
15
+ ruby-version: 2.6
16
+ - name: Install gems
17
+ run: |
18
+ gem update --system
19
+ gem install bundler -v ">= 1.10"
20
+ gem install rubocop
21
+ - name: Run checks
22
+ run: rubocop -F --fail-level C -f s
data/.rubocop.yml CHANGED
@@ -1,2 +1,48 @@
1
+ inherit_from: .rubocop_todo.yml
2
+
3
+ AllCops:
4
+ TargetRubyVersion: 2.6
5
+ SuggestExtensions: false
6
+
1
7
  Metrics/LineLength:
2
- Max: 120
8
+ Max: 120
9
+ Exclude:
10
+ - 'lib/cvss_suite/cvss3/cvss3_environmental.rb'
11
+ - 'lib/cvss_suite/cvss31/cvss31_environmental.rb'
12
+
13
+ Metrics/ClassLength:
14
+ Exclude:
15
+ - 'lib/cvss_suite/cvss3/cvss3_environmental.rb'
16
+ - 'lib/cvss_suite/cvss31/cvss31_environmental.rb'
17
+
18
+ Metrics/MethodLength:
19
+ Exclude:
20
+ - 'lib/cvss_suite/cvss3/cvss3_environmental.rb'
21
+ - 'lib/cvss_suite/cvss31/cvss31_environmental.rb'
22
+
23
+ Metrics/BlockLength:
24
+ Exclude:
25
+ - 'spec/cvss2/cvss2_spec.rb'
26
+ - 'spec/cvss3/cvss3_spec.rb'
27
+ - 'spec/cvss31/cvss31_spec.rb'
28
+
29
+ Style/IfUnlessModifier:
30
+ Exclude:
31
+ - 'lib/cvss_suite/cvss3/cvss3_environmental.rb'
32
+ - 'lib/cvss_suite/cvss31/cvss31_environmental.rb'
33
+
34
+ Style/GuardClause:
35
+ Exclude:
36
+ - 'lib/cvss_suite/cvss3/cvss3_environmental.rb'
37
+ - 'lib/cvss_suite/cvss31/cvss31_environmental.rb'
38
+
39
+ Style/ConditionalAssignment:
40
+ Exclude:
41
+ - 'lib/cvss_suite/cvss3/cvss3_environmental.rb'
42
+ - 'lib/cvss_suite/cvss31/cvss31_environmental.rb'
43
+
44
+ Style/FrozenStringLiteralComment:
45
+ Enabled: false
46
+
47
+ Style/AsciiComments:
48
+ Enabled: false
data/.rubocop_todo.yml ADDED
@@ -0,0 +1,59 @@
1
+ # This configuration was generated by
2
+ # `rubocop --auto-gen-config`
3
+ # on 2020-05-05 17:47:10 +0200 using RuboCop version 0.82.0.
4
+ # The point is for the user to remove these configuration records
5
+ # one by one as the offenses are removed from the code base.
6
+ # Note that changes in the inspected code, or installation of new
7
+ # versions of RuboCop, may require this file to be generated again.
8
+
9
+ # Offense count: 1
10
+ Lint/IneffectiveAccessModifier:
11
+ Exclude:
12
+ - 'lib/cvss_suite.rb'
13
+
14
+ # Offense count: 1
15
+ # Configuration parameters: ContextCreatingMethods, MethodCreatingMethods.
16
+ Lint/UselessAccessModifier:
17
+ Exclude:
18
+ - 'lib/cvss_suite.rb'
19
+
20
+ # Offense count: 8
21
+ # Configuration parameters: IgnoredMethods.
22
+ Metrics/AbcSize:
23
+ Max: 35
24
+
25
+ # Offense count: 5
26
+ # Configuration parameters: CountComments, ExcludedMethods.
27
+ # ExcludedMethods: refine
28
+ Metrics/BlockLength:
29
+ Max: 58
30
+
31
+ # Offense count: 2
32
+ # Configuration parameters: CountComments.
33
+ Metrics/ClassLength:
34
+ Max: 101
35
+
36
+ # Offense count: 1
37
+ # Configuration parameters: IgnoredMethods.
38
+ Metrics/CyclomaticComplexity:
39
+ Max: 9
40
+
41
+ # Offense count: 13
42
+ # Configuration parameters: CountComments, ExcludedMethods.
43
+ Metrics/MethodLength:
44
+ Max: 63
45
+
46
+ # Offense count: 1
47
+ # Configuration parameters: CountKeywordArgs.
48
+ Metrics/ParameterLists:
49
+ Max: 6
50
+
51
+ # Offense count: 1
52
+ # Configuration parameters: IgnoredMethods.
53
+ Metrics/PerceivedComplexity:
54
+ Max: 10
55
+
56
+ # Offense count: 1
57
+ Naming/AccessorMethodName:
58
+ Exclude:
59
+ - 'lib/cvss_suite/cvss_property.rb'
data/CHANGES.md CHANGED
@@ -2,6 +2,66 @@
2
2
  All notable changes to this project will be documented in this file.
3
3
  This project adheres to [Semantic Versioning](http://semver.org/).
4
4
 
