cvss-suite 2.0.1 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rspec.yml +2 -2
- data/.github/workflows/rubocop.yml +4 -3
- data/.rubocop.yml +3 -1
- data/CHANGES.md +19 -0
- data/CNAME +1 -0
- data/CODE_OF_CONDUCT.md +3 -2
- data/Gemfile +3 -2
- data/LICENSE.md +2 -1
- data/README.md +10 -6
- data/cvss_suite.gemspec +13 -6
- data/lib/cvss_suite/cvss.rb +15 -5
- data/lib/cvss_suite/cvss2/cvss2.rb +22 -2
- data/lib/cvss_suite/cvss2/cvss2_base.rb +3 -2
- data/lib/cvss_suite/cvss2/cvss2_environmental.rb +3 -2
- data/lib/cvss_suite/cvss2/cvss2_temporal.rb +3 -2
- data/lib/cvss_suite/cvss3/cvss3.rb +3 -2
- data/lib/cvss_suite/cvss3/cvss3_base.rb +3 -2
- data/lib/cvss_suite/cvss3/cvss3_environmental.rb +3 -2
- data/lib/cvss_suite/cvss3/cvss3_temporal.rb +3 -2
- data/lib/cvss_suite/cvss31/cvss31.rb +3 -2
- data/lib/cvss_suite/cvss31/cvss31_base.rb +3 -2
- data/lib/cvss_suite/cvss31/cvss31_environmental.rb +3 -2
- data/lib/cvss_suite/cvss31/cvss31_temporal.rb +3 -2
- data/lib/cvss_suite/cvss_metric.rb +3 -2
- data/lib/cvss_suite/cvss_property.rb +3 -2
- data/lib/cvss_suite/errors.rb +4 -1
- data/lib/cvss_suite/helpers/cvss31_helper.rb +3 -2
- data/lib/cvss_suite/helpers/cvss3_helper.rb +3 -2
- data/lib/cvss_suite/invalid_cvss.rb +5 -2
- data/lib/cvss_suite/version.rb +4 -3
- data/lib/cvss_suite.rb +4 -2
- metadata +14 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4b5de123089a1d8250c5fdccbf1d859a0da8be387ed88875fb88a5613a786cbb
|
4
|
+
data.tar.gz: cd9150e3086e5f3304f9b4c3de53f587d25b41033218c398aa1e925385e22cee
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 32ef998978e20dfb978dacccfda21b587f31a63ea5426e3e0fc9a1b1c448696d27c641375cb8d35c917c19779098ce2aceca88aaa035efcda6da8d5a5c8c8860
|
7
|
+
data.tar.gz: 5347e86397270b74cb5b78b5a1fc5eb7e9d9a6de13d56de62a4170c84c459406fd2cfe614434af7a83fdc434ed64ffe17de4738bb418fd4b771c01807140e1fc
|
data/.github/workflows/rspec.yml
CHANGED
@@ -8,11 +8,11 @@ jobs:
|
|
8
8
|
runs-on: ubuntu-latest
|
9
9
|
strategy:
|
10
10
|
matrix:
|
11
|
-
ruby: [ '2.
|
11
|
+
ruby: [ '2.6', '2.7', '3.0', '3.1' ]
|
12
12
|
steps:
|
13
13
|
- uses: actions/checkout@v2
|
14
14
|
- name: Set up ${{ matrix.ruby }}
|
15
|
-
uses:
|
15
|
+
uses: ruby/setup-ruby@v1
|
16
16
|
with:
|
17
17
|
ruby-version: ${{ matrix.ruby }}
|
18
18
|
- name: Install gems
|
@@ -9,12 +9,13 @@ jobs:
|
|
9
9
|
|
10
10
|
steps:
|
11
11
|
- uses: actions/checkout@v2
|
12
|
-
- name: Set up Ruby 2.
|
13
|
-
uses:
|
12
|
+
- name: Set up Ruby 2.6
|
13
|
+
uses: ruby/setup-ruby@v1
|
14
14
|
with:
|
15
|
-
ruby-version: 2.
