cvss-suite 3.1.1 → 3.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/rspec.yml +4 -4
- data/.github/workflows/rubocop.yml +3 -4
- data/.rubocop.yml +20 -0
- data/.rubocop_todo.yml +2 -2
- data/CHANGES.md +8 -0
- data/CODE_OF_CONDUCT.md +9 -2
- data/Gemfile +0 -6
- data/LICENSE.md +10 -1
- data/README.md +14 -5
- data/cvss_suite.gemspec +7 -10
- data/lib/cvss_suite/cvss.rb +1 -31
- data/lib/cvss_suite/cvss2/cvss2.rb +2 -8
- data/lib/cvss_suite/cvss2/cvss2_base.rb +0 -6
- data/lib/cvss_suite/cvss2/cvss2_environmental.rb +0 -6
- data/lib/cvss_suite/cvss2/cvss2_temporal.rb +0 -6
- data/lib/cvss_suite/cvss3/cvss3.rb +2 -8
- data/lib/cvss_suite/cvss3/cvss3_base.rb +0 -6
- data/lib/cvss_suite/cvss3/cvss3_environmental.rb +0 -6
- data/lib/cvss_suite/cvss3/cvss3_temporal.rb +0 -6
- data/lib/cvss_suite/cvss31/cvss31.rb +2 -8
- data/lib/cvss_suite/cvss31/cvss31_base.rb +0 -6
- data/lib/cvss_suite/cvss31/cvss31_environmental.rb +0 -6
- data/lib/cvss_suite/cvss31/cvss31_temporal.rb +0 -6
- data/lib/cvss_suite/cvss40/cvss40.rb +43 -0
- data/lib/cvss_suite/cvss40/cvss40_all_up.rb +40 -0
- data/lib/cvss_suite/cvss40/cvss40_base.rb +86 -0
- data/lib/cvss_suite/cvss40/cvss40_calc_helper.rb +389 -0
- data/lib/cvss_suite/cvss40/cvss40_constants_levels.rb +26 -0
- data/lib/cvss_suite/cvss40/cvss40_constants_macro_vector_lookup.rb +278 -0
- data/lib/cvss_suite/cvss40/cvss40_constants_max_composed.rb +41 -0
- data/lib/cvss_suite/cvss40/cvss40_constants_max_severity.rb +31 -0
- data/lib/cvss_suite/cvss40/cvss40_environmental.rb +105 -0
- data/lib/cvss_suite/cvss40/cvss40_environmental_security.rb +47 -0
- data/lib/cvss_suite/cvss40/cvss40_supplemental.rb +66 -0
- data/lib/cvss_suite/cvss40/cvss40_threat.rb +34 -0
- data/lib/cvss_suite/cvss_31_and_before.rb +50 -0
- data/lib/cvss_suite/cvss_40_and_later.rb +45 -0
- data/lib/cvss_suite/cvss_metric.rb +4 -6
- data/lib/cvss_suite/cvss_property.rb +0 -6
- data/lib/cvss_suite/errors.rb +0 -6
- data/lib/cvss_suite/extensions/string.rb +8 -0
- data/lib/cvss_suite/helpers/cvss31_helper.rb +0 -6
- data/lib/cvss_suite/helpers/cvss3_helper.rb +0 -6
- data/lib/cvss_suite/invalid_cvss.rb +0 -6
- data/lib/cvss_suite/version.rb +1 -7
- data/lib/cvss_suite.rb +6 -7
- metadata +41 -12
@@ -0,0 +1,45 @@
|
|
1
|
+
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
|
+
#
|
3
|
+
# This work is licensed under the terms of the MIT license.
|
4
|
+
# See the LICENSE.md file in the top-level directory.
|
5
|
+
|
6
|
+
require_relative 'cvss'
|
7
|
+
|
8
|
+
module CvssSuite
|
9
|
+
##
|
10
|
+
# This class represents any CVSS vector. Do not instantiate this class!
|
11
|
+
class Cvss40AndLater < Cvss
|
12
|
+
##
|
13
|
+
# Metric of a CVSS vector for CVSS 2, 3, 3.1.
|
14
|
+
attr_reader :temporal, :environmental
|
15
|
+
|
16
|
+
##
|
17
|
+
# Creates a new CVSS vector by a +vector+, for all CVSS versions from 4.0.
|
18
|
+
#
|
19
|
+
# Raises an exception if it is called on Cvss40AndLater class.
|
20
|
+
def initialize(vector)
|
21
|
+
raise CvssSuite::Errors::InvalidParentClass, 'Do not instantiate this class!' if instance_of? Cvss40AndLater
|
22
|
+
|
23
|
+
super
|
24
|
+
end
|
25
|
+
|
26
|
+
##
|
27
|
+
# Returns if CVSS vector is valid.
|
28
|
+
def valid?