5
+ ## [3.1.0] - 2022-09-27
6
+
7
+ ### Fixes
8
+ * Metrics are no longer order-dependent. Fixes [#30](https://github.com/0llirocks/cvss-suite/issues/30)
9
+
10
+ ### Improvements
11
+ * Temporal and Environmental metrics can now be partly omitted instead of setting them to X.
12
+
13
+ ## [3.0.1] - 2022-03-13
14
+
15
+ ### Notes
16
+ * Updated specification reference due to [Removing the edit linkset form](https://blog.rubygems.org/2019/03/08/and-then-there-was-one-metadata-links.html) and [Unable to edit gem online](https://github.com/rubygems/rubygems.org/issues/1899)
17
+
18
+ ## [3.0.0] - 2022-03-13
19
+
20
+ ### Breaking Changes
21
+ * Ruby >= 2.6 is now required
22
+
23
+ ### Notes
24
+ * Moved repository to its new home
25
+
26
+ ## [2.0.2] - 2020-12-05
27
+
28
+ ### Fixes
29
+ * CVSS v2 now returns the correct severity values based on NVD recommendation
30
+ * CVSS v2 now supports vectors which are enclosed in parenthesis e.g. (AV:N/AC:L/Au:N/C:P/I:P/A:P)
31
+
32
+ ## [2.0.1] - 2020-07-19
33
+
34
+ ### Fixes
35
+ Fixed an error that resulted in incorrect environmental score if modified attributes were not defined.
36
+
37
+ ## [2.0.0] - 2020-05-10
38
+
39
+ ### Breaking Changes
40
+ * Ruby >= 2.4 is now required
41
+ * Renamed choice/choices to value/values
42
+
43
+ ### Improvements
44
+ * Added CvssSuite module to every class (thanks to @fwininger)
45
+ * Removed override for integer and float (thanks to @fwininger)
46
+ * Added rubocop to development environment (thanks to @fwininger)
47
+
48
+ ### Notes
49
+ Adding CvssSuite module everywhere means it’s no longer possible to access a class without it. Since this only affects the undocumented and ‚internal‘ classes this should not affect you. If you’re using them, stop it.
50
+
51
+ Still works:
52
+
53
+ ```ruby
54
+ cvss = CvssSuite.new('string')
55
+ ```
56
+
57
+ Won’t work anymore (without any code change):
58
+
59
+ ```ruby
60
+ cvss = Cvss31.new('string')
61
+ ```
62
+
63
+ This would need to be CvssSuite::Cvss31.new('string') to work. Or you could include the whole namespace.
64
+
5
65
  ## [1.2.0] - 2019-07-02
6
66
 
7
67
  ### Notes
@@ -71,4 +131,4 @@ Tried to fix an error. It turned out to be a local problem. Due to this I increa
71
131
 
72
132
  ## [1.0.0] - 2016-04-15
73
133
  ### Initial release
74
- First release of this gem.
134
+ First release of this gem.
data/CNAME ADDED
@@ -0,0 +1 @@
1
+ cvss-suite.0lli.rocks
data/CODE_OF_CONDUCT.md CHANGED
@@ -1,8 +1,9 @@
1
1
  CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
 