|
15
|
+
ruby-version: 2.6
|
16
16
|
- name: Install gems
|
17
17
|
run: |
|
18
|
+
gem update --system
|
18
19
|
gem install bundler -v ">= 1.10"
|
19
20
|
gem install rubocop
|
20
21
|
- name: Run checks
|
data/.rubocop.yml
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
inherit_from: .rubocop_todo.yml
|
2
2
|
|
3
3
|
AllCops:
|
4
|
-
TargetRubyVersion: 2.
|
4
|
+
TargetRubyVersion: 2.6
|
5
|
+
SuggestExtensions: false
|
5
6
|
|
6
7
|
Metrics/LineLength:
|
7
8
|
Max: 120
|
@@ -21,6 +22,7 @@ Metrics/MethodLength:
|
|
21
22
|
|
22
23
|
Metrics/BlockLength:
|
23
24
|
Exclude:
|
25
|
+
- 'spec/cvss2/cvss2_spec.rb'
|
24
26
|
- 'spec/cvss3/cvss3_spec.rb'
|
25
27
|
- 'spec/cvss31/cvss31_spec.rb'
|
26
28
|
|
data/CHANGES.md
CHANGED
@@ -2,6 +2,25 @@
|
|
2
2
|
All notable changes to this project will be documented in this file.
|
3
3
|
This project adheres to [Semantic Versioning](http://semver.org/).
|
4
4
|
|
5
|
+
## [3.0.1] - 2022-03-13
|
6
|
+
|
7
|
+
### Notes
|
8
|
+
* Updated specification reference due to [Removing the edit linkset form](https://blog.rubygems.org/2019/03/08/and-then-there-was-one-metadata-links.html) and [Unable to edit gem online](https://github.com/rubygems/rubygems.org/issues/1899)
|
9
|
+
|
10
|
+
## [3.0.0] - 2022-03-13
|
11
|
+
|
12
|
+
### Breaking Changes
|
13
|
+
* Ruby >= 2.6 is now required
|
14
|
+
|
15
|
+
### Notes
|
16
|
+
* Moved repository to its new home
|
17
|
+
|
18
|
+
## [2.0.2] - 2020-12-05
|
19
|
+
|
20
|
+
### Fixes
|
21
|
+
* CVSS v2 now returns the correct severity values based on NVD recommendation
|
22
|
+
* CVSS v2 now supports vectors which are enclosed in parenthesis e.g. (AV:N/AC:L/Au:N/C:P/I:P/A:P)
|
23
|
+
|
5
24
|
## [2.0.1] - 2020-07-19
|
6
25
|
|
7
26
|
### Fixes
|
data/CNAME
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
cvss-suite.0lli.rocks
|
data/CODE_OF_CONDUCT.md
CHANGED
@@ -1,8 +1,9 @@
|
|
1
1
|
CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
|
3
|
-
Copyright (c) Siemens AG
|
3
|
+
Copyright (c) 2016-2022 Siemens AG
|
4
|
+
Copyright (c) 2022 0llirocks
|
4
5
|
|
5
|
-
Authors:
|
6
|
+
Authors: 0llirocks <http://0lli.rocks>
|
6
7
|
|
7
8
|
This work is licensed under the terms of the MIT license.
|
8
9
|
See the LICENSE.md file in the top-level directory.
|
data/Gemfile
CHANGED
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
data/LICENSE.md
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
The MIT License (MIT)
|
2
2
|
|
3
|
-
Copyright (c) 2016 Siemens AG
|
3
|
+
Copyright (c) 2016-2022 Siemens AG
|
4
|
+
Copyright (c) 2022 0llirocks
|
4
5
|
|
5
6
|
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
6
7
|
this software and associated documentation files (the "Software"), to deal in
|
data/README.md
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
# CvssSuite for Ruby
|
2
2
|
|
3
3
|
[![Gem Version](http://img.shields.io/gem/v/cvss-suite.svg)](https://rubygems.org/gems/cvss-suite)
|
4
|
-
[![Ruby Version](https://img.shields.io/badge/Ruby-2.