|
29
|
+
if @amount_of_properties >= required_amount_of_properties
|
30
|
+
@base.valid?
|
31
|
+
|
32
|
+
else
|
33
|
+
false
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
##
|
38
|
+
# Returns the Overall Score of the CVSS vector.
|
39
|
+
def overall_score
|
40
|
+
check_validity
|
41
|
+
|
42
|
+
@all_up.score
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
@@ -1,11 +1,5 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2016-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# 0llirocks <http://0lli.rocks>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
@@ -36,6 +30,10 @@ module CvssSuite
|
|
36
30
|
@properties.count
|
37
31
|
end
|
38
32
|
|
33
|
+
##
|
34
|
+
# We aggregate these in some other classes
|
35
|
+
attr_reader :properties
|
36
|
+
|
39
37
|
private
|
40
38
|
|
41
39
|
def extract_selected_values_from(selected_properties)
|
@@ -1,11 +1,5 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2016-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# 0llirocks <http://0lli.rocks>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
data/lib/cvss_suite/errors.rb
CHANGED
@@ -1,11 +1,5 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2016-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# Adam David <adamrdavid@gmail.com>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
@@ -1,11 +1,5 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2016-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# 0llirocks <http://0lli.rocks>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
@@ -1,11 +1,5 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2016-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# 0llirocks <http://0lli.rocks>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
@@ -1,11 +1,5 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2018-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# 0llirocks <http://0lli.rocks>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
data/lib/cvss_suite/version.rb
CHANGED
@@ -1,14 +1,8 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2016-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022-2023 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# 0llirocks <http://0lli.rocks>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
12
6
|
module CvssSuite
|
13
|
-
VERSION = '3.
|
7
|
+
VERSION = '3.2.0'.freeze
|
14
8
|
end
|
data/lib/cvss_suite.rb
CHANGED
@@ -1,20 +1,16 @@
|
|
1
1
|
# CVSS-Suite, a Ruby gem to manage the CVSS vector
|
2
2
|
#
|
3
|
-
# Copyright (c) 2016-2022 Siemens AG
|
4
|
-
# Copyright (c) 2022 0llirocks
|
5
|
-
#
|
6
|
-
# Authors:
|
7
|
-
# 0llirocks <http://0lli.rocks>
|
8
|
-
#
|
9
3
|
# This work is licensed under the terms of the MIT license.
|
10
4
|
# See the LICENSE.md file in the top-level directory.
|
11
5
|
|
12
6
|
require 'cvss_suite/cvss2/cvss2'
|
13
7
|
require 'cvss_suite/cvss3/cvss3'
|
14
8
|
require 'cvss_suite/cvss31/cvss31'
|
9
|
+
require 'cvss_suite/cvss40/cvss40'
|
15
10
|
require 'cvss_suite/version'
|
16
11
|
require 'cvss_suite/errors'
|
17
12
|
require 'cvss_suite/invalid_cvss'
|
13
|
+
require 'cvss_suite/extensions/string'
|
18
14
|
|
19
15
|
##
|
20
16
|
# Module of this gem.
|
@@ -23,7 +19,8 @@ module CvssSuite
|
|
23
19
|
{ string: 'AV:', version: 2 },
|
24
20
|
{ string: '(AV:', version: 2 },
|
25
21
|
{ string: 'CVSS:3.0/', version: 3.0 },
|
26
|
-
{ string: 'CVSS:3.1/', version: 3.1 }
|
22
|
+
{ string: 'CVSS:3.1/', version: 3.1 },
|
23
|
+
{ string: 'CVSS:4.0/', version: 4.0 }
|
27
24
|
].freeze
|
28
25
|
|
29
26
|
##
|
@@ -39,6 +36,8 @@ module CvssSuite
|
|
39
36
|
Cvss3.new(prepare_vector(@vector_string))
|
40
37
|
when 3.1
|
41
38
|
Cvss31.new(prepare_vector(@vector_string))
|
39
|
+
when 4.0
|
40
|
+
Cvss40.new(prepare_vector(@vector_string))
|
42
41
|
else
|
43
42
|
InvalidCvss.new
|
44
43
|
end
|
metadata
CHANGED
@@ -1,29 +1,29 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cvss-suite
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0llirocks
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-05-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- -
|
17
|
+
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
19
|
+
version: 2.4.22
|
20
20
|
type: :development
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- -
|
24
|
+
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
26
|
+
version: 2.4.22
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rspec
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -52,6 +52,20 @@ dependencies:
|
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '1.2'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rubocop
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - '='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: 1.50.2
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - '='
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: 1.50.2
|
55
69
|
- !ruby/object:Gem::Dependency
|
56
70
|
name: simplecov
|
57
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -67,8 +81,9 @@ dependencies:
|
|
67
81
|
- !ruby/object:Gem::Version
|
68
82
|
version: '0.18'
|
69
83
|
description: |-
|
70
|
-
This Ruby gem
|
71
|
-
|
84
|
+
This Ruby gem calculates the score based on the vector of the
|
85
|
+
Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document)
|
86
|
+
in version 4.0, 3.1, 3.0 and 2.