3
- Copyright (c) Siemens AG, 2016
3
+ Copyright (c) 2016-2022 Siemens AG
4
+ Copyright (c) 2022 0llirocks
4
5
 
5
- Authors: Oliver Hambörger <oliver.hamboerger@siemens.com>
6
+ Authors: 0llirocks <http://0lli.rocks>
6
7
 
7
8
  This work is licensed under the terms of the MIT license.
8
9
  See the LICENSE.md file in the top-level directory.
data/Gemfile CHANGED
@@ -1,9 +1,10 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) Siemens AG, 2016
3
+ # Copyright (c) 2016-2022 Siemens AG
4
+ # Copyright (c) 2022 0llirocks
4
5
  #
5
6
  # Authors:
6
- # Oliver Hambörger <oliver.hamboerger@siemens.com>
7
+ # 0llirocks <http://0lli.rocks>
7
8
  #
8
9
  # This work is licensed under the terms of the MIT license.
9
10
  # See the LICENSE.md file in the top-level directory.
data/LICENSE.md CHANGED
@@ -1,6 +1,7 @@
1
1
  The MIT License (MIT)
2
2
 
3
- Copyright (c) 2016 Siemens AG
3
+ Copyright (c) 2016-2022 Siemens AG
4
+ Copyright (c) 2022 0llirocks
4
5
 
5
6
  Permission is hereby granted, free of charge, to any person obtaining a copy of
6
7
  this software and associated documentation files (the "Software"), to deal in
data/README.md CHANGED
@@ -1,10 +1,11 @@
1
- # CvssSuite
1
+ # CvssSuite for Ruby
2
2
 
3
3
  [![Gem Version](http://img.shields.io/gem/v/cvss-suite.svg)](https://rubygems.org/gems/cvss-suite)
4
- [![Ruby Version](https://img.shields.io/badge/Ruby-2.x-brightgreen.svg)](https://rubygems.org/gems/cvss-suite)
4
+ [![Ruby Version](https://img.shields.io/badge/Ruby-2.6-brightgreen.svg)](https://rubygems.org/gems/cvss-suite)
5
5
  [![Cvss Support](https://img.shields.io/badge/CVSS-v2-brightgreen.svg)](https://www.first.org/cvss/v2/guide)
6
6
  [![Cvss Support](https://img.shields.io/badge/CVSS-v3.0-brightgreen.svg)](https://www.first.org/cvss/v3.0/user-guide)
7
7
  [![Cvss Support](https://img.shields.io/badge/CVSS-v3.1-brightgreen.svg)](https://www.first.org/cvss/v3.1/user-guide)
8
+ [![RSpec](https://github.com/0llirocks/cvss-suite/workflows/RSpec/badge.svg)](https://github.com/0llirocks/cvss-suite/actions)
8
9
 
9
10
  This Ruby gem helps you to process the vector of the [**Common Vulnerability Scoring System**](https://www.first.org/cvss/specification-document).
10
11
  Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
@@ -25,6 +26,14 @@ Or install it yourself as:
25
26
 
26
27
  $ gem install cvss-suite
27
28
 
29
+ ## Version 2.x
30
+
31
+ If you are still using CvssSuite 2.x please refer to the [specific branch](https://github.com/0llirocks/cvss-suite/tree/2.x) for documentation and changelog.
32
+
33
+ ## Version 1.x
34
+
35
+ If you are still using CvssSuite 1.x please refer to the [specific branch](https://github.com/0llirocks/cvss-suite/tree/1.x) for documentation and changelog.
36
+
28
37
  ## Usage
29
38
 
