cvss-suite 2.0.0 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rspec.yml +3 -3
- data/.github/workflows/rubocop.yml +7 -6
- data/.rubocop.yml +36 -1
- data/CHANGES.md +19 -0
- data/CNAME +1 -0
- data/CODE_OF_CONDUCT.md +3 -2
- data/Gemfile +3 -2
- data/LICENSE.md +2 -1
- data/README.md +10 -8
- data/cvss_suite.gemspec +7 -7
- data/lib/cvss_suite/cvss.rb +15 -5
- data/lib/cvss_suite/cvss2/cvss2.rb +22 -2
- data/lib/cvss_suite/cvss2/cvss2_base.rb +15 -14
- data/lib/cvss_suite/cvss2/cvss2_environmental.rb +21 -20
- data/lib/cvss_suite/cvss2/cvss2_temporal.rb +14 -13
- data/lib/cvss_suite/cvss3/cvss3.rb +4 -3
- data/lib/cvss_suite/cvss3/cvss3_base.rb +17 -16
- data/lib/cvss_suite/cvss3/cvss3_environmental.rb +97 -41
- data/lib/cvss_suite/cvss3/cvss3_temporal.rb +14 -13
- data/lib/cvss_suite/cvss31/cvss31.rb +4 -3
- data/lib/cvss_suite/cvss31/cvss31_base.rb +17 -16
- data/lib/cvss_suite/cvss31/cvss31_environmental.rb +97 -41
- data/lib/cvss_suite/cvss31/cvss31_temporal.rb +14 -13
- data/lib/cvss_suite/cvss_metric.rb +3 -2
- data/lib/cvss_suite/cvss_property.rb +3 -2
- data/lib/cvss_suite/errors.rb +4 -1
- data/lib/cvss_suite/helpers/cvss31_helper.rb +3 -2
- data/lib/cvss_suite/helpers/cvss3_helper.rb +3 -2
- data/lib/cvss_suite/invalid_cvss.rb +5 -2
- data/lib/cvss_suite/version.rb +4 -3
- data/lib/cvss_suite.rb +4 -2
- metadata +10 -10
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2019-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -33,24 +34,24 @@ module CvssSuite
|
|
33
34
|
@properties.push(@exploit_code_maturity =
|
34
35
|
CvssProperty.new(name: 'Exploit Code Maturity', abbreviation: 'E', position: [8],
|
35
36
|
values: [{ name: 'Not Defined', abbreviation: 'X', weight: 1.0 },
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
37
|
+
{ name: 'Unproven', abbreviation: 'U', weight: 0.91 },
|
38
|
+
{ name: 'Proof-of-Concept', abbreviation: 'P', weight: 0.94 },
|
39
|
+
{ name: 'Functional', abbreviation: 'F', weight: 0.97 },
|
40
|
+
{ name: 'High', abbreviation: 'H', weight: 1.0 }]))
|
40
41
|
@properties.push(@remediation_level =
|
41
42
|
CvssProperty.new(name: 'Remediation Level', abbreviation: 'RL', position: [9],
|
42
43
|
values: [{ name: 'Not Defined', abbreviation: 'X', weight: 1.0 },
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
44
|
+
{ name: 'Official Fix', abbreviation: 'O', weight: 0.95 },
|
45
|
+
{ name: 'Temporary Fix', abbreviation: 'T', weight: 0.96 },
|
46
|
+
{ name: 'Workaround', abbreviation: 'W', weight: 0.97 },
|
47
|
+
{ name: 'Unavailable', abbreviation: 'U', weight: 1.0 }]))
|
47
48
|
|
48
49
|
@properties.push(@report_confidence =
|
49
50
|
CvssProperty.new(name: 'Report Confidence', abbreviation: 'RC', position: [10],
|
50
51
|
values: [{ name: 'Not Defined', abbreviation: 'X', weight: 1.0 },
|
51
|
-
|
52
|
-
|
53
|
-
|
52
|
+
{ name: 'Unknown', abbreviation: 'U', weight: 0.92 },
|
53
|
+
{ name: 'Reasonable', abbreviation: 'R', weight: 0.96 },
|
54
|
+
{ name: 'Confirmed', abbreviation: 'C', weight: 1.0 }]))
|
54
55
|
end
|
55
56
|
end
|
56
57
|
end
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
data/lib/cvss_suite/errors.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
7
|
# Adam David <adamrdavid@gmail.com>
|
@@ -19,10 +20,12 @@ module CvssSuite
|
|
19
20
|
|
20
21
|
def initialize(message)
|
21
22
|
@message = message
|
23
|
+
super
|
22
24
|
end
|
23
25
|
end
|
24
26
|
|
25
27
|
class InvalidVector < RuntimeError; end
|
28
|
+
|
26
29
|
class InvalidParentClass < ArgumentError; end
|
27
30
|
end
|
28
31
|
end
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2018-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -12,9 +13,11 @@ module CvssSuite
