cvss-suite 1.2.0 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/rspec.yml +23 -0
- data/.github/workflows/rubocop.yml +22 -0
- data/.rubocop.yml +47 -1
- data/.rubocop_todo.yml +59 -0
- data/CHANGES.md +61 -1
- data/CNAME +1 -0
- data/CODE_OF_CONDUCT.md +3 -2
- data/Gemfile +3 -2
- data/LICENSE.md +2 -1
- data/README.md +21 -18
- data/_config.yml +1 -0
- data/bin/console +3 -3
- data/cvss_suite.gemspec +23 -16
- data/lib/cvss_suite/cvss.rb +77 -98
- data/lib/cvss_suite/cvss2/cvss2.rb +53 -30
- data/lib/cvss_suite/cvss2/cvss2_base.rb +72 -77
- data/lib/cvss_suite/cvss2/cvss2_environmental.rb +55 -56
- data/lib/cvss_suite/cvss2/cvss2_temporal.rb +43 -43
- data/lib/cvss_suite/cvss3/cvss3.rb +42 -38
- data/lib/cvss_suite/cvss3/cvss3_base.rb +75 -77
- data/lib/cvss_suite/cvss3/cvss3_environmental.rb +162 -111
- data/lib/cvss_suite/cvss3/cvss3_temporal.rb +44 -44
- data/lib/cvss_suite/cvss31/cvss31.rb +39 -30
- data/lib/cvss_suite/cvss31/cvss31_base.rb +69 -70
- data/lib/cvss_suite/cvss31/cvss31_environmental.rb +162 -111
- data/lib/cvss_suite/cvss31/cvss31_temporal.rb +44 -44
- data/lib/cvss_suite/cvss_metric.rb +37 -38
- data/lib/cvss_suite/cvss_property.rb +69 -57
- data/lib/cvss_suite/errors.rb +4 -1
- data/lib/cvss_suite/helpers/cvss31_helper.rb +28 -0
- data/lib/cvss_suite/helpers/cvss3_helper.rb +24 -17
- data/lib/cvss_suite/invalid_cvss.rb +42 -47
- data/lib/cvss_suite/version.rb +4 -3
- data/lib/cvss_suite.rb +46 -15
- metadata +23 -29
- data/.travis.yml +0 -4
- data/lib/cvss_suite/helpers/extensions.rb +0 -56
metadata
CHANGED
@@ -1,27 +1,27 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cvss-suite
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 3.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- 0llirocks
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-09-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - "
|
17
|
+
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
19
|
version: '1.10'
|
20
20
|
type: :development
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- - "
|
24
|
+
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '1.10'
|
27
27
|
- !ruby/object:Gem::Dependency
|
@@ -52,39 +52,24 @@ dependencies:
|
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '1.2'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: rdoc
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - "~>"
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '4.2'
|
62
|
-
type: :development
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - "~>"
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '4.2'
|
69
55
|
- !ruby/object:Gem::Dependency
|
70
56
|
name: simplecov
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
72
58
|
requirements:
|
73
59
|
- - "~>"
|
74
60
|
- !ruby/object:Gem::Version
|
75
|
-
version: 0.
|
61
|
+
version: '0.18'
|
76
62
|
type: :development
|
77
63
|
prerelease: false
|
78
64
|
version_requirements: !ruby/object:Gem::Requirement
|
79
65
|
requirements:
|
80
66
|
- - "~>"
|
81
67
|
- !ruby/object:Gem::Version
|
82
|
-
version: 0.
|
68
|
+
version: '0.18'
|
83
69
|
description: |-
|
84
70
|
This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
85
71
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
86
|
-
email:
|
87
|
-
- oliver.hamboerger@siemens.com
|
72
|
+
email:
|
88
73
|
executables: []
|
89
74
|
extensions: []
|
90
75
|
extra_rdoc_files: []
|
@@ -92,16 +77,20 @@ files:
|
|
92
77
|
- ".github/ISSUE_TEMPLATE/bug_report.md"
|
93
78
|
- ".github/ISSUE_TEMPLATE/custom.md"
|
94
79
|
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
80
|
+
- ".github/workflows/rspec.yml"
|
81
|
+
- ".github/workflows/rubocop.yml"
|
95
82
|
- ".gitignore"
|
96
83
|
- ".rspec"
|
97
84
|
- ".rubocop.yml"
|
98
|
-
- ".