30
39
  ```ruby
@@ -61,15 +70,15 @@ overall_score = cvss.overall_score # 3.2
61
70
  access_vector = cvss.base.access_vector.name # 'Access Vector'
62
71
  remediation_level = cvss.temporal.remediation_level.name # 'Remediation Level'
63
72
 
64
- access_vector.choices.each do |choice|
65
- choice[:name] # 'Local', 'Adjacent Network', 'Network'
66
- choice[:abbreviation] # 'L', 'A', 'N'
67
- choice[:selected] # false, true, false
73
+ access_vector.values.each do |value|
74
+ value[:name] # 'Local', 'Adjacent Network', 'Network'
75
+ value[:abbreviation] # 'L', 'A', 'N'
76
+ value[:selected] # false, true, false
68
77
  end
69
78
 
70
79
  # Selected options
71
- cvss.base.access_vector.selected_choice[:name] # Adjacent Network
72
- cvss.temporal.remediation_level.selected_choice[:name] # Temporary Fix
80
+ cvss.base.access_vector.selected_value[:name] # Adjacent Network
81
+ cvss.temporal.remediation_level.selected_value[:name] # Temporary Fix
73
82
 
74
83
  # Exceptions
75
84
 
@@ -91,23 +100,17 @@ valid = cvss.valid? # false
91
100
  cvss.base_score # will throw CvssSuite::Errors::InvalidVector: Vector is not valid!
92
101
  ```
93
102
 
94
- ## Notable Features
95
-
96
- Properties (Access Vector, Remediation Level, etc) do have a position attribute, with this they can be ordered the same way they appear in the vector.
97
-
98
103
  ## Known Issues
99
104
 
100
- Currently it is not possible to leave an attribute blank instead of ND/X. If you don't have a value for an attribute, please use ND/X instead.
101
-
102
- Because the documentation isn't clear on how to calculate the score if Modified Scope (CVSS 3.0 Environmental) is not defined, Modified Scope has to have a valid value (S/U).
103
-
104
105
  There is a possibility of implementations generating different scores (+/- 0,1) due to small floating-point inaccuracies. This can happen due to differences in floating point arithmetic between different languages and hardware platforms.
105
106
 
106
107
  ## Changelog
107
108
 
108
- [Click here to see all changes.](https://raw.githubusercontent.com/siemens/cvss-suite/master/CHANGES.md)
109
+ [Click here to see all changes.](https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md)
109
110
 
110
111
  ## Contributing
111
112
 
112
- Bug reports and pull requests are welcome on GitHub at https://github.com/siemens/cvss-suite. This project is intended to be a safe, welcoming space for collaboration.
113
+ Bug reports and pull requests are welcome on GitHub at https://github.com/0llirocks/cvss-suite. This project is intended to be a safe, welcoming space for collaboration.
113
114
 
115
+ ## References
116
+ [CvssSuite for .NET](https://cvsssuite.0lli.rocks)
data/_config.yml ADDED
@@ -0,0 +1 @@
1
+ theme: jekyll-theme-cayman
data/bin/console CHANGED
@@ -1,7 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
 
3
- require "bundler/setup"
4
- require "cvss_suite"
3
+ require 'bundler/setup'
4
+ require 'cvss_suite'
5
5
 
6
6
  # You can add fixtures and/or initialization code here to make experimenting
7
7
  # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +10,5 @@ require "cvss_suite"
10
10
  # require "pry"
11
11
  # Pry.start
12
12
 
13
- require "irb"
13
+ require 'irb'
14
14
  IRB.start
data/cvss_suite.gemspec CHANGED
@@ -1,15 +1,17 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) Siemens AG, 2016
3
+ # Copyright (c) 2016-2022 Siemens AG
4
+ # Copyright (c) 2022 0llirocks
4
5
  #
5
6
  # Authors:
6
- # Oliver Hambörger <oliver.hamboerger@siemens.com>
7
+ # 0llirocks <http://0lli.rocks>
7
8
  #
8
9
  # This work is licensed under the terms of the MIT license.
9
10
  # See the LICENSE.md file in the top-level directory.
10
11
 
11
12
  # coding: utf-8
12
- lib = File.expand_path('../lib', __FILE__)
13
+
14
+ lib = File.expand_path('lib', __dir__)
13
15
  $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
14
16
  require 'cvss_suite/version'
15
17
 
@@ -17,24 +19,29 @@ Gem::Specification.new do |spec|
17
19
  spec.name = 'cvss-suite'
18
20
  spec.version = CvssSuite::VERSION
19
21
  spec.license = 'MIT'
20
- spec.authors = ["Oliver Hamboerger"]
21
- spec.email = ["oliver.hamboerger@siemens.com"]
22
+ spec.authors = ['0llirocks']
23
+
24
+ spec.summary = 'Ruby gem for processing cvss vectors.'
25
+ spec.description = 'This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
26
+ Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.'
22
27
 