|
|
12
13
|
##
|
13
14
|
# This class represents a invalid CVSS vector.
|
14
15
|
class InvalidCvss < Cvss
|
16
|
+
# rubocop:disable Lint/MissingSuper
|
15
17
|
##
|
16
18
|
# Creates a new invalid CVSS vector.
|
17
19
|
def initialize; end
|
20
|
+
# rubocop:enable Lint/MissingSuper
|
18
21
|
|
19
22
|
##
|
20
23
|
# Since this is an invalid CVSS vector, it always returns false.
|
data/lib/cvss_suite/version.rb
CHANGED
@@ -1,13 +1,14 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
10
11
|
|
11
12
|
module CvssSuite
|
12
|
-
VERSION = '
|
13
|
+
VERSION = '3.0.0'.freeze
|
13
14
|
end
|
data/lib/cvss_suite.rb
CHANGED
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -20,6 +21,7 @@ require 'cvss_suite/invalid_cvss'
|
|
20
21
|
module CvssSuite
|
21
22
|
CVSS_VECTOR_BEGINNINGS = [
|
22
23
|
{ string: 'AV:', version: 2 },
|
24
|
+
{ string: '(AV:', version: 2 },
|
23
25
|
{ string: 'CVSS:3.0/', version: 3.0 },
|
24
26
|
{ string: 'CVSS:3.1/', version: 3.1 }
|
25
27
|
].freeze
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cvss-suite
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- 0llirocks
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-03-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -58,19 +58,18 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '0.
|
61
|
+
version: '0.18'
|
62
62
|
type: :development
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '0.
|
68
|
+
version: '0.18'
|
69
69
|
description: |-
|
70
70
|
This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
71
71
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
72
|
-
email:
|
73
|
-
- oliver.hamboerger@siemens.com
|
72
|
+
email:
|
74
73
|
executables: []
|
75
74
|
extensions: []
|
76
75
|
extra_rdoc_files: []
|
@@ -85,6 +84,7 @@ files:
|
|
85
84
|
- ".rubocop.yml"
|
86
85
|
- ".rubocop_todo.yml"
|
87
86
|
- CHANGES.md
|
87
|
+
- CNAME
|
88
88
|
- CODE_OF_CONDUCT.md
|
89
89
|
- Gemfile
|
90
90
|
- LICENSE.md
|
@@ -115,7 +115,7 @@ files:
|
|
115
115
|
- lib/cvss_suite/helpers/cvss3_helper.rb
|
116
116
|
- lib/cvss_suite/invalid_cvss.rb
|
117
117
|
- lib/cvss_suite/version.rb
|
118
|
-
homepage: https://
|
118
|
+
homepage: https://cvss-suite.0lli.rocks
|
119
119
|
licenses:
|
120
120
|
- MIT
|
121
121
|
metadata: {}
|
@@ -127,14 +127,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
127
127
|
requirements:
|
128
128
|
- - ">="
|
129
129
|
- !ruby/object:Gem::Version
|
130
|
-
version: 2.
|
130
|
+
version: 2.6.0
|
131
131
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
132
132
|
requirements:
|
133
133
|
- - ">="
|
134
134
|
- !ruby/object:Gem::Version
|
135
135
|
version: '0'
|
136
136
|
requirements: []
|
137
|
-
rubygems_version: 3.
|
137
|
+
rubygems_version: 3.3.7
|
138
138
|
signing_key:
|
139
139
|
specification_version: 4
|
140
140
|
summary: Ruby gem for processing cvss vectors.
|