|
4
|
+
[![Ruby Version](https://img.shields.io/badge/Ruby-2.6-brightgreen.svg)](https://rubygems.org/gems/cvss-suite)
|
5
5
|
[![Cvss Support](https://img.shields.io/badge/CVSS-v2-brightgreen.svg)](https://www.first.org/cvss/v2/guide)
|
6
6
|
[![Cvss Support](https://img.shields.io/badge/CVSS-v3.0-brightgreen.svg)](https://www.first.org/cvss/v3.0/user-guide)
|
7
7
|
[![Cvss Support](https://img.shields.io/badge/CVSS-v3.1-brightgreen.svg)](https://www.first.org/cvss/v3.1/user-guide)
|
8
|
-
[![RSpec](https://github.com/
|
8
|
+
[![RSpec](https://github.com/0llirocks/cvss-suite/workflows/RSpec/badge.svg)](https://github.com/0llirocks/cvss-suite/actions)
|
9
9
|
|
10
10
|
This Ruby gem helps you to process the vector of the [**Common Vulnerability Scoring System**](https://www.first.org/cvss/specification-document).
|
11
11
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
@@ -25,10 +25,14 @@ And then execute:
|
|
25
25
|
Or install it yourself as:
|
26
26
|
|
27
27
|
$ gem install cvss-suite
|
28
|
+
|
29
|
+
## Version 2.x
|
30
|
+
|
31
|
+
If you are still using CvssSuite 2.x please refer to the [specific branch](https://github.com/0llirocks/cvss-suite/tree/2.x) for documentation and changelog.
|
28
32
|
|
29
33
|
## Version 1.x
|
30
34
|
|
31
|
-
If
|
35
|
+
If you are still using CvssSuite 1.x please refer to the [specific branch](https://github.com/0llirocks/cvss-suite/tree/1.x) for documentation and changelog.
|
32
36
|
|
33
37
|
## Usage
|
34
38
|
|
@@ -108,11 +112,11 @@ There is a possibility of implementations generating different scores (+/- 0,1)
|
|
108
112
|
|
109
113
|
## Changelog
|
110
114
|
|
111
|
-
[Click here to see all changes.](https://github.com/
|
115
|
+
[Click here to see all changes.](https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md)
|
112
116
|
|
113
117
|
## Contributing
|
114
118
|
|
115
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/
|
119
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/0llirocks/cvss-suite. This project is intended to be a safe, welcoming space for collaboration.
|
116
120
|
|
117
121
|
## References
|
118
|
-
[CvssSuite for .NET](https://
|
122
|
+
[CvssSuite for .NET](https://cvsssuite.0lli.rocks)
|
data/cvss_suite.gemspec
CHANGED
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -18,15 +19,21 @@ Gem::Specification.new do |spec|
|
|
18
19
|
spec.name = 'cvss-suite'
|
19
20
|
spec.version = CvssSuite::VERSION
|
20
21
|
spec.license = 'MIT'
|
21
|
-
spec.authors = ['
|
22
|
-
spec.email = ['oliver.hamboerger@siemens.com']
|
22
|
+
spec.authors = ['0llirocks']
|
23
23
|
|
24
24
|
spec.summary = 'Ruby gem for processing cvss vectors.'
|
25
25
|
spec.description = 'This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
26
26
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.'
|
27
|
-
spec.homepage = 'https://siemens.github.io/cvss-suite/'
|
28
27
|
|
29
|
-
spec.