23
- spec.summary = %q{Ruby gem for processing cvss vectors.}
24
- spec.description = %q{This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
25
- Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.}
26
- spec.homepage = "https://siemens.github.io/cvss-suite/"
28
+ spec.metadata = {
29
+ 'bug_tracker_uri' => 'https://github.com/0llirocks/cvss-suite/issues',
30
+ 'changelog_uri' => 'https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md',
31
+ 'documentation_uri' => "https://www.rubydoc.info/gems/cvss-suite/#{CvssSuite::VERSION}",
32
+ 'homepage_uri' => 'https://cvss-suite.0lli.rocks',
33
+ 'source_code_uri' => 'https://github.com/0llirocks/cvss-suite'
34
+ }
27
35
 
28
- spec.required_ruby_version = '>= 2.0.0'
36
+ spec.required_ruby_version = '>= 2.6.0'
29
37
  spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
30
38
  spec.bindir = 'exe'
31
39
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
32
40
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
33
- spec.require_paths = ["lib"]
41
+ spec.require_paths = ['lib']
34
42
 
35
- spec.add_development_dependency "bundler", "~> 1.10"
36
- spec.add_development_dependency "rspec", "~> 3.4"
37
- spec.add_development_dependency "rspec-its", "~> 1.2"
38
- spec.add_development_dependency "rdoc", "~> 4.2"
39
- spec.add_development_dependency "simplecov", "~> 0.11.2"
43
+ spec.add_development_dependency 'bundler', '>= 1.10'
44
+ spec.add_development_dependency 'rspec', '~> 3.4'
45
+ spec.add_development_dependency 'rspec-its', '~> 1.2'
46
+ spec.add_development_dependency 'simplecov', '~> 0.18'
40
47
  end
@@ -1,125 +1,104 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) Siemens AG, 2016
3
+ # Copyright (c) 2016-2022 Siemens AG
4
+ # Copyright (c) 2022 0llirocks
4
5
  #
5
6
  # Authors:
6
- # Oliver Hambörger <oliver.hamboerger@siemens.com>
7
+ # 0llirocks <http://0lli.rocks>
7
8
  #
8
9
  # This work is licensed under the terms of the MIT license.
9
10
  # See the LICENSE.md file in the top-level directory.
10
11
 
11
- ##
12
- # This class represents any CVSS vector. Do not instantiate this class!
13
-
14
- class Cvss
15
-
16
- ##
17
- # Metric of a CVSS vector.
18
-
19
- attr_reader :base, :temporal, :environmental
20
-
21
- ##
22
- # Returns version of current CVSS vector.
23
-
24
- attr_reader :version
25
-
12
+ module CvssSuite
26
13
  ##
27
- # Returns the vector itself.
28
-
29
- attr_reader :vector
30
-
31
- ##
32
- # Creates a new CVSS vector by a +vector+ and a +version+.
33
- #
34
- # Raises an exception if it is called on Cvss class.
35
-
36
- def initialize(vector, version)
37
- raise CvssSuite::Errors::InvalidParentClass, 'Do not instantiate this class!' if self.class == Cvss
38
- @version = version
39
- @vector = vector
40
- @properties = []
41
- extract_metrics
42
- init_metrics
43
- end
44
-
45
- ##
46
- # Returns if CVSS vector is valid.
14
+ # This class represents any CVSS vector. Do not instantiate this class!
15
+ class Cvss
16
+ ##
17
+ # Metric of a CVSS vector.
18
+ attr_reader :base, :temporal, :environmental
19
+
20
+ ##
21
+ # Returns the vector itself.
22
+ attr_reader :vector
23
+
24
+ ##
25
+ # Creates a new CVSS vector by a +vector+.
26
+ #
27
+ # Raises an exception if it is called on Cvss class.
28
+ def initialize(vector)
29
+ raise CvssSuite::Errors::InvalidParentClass, 'Do not instantiate this class!' if instance_of? Cvss
30
+
31
+ @vector = vector
32
+ @properties = []
33
+ extract_metrics
34
+ init_metrics
35
+ end
47
36
 