|
85
|
+
- ".rubocop_todo.yml"
|
99
86
|
- CHANGES.md
|
87
|
+
- CNAME
|
100
88
|
- CODE_OF_CONDUCT.md
|
101
89
|
- Gemfile
|
102
90
|
- LICENSE.md
|
103
91
|
- PULL_REQUEST_TEMPLATE.md
|
104
92
|
- README.md
|
93
|
+
- _config.yml
|
105
94
|
- bin/console
|
106
95
|
- bin/setup
|
107
96
|
- cvss_suite.gemspec
|
@@ -122,14 +111,19 @@ files:
|
|
122
111
|
- lib/cvss_suite/cvss_metric.rb
|
123
112
|
- lib/cvss_suite/cvss_property.rb
|
124
113
|
- lib/cvss_suite/errors.rb
|
114
|
+
- lib/cvss_suite/helpers/cvss31_helper.rb
|
125
115
|
- lib/cvss_suite/helpers/cvss3_helper.rb
|
126
|
-
- lib/cvss_suite/helpers/extensions.rb
|
127
116
|
- lib/cvss_suite/invalid_cvss.rb
|
128
117
|
- lib/cvss_suite/version.rb
|
129
|
-
homepage:
|
118
|
+
homepage:
|
130
119
|
licenses:
|
131
120
|
- MIT
|
132
|
-
metadata:
|
121
|
+
metadata:
|
122
|
+
bug_tracker_uri: https://github.com/0llirocks/cvss-suite/issues
|
123
|
+
changelog_uri: https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md
|
124
|
+
documentation_uri: https://www.rubydoc.info/gems/cvss-suite/3.1.0
|
125
|
+
homepage_uri: https://cvss-suite.0lli.rocks
|
126
|
+
source_code_uri: https://github.com/0llirocks/cvss-suite
|
133
127
|
post_install_message:
|
134
128
|
rdoc_options: []
|
135
129
|
require_paths:
|
@@ -138,14 +132,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
138
132
|
requirements:
|
139
133
|
- - ">="
|
140
134
|
- !ruby/object:Gem::Version
|
141
|
-
version: 2.
|
135
|
+
version: 2.6.0
|
142
136
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
143
137
|
requirements:
|
144
138
|
- - ">="
|
145
139
|
- !ruby/object:Gem::Version
|
146
140
|
version: '0'
|
147
141
|
requirements: []
|
148
|
-
rubygems_version: 3.
|
142
|
+
rubygems_version: 3.3.7
|
149
143
|
signing_key:
|
150
144
|
specification_version: 4
|
151
145
|
summary: Ruby gem for processing cvss vectors.
|
data/.travis.yml
DELETED
@@ -1,56 +0,0 @@
|
|
1
|
-
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
|
-
#
|
3
|
-
# Copyright (c) Siemens AG, 2016
|
4
|
-
#
|
5
|
-
# Authors:
|
6
|
-
# Oliver Hambörger <oliver.hamboerger@siemens.com>
|
7
|
-
#
|
8
|
-
# This work is licensed under the terms of the MIT license.
|
9
|
-
# See the LICENSE.md file in the top-level directory.
|
10
|
-
|
11
|
-
##
|
12
|
-
# This class includes extensions for the Float datatype.
|
13
|
-
|
14
|
-
class Float
|
15
|
-
|
16
|
-
##
|
17
|
-
# Since CVSS 3 all float values are rounded up, therefore this method is used instead of the mathematically correct method round().
|
18
|
-
|
19
|
-
def round_up(decimal_paces = 0)
|
20
|
-
(self * 10.0**decimal_paces).ceil / 10.0**decimal_paces
|
21
|
-
end
|
22
|
-
|
23
|
-
##
|
24
|
-
# The “Round up” function in CVSS v3.0 has been renamed Roundup and is now defined more precisely to minimize the possibility of implementations generating different scores due to small floating-point inaccuracies. This can happen due to differences in floating point arithmetic between different languages and hardware platforms.
|
25
|
-
|
26
|
-
def roundup
|
27
|
-
output = (self * 100000).round
|
28
|
-
if (output % 10000) == 0
|
29
|
-
return output / 100000.0
|
30
|
-
else
|
31
|
-
return ((output / 10000).floor + 1) / 10.0
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
class Integer
|
37
|
-
|
38
|
-
##
|
39
|
-
# Since CVSS 3 all float values are rounded up, therefore this method is used instead of the mathematically correct method round().
|
40
|
-
|
41
|
-
def round_up(decimal_paces = 0)
|
42
|
-
(self * 10.0**decimal_paces).ceil / 10.0**decimal_paces
|
43
|
-
end
|
44
|
-
|
45
|
-
##
|
46
|
-
# The “Round up” function in CVSS v3.0 has been renamed Roundup and is now defined more precisely to minimize the possibility of implementations generating different scores due to small floating-point inaccuracies. This can happen due to differences in floating point arithmetic between different languages and hardware platforms.
|
47
|
-
|
48
|
-
def roundup
|
49
|
-
output = (self * 100000).round
|
50
|
-
if (output % 10000) == 0
|
51
|
-
return output / 100000.0
|
52
|
-
else
|
53
|
-
return ((output / 10000).floor + 1) / 10.0
|
54
|
-
end
|
55
|
-
end
|
56
|
-
end
|