|
28
|
+
spec.metadata = {
|
29
|
+
'bug_tracker_uri' => 'https://github.com/0llirocks/cvss-suite/issues',
|
30
|
+
'changelog_uri' => 'https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md',
|
31
|
+
'documentation_uri' => 'https://www.rubydoc.info/gems/cvss-suite/' + CvssSuite::VERSION,
|
32
|
+
'homepage_uri' => 'https://cvss-suite.0lli.rocks',
|
33
|
+
'source_code_uri' => 'https://github.com/0llirocks/cvss-suite'
|
34
|
+
}
|
35
|
+
|
36
|
+
spec.required_ruby_version = '>= 2.6.0'
|
30
37
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
31
38
|
spec.bindir = 'exe'
|
32
39
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
data/lib/cvss_suite/cvss.rb
CHANGED
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -25,7 +26,7 @@ module CvssSuite
|
|
25
26
|
#
|
26
27
|
# Raises an exception if it is called on Cvss class.
|
27
28
|
def initialize(vector)
|
28
|
-
raise CvssSuite::Errors::InvalidParentClass, 'Do not instantiate this class!' if
|
29
|
+
raise CvssSuite::Errors::InvalidParentClass, 'Do not instantiate this class!' if instance_of? Cvss
|
29
30
|
|
30
31
|
@vector = vector
|
31
32
|
@properties = []
|
@@ -54,7 +55,7 @@ module CvssSuite
|
|
54
55
|
|
55
56
|
score = overall_score
|
56
57
|
|
57
|
-
if score
|
58
|
+
if score <= 0.0
|
58
59
|
'None'
|
59
60
|
elsif (0.1..3.9).cover? score
|
60
61
|
'Low'
|
@@ -99,8 +100,17 @@ module CvssSuite
|
|
99
100
|
|
100
101
|
if start_of_vector.nil?
|
101
102
|
''
|
103
|
+
elsif start_of_vector == 1
|
104
|
+
match_array = @vector.scan(/\((?>[^)(]+|\g<0>)*\)/)
|
105
|
+
if match_array.length == 1 && match_array[0] == @vector
|
106
|
+
@vector.slice!(0)
|
107
|
+
@vector.slice!(@vector.length - 1)
|
108
|
+
@vector
|
109
|
+
else
|
110
|
+
''
|
111
|
+
end
|
102
112
|
else
|
103
|
-
@vector[start_of_vector
|
113
|
+
@vector[start_of_vector..]
|
104
114
|
end
|
105
115
|
end
|
106
116
|
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -23,6 +24,25 @@ module CvssSuite
|
|
23
24
|
2
|
24
25
|
end
|
25
26
|
|
27
|
+
# Returns the severity of the CVSSv2 vector.
|
28
|
+
# https://nvd.nist.gov/vuln-metrics/cvss
|
29
|
+
def severity
|
30
|
+
check_validity
|
31
|
+
|
32
|
+
score = overall_score
|
33
|
+
|
34
|
+
case score
|
35
|
+
when 0.0..3.9
|
36
|
+
'Low'
|
37
|
+
when 4.0..6.9
|
38
|
+
'Medium'
|
39
|
+
when 7.0..10.0
|
40
|
+
'High'
|
41
|
+
else
|
42
|
+
'None'
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
26
46
|
##
|
27
47
|
# Returns the Base Score of the CVSS vector.
|
28
48
|
def base_score
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2019-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2019-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2019-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2019-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
data/lib/cvss_suite/errors.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
7
|
# Adam David <adamrdavid@gmail.com>
|
@@ -19,10 +20,12 @@ module CvssSuite
|
|
19
20
|
|
20
21
|
def initialize(message)
|
21
22
|
@message = message
|
23
|
+
super
|
22
24
|
end
|
23
25
|
end
|
24
26
|
|
25
27
|
class InvalidVector < RuntimeError; end
|
28
|
+
|
26
29
|
class InvalidParentClass < ArgumentError; end
|
27
30
|
end
|
28
31
|
end
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2018-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -12,9 +13,11 @@ module CvssSuite