|
72
87
|
email:
|
73
88
|
executables: []
|
74
89
|
extensions: []
|
@@ -108,21 +123,35 @@ files:
|
|
108
123
|
- lib/cvss_suite/cvss31/cvss31_base.rb
|
109
124
|
- lib/cvss_suite/cvss31/cvss31_environmental.rb
|
110
125
|
- lib/cvss_suite/cvss31/cvss31_temporal.rb
|
126
|
+
- lib/cvss_suite/cvss40/cvss40.rb
|
127
|
+
- lib/cvss_suite/cvss40/cvss40_all_up.rb
|
128
|
+
- lib/cvss_suite/cvss40/cvss40_base.rb
|
129
|
+
- lib/cvss_suite/cvss40/cvss40_calc_helper.rb
|
130
|
+
- lib/cvss_suite/cvss40/cvss40_constants_levels.rb
|
131
|
+
- lib/cvss_suite/cvss40/cvss40_constants_macro_vector_lookup.rb
|
132
|
+
- lib/cvss_suite/cvss40/cvss40_constants_max_composed.rb
|
133
|
+
- lib/cvss_suite/cvss40/cvss40_constants_max_severity.rb
|
134
|
+
- lib/cvss_suite/cvss40/cvss40_environmental.rb
|
135
|
+
- lib/cvss_suite/cvss40/cvss40_environmental_security.rb
|
136
|
+
- lib/cvss_suite/cvss40/cvss40_supplemental.rb
|
137
|
+
- lib/cvss_suite/cvss40/cvss40_threat.rb
|
138
|
+
- lib/cvss_suite/cvss_31_and_before.rb
|
139
|
+
- lib/cvss_suite/cvss_40_and_later.rb
|
111
140
|
- lib/cvss_suite/cvss_metric.rb
|
112
141
|
- lib/cvss_suite/cvss_property.rb
|
113
142
|
- lib/cvss_suite/errors.rb
|
143
|
+
- lib/cvss_suite/extensions/string.rb
|
114
144
|
- lib/cvss_suite/helpers/cvss31_helper.rb
|
115
145
|
- lib/cvss_suite/helpers/cvss3_helper.rb
|
116
146
|
- lib/cvss_suite/invalid_cvss.rb
|
117
147
|
- lib/cvss_suite/version.rb
|
118
|
-
homepage:
|
148
|
+
homepage: https://cvss-suite.0lli.rocks
|
119
149
|
licenses:
|
120
150
|
- MIT
|
121
151
|
metadata:
|
122
152
|
bug_tracker_uri: https://github.com/0llirocks/cvss-suite/issues
|
123
153
|
changelog_uri: https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md
|
124
|
-
documentation_uri: https://www.rubydoc.info/gems/cvss-suite/3.
|
125
|
-
homepage_uri: https://cvss-suite.0lli.rocks
|
154
|
+
documentation_uri: https://www.rubydoc.info/gems/cvss-suite/3.2.0
|
126
155
|
source_code_uri: https://github.com/0llirocks/cvss-suite
|
127
156
|
post_install_message:
|
128
157
|
rdoc_options: []
|
@@ -139,7 +168,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
139
168
|
- !ruby/object:Gem::Version
|
140
169
|
version: '0'
|
141
170
|
requirements: []
|
142
|
-
rubygems_version: 3.3.
|
171
|
+
rubygems_version: 3.0.3.1
|
143
172
|
signing_key:
|
144
173
|
specification_version: 4
|
145
174
|
summary: Ruby gem for processing cvss vectors.
|