48
- def valid?
49
- if @amount_of_properties == required_amount_of_properties
37
+ ##
38
+ # Returns if CVSS vector is valid.
39
+ def valid?
40
+ if @amount_of_properties >= required_amount_of_properties
50
41
  base = @base.valid?
51
42
  temporal = @base.valid? && @temporal.valid?
52
43
  environmental = @base.valid? && @environmental.valid?
53
44
  full = @base.valid? && @temporal.valid? && @environmental.valid?
54
45
  base || temporal || environmental || full
55
- else
56
- false
46
+ else
47
+ false
48
+ end
57
49
  end
58
- end
59
-
60
- ##
61
- # Returns the severity of the CVSS vector.
62
-
63
- def severity
64
- check_validity
65
-
66
- score = overall_score
67
50
 
68
- if 0.0 == score
69
- "None"
70
- elsif (0.1..3.9).include? score
71
- "Low"
72
- elsif (4.0..6.9).include? score
73
- "Medium"
74
- elsif (7.0..8.9).include? score
75
- "High"
76
- elsif (9.0..10.0).include? score
77
- "Critical"
78
- else
79
- "None"
51
+ ##
52
+ # Returns the severity of the CVSS vector.
53
+ def severity
54
+ check_validity
55
+
56
+ score = overall_score
57
+
58
+ if score <= 0.0
59
+ 'None'
60
+ elsif (0.1..3.9).cover? score
61
+ 'Low'
62
+ elsif (4.0..6.9).cover? score
63
+ 'Medium'
64
+ elsif (7.0..8.9).cover? score
65
+ 'High'
66
+ elsif (9.0..10.0).cover? score
67
+ 'Critical'
68
+ else
69
+ 'None'
70
+ end
80
71
  end
81
- end
82
-
83
- ##
84
- # Returns the Overall Score of the CVSS vector.
85
72
 
86
- def overall_score
87
- check_validity
88
- return temporal_score if @temporal.valid? && !@environmental.valid?
89
- return environmental_score if @environmental.valid?
90
- base_score
91
- end
73
+ ##
74
+ # Returns the Overall Score of the CVSS vector.
75
+ def overall_score
76
+ check_validity
77
+ return temporal_score if @temporal.valid? && !@environmental.valid?
78
+ return environmental_score if @environmental.valid?
92
79
 
93
- private
94
-
95
- def extract_metrics
96
- properties = prepared_vector.split('/')
97
- @amount_of_properties = properties.size
98
- properties.each_with_index do |property, index|
99
- property = property.split(':')
100
- @properties.push({ name: property[0], selected: property[1], position: index })
80
+ base_score
101
81
  end
102
- end
103
82
 
104
- def check_validity
105
- raise CvssSuite::Errors::InvalidVector, 'Vector is not valid!' unless valid?
106
- end
83
+ private
107
84
 
108
- def prepared_vector
109
- start_of_vector = @vector.index('AV')
85
+ def extract_metrics
86
+ properties = @vector.split('/')
87
+ @amount_of_properties = properties.size
88
+ properties.each_with_index do |property, index|
89
+ property = property.split(':')
90
+ @properties.push({ name: property[0], selected: property[1], position: index })
91
+ end
92
+ @properties = [] if @properties.group_by { |p| p[:name] }.select { |_k, v| v.size > 1 }.length.positive?
93
+ end
110
94
 
111
- if start_of_vector.nil?
112
- String.new
113
- else
114
- @vector[start_of_vector..-1]
95
+ def check_validity
96
+ raise CvssSuite::Errors::InvalidVector, 'Vector is not valid!' unless valid?
115
97
  end
116
- end
117
98
 
118
- def required_amount_of_properties
119
- total = @base.count if @base.valid?
120
- total += @temporal.count if @temporal.valid?
121
- total += @environmental.count if @environmental.valid?
122
- total ||= 0
99
+ def required_amount_of_properties
100
+ total = @base.count
101
+ total || 0
102
+ end
123
103
  end
124
-
125
- end
104
+ end