|
|
12
13
|
##
|
13
14
|
# This class represents a invalid CVSS vector.
|
14
15
|
class InvalidCvss < Cvss
|
16
|
+
# rubocop:disable Lint/MissingSuper
|
15
17
|
##
|
16
18
|
# Creates a new invalid CVSS vector.
|
17
19
|
def initialize; end
|
20
|
+
# rubocop:enable Lint/MissingSuper
|
18
21
|
|
19
22
|
##
|
20
23
|
# Since this is an invalid CVSS vector, it always returns false.
|
data/lib/cvss_suite/version.rb
CHANGED
@@ -1,13 +1,14 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
10
11
|
|
11
12
|
module CvssSuite
|
12
|
-
VERSION = '
|
13
|
+
VERSION = '3.0.1'.freeze
|
13
14
|
end
|
data/lib/cvss_suite.rb
CHANGED
@@ -1,9 +1,10 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) Siemens AG
|
3
|
+
# Copyright (c) 2016-2022 Siemens AG
|
4
|
+
# Copyright (c) 2022 0llirocks
|
4
5
|
#
|
5
6
|
# Authors:
|
6
|
-
#
|
7
|
+
# 0llirocks <http://0lli.rocks>
|
7
8
|
#
|
8
9
|
# This work is licensed under the terms of the MIT license.
|
9
10
|
# See the LICENSE.md file in the top-level directory.
|
@@ -20,6 +21,7 @@ require 'cvss_suite/invalid_cvss'
|
|
20
21
|
module CvssSuite
|
21
22
|
CVSS_VECTOR_BEGINNINGS = [
|
22
23
|
{ string: 'AV:', version: 2 },
|
24
|
+
{ string: '(AV:', version: 2 },
|
23
25
|
{ string: 'CVSS:3.0/', version: 3.0 },
|
24
26
|
{ string: 'CVSS:3.1/', version: 3.1 }
|
25
27
|
].freeze
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cvss-suite
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- 0llirocks
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-03-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -69,8 +69,7 @@ dependencies:
|
|
69
69
|
description: |-
|
70
70
|
This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
71
71
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
72
|
-
email:
|
73
|
-
- oliver.hamboerger@siemens.com
|
72
|
+
email:
|
74
73
|
executables: []
|
75
74
|
extensions: []
|
76
75
|
extra_rdoc_files: []
|
@@ -85,6 +84,7 @@ files:
|
|
85
84
|
- ".rubocop.yml"
|
86
85
|
- ".rubocop_todo.yml"
|
87
86
|
- CHANGES.md
|
87
|
+
- CNAME
|
88
88
|
- CODE_OF_CONDUCT.md
|
89
89
|
- Gemfile
|
90
90
|
- LICENSE.md
|
@@ -115,10 +115,15 @@ files:
|
|
115
115
|
- lib/cvss_suite/helpers/cvss3_helper.rb
|
116
116
|
- lib/cvss_suite/invalid_cvss.rb
|
117
117
|
- lib/cvss_suite/version.rb
|
118
|
-
homepage:
|
118
|
+
homepage:
|
119
119
|
licenses:
|
120
120
|
- MIT
|
121
|
-
metadata:
|
121
|
+
metadata:
|
122
|
+
bug_tracker_uri: https://github.com/0llirocks/cvss-suite/issues
|
123
|
+
changelog_uri: https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md
|
124
|
+
documentation_uri: https://www.rubydoc.info/gems/cvss-suite/3.0.1
|
125
|
+
homepage_uri: https://cvss-suite.0lli.rocks
|
126
|
+
source_code_uri: https://github.com/0llirocks/cvss-suite
|
122
127
|
post_install_message:
|
123
128
|
rdoc_options: []
|
124
129
|
require_paths:
|
@@ -127,14 +132,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
127
132
|
requirements:
|
128
133
|
- - ">="
|
129
134
|
- !ruby/object:Gem::Version
|
130
|
-
version: 2.
|
135
|
+
version: 2.6.0
|
131
136
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
132
137
|
requirements:
|
133
138
|
- - ">="
|
134
139
|
- !ruby/object:Gem::Version
|
135
140
|
version: '0'
|
136
141
|
requirements: []
|
137
|
-
rubygems_version: 3.
|
142
|
+
rubygems_version: 3.3.7
|
138
143
|
signing_key:
|
139
144
|
specification_version: 4
|
140
145
|
summary: Ruby gem for processing cvss vectors.
|