cvss-suite 3.1.1 → 3.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/rspec.yml +4 -4
  3. data/.github/workflows/rubocop.yml +3 -4
  4. data/.rubocop.yml +20 -0
  5. data/.rubocop_todo.yml +2 -2
  6. data/CHANGES.md +13 -0
  7. data/CODE_OF_CONDUCT.md +9 -2
  8. data/Gemfile +0 -6
  9. data/LICENSE.md +10 -1
  10. data/README.md +14 -5
  11. data/cvss_suite.gemspec +7 -9
  12. data/lib/cvss_suite/cvss.rb +1 -31
  13. data/lib/cvss_suite/cvss2/cvss2.rb +2 -8
  14. data/lib/cvss_suite/cvss2/cvss2_base.rb +0 -6
  15. data/lib/cvss_suite/cvss2/cvss2_environmental.rb +0 -6
  16. data/lib/cvss_suite/cvss2/cvss2_temporal.rb +0 -6
  17. data/lib/cvss_suite/cvss3/cvss3.rb +2 -8
  18. data/lib/cvss_suite/cvss3/cvss3_base.rb +0 -6
  19. data/lib/cvss_suite/cvss3/cvss3_environmental.rb +0 -6
  20. data/lib/cvss_suite/cvss3/cvss3_temporal.rb +0 -6
  21. data/lib/cvss_suite/cvss31/cvss31.rb +2 -8
  22. data/lib/cvss_suite/cvss31/cvss31_base.rb +0 -6
  23. data/lib/cvss_suite/cvss31/cvss31_environmental.rb +0 -6
  24. data/lib/cvss_suite/cvss31/cvss31_temporal.rb +0 -6
  25. data/lib/cvss_suite/cvss40/cvss40.rb +43 -0
  26. data/lib/cvss_suite/cvss40/cvss40_all_up.rb +40 -0
  27. data/lib/cvss_suite/cvss40/cvss40_base.rb +86 -0
  28. data/lib/cvss_suite/cvss40/cvss40_calc_helper.rb +397 -0
  29. data/lib/cvss_suite/cvss40/cvss40_constants_levels.rb +26 -0
  30. data/lib/cvss_suite/cvss40/cvss40_constants_macro_vector_lookup.rb +278 -0
  31. data/lib/cvss_suite/cvss40/cvss40_constants_max_composed.rb +41 -0
  32. data/lib/cvss_suite/cvss40/cvss40_constants_max_severity.rb +31 -0
  33. data/lib/cvss_suite/cvss40/cvss40_environmental.rb +105 -0
  34. data/lib/cvss_suite/cvss40/cvss40_environmental_security.rb +47 -0
  35. data/lib/cvss_suite/cvss40/cvss40_supplemental.rb +66 -0
  36. data/lib/cvss_suite/cvss40/cvss40_threat.rb +34 -0
  37. data/lib/cvss_suite/cvss_31_and_before.rb +50 -0
  38. data/lib/cvss_suite/cvss_40_and_later.rb +45 -0
  39. data/lib/cvss_suite/cvss_metric.rb +4 -6
  40. data/lib/cvss_suite/cvss_property.rb +0 -6
  41. data/lib/cvss_suite/errors.rb +0 -6
  42. data/lib/cvss_suite/helpers/cvss31_helper.rb +0 -6
  43. data/lib/cvss_suite/helpers/cvss3_helper.rb +0 -6
  44. data/lib/cvss_suite/invalid_cvss.rb +0 -6
  45. data/lib/cvss_suite/version.rb +1 -7
  46. data/lib/cvss_suite.rb +5 -7
  47. metadata +40 -11
@@ -0,0 +1,45 @@
1
+ # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
+ #
3
+ # This work is licensed under the terms of the MIT license.
4
+ # See the LICENSE.md file in the top-level directory.
5
+
6
+ require_relative 'cvss'
7
+
8
+ module CvssSuite
9
+ ##
10
+ # This class represents any CVSS vector. Do not instantiate this class!
11
+ class Cvss40AndLater < Cvss
12
+ ##
13
+ # Metric of a CVSS vector for CVSS 2, 3, 3.1.
14
+ attr_reader :temporal, :environmental
15
+
16
+ ##
17
+ # Creates a new CVSS vector by a +vector+, for all CVSS versions from 4.0.
18
+ #
19
+ # Raises an exception if it is called on Cvss40AndLater class.
20
+ def initialize(vector)
21
+ raise CvssSuite::Errors::InvalidParentClass, 'Do not instantiate this class!' if instance_of? Cvss40AndLater
22
+
23
+ super
24
+ end
25
+
26
+ ##
27
+ # Returns if CVSS vector is valid.
28
+ def valid?
29
+ if @amount_of_properties >= required_amount_of_properties
30
+ @base.valid?
31
+
32
+ else
33
+ false
34
+ end
35
+ end
36
+
37
+ ##
38
+ # Returns the Overall Score of the CVSS vector.
39
+ def overall_score
40
+ check_validity
41
+
42
+ @all_up.score
43
+ end
44
+ end
45
+ end
@@ -1,11 +1,5 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2016-2022 Siemens AG
4
- # Copyright (c) 2022 0llirocks
5
- #
6
- # Authors:
7
- # 0llirocks <http://0lli.rocks>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
@@ -36,6 +30,10 @@ module CvssSuite
36
30
  @properties.count
37
31
  end
38
32
 
33
+ ##
34
+ # We aggregate these in some other classes
35
+ attr_reader :properties
36
+
39
37
  private
40
38
 
41
39
  def extract_selected_values_from(selected_properties)
@@ -1,11 +1,5 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2016-2022 Siemens AG
4
- # Copyright (c) 2022 0llirocks
5
- #
6
- # Authors:
7
- # 0llirocks <http://0lli.rocks>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
@@ -1,11 +1,5 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2016-2022 Siemens AG
4
- # Copyright (c) 2022 0llirocks
5
- #
6
- # Authors:
7
- # Adam David <adamrdavid@gmail.com>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
@@ -1,11 +1,5 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2016-2022 Siemens AG
4
- # Copyright (c) 2022 0llirocks
5
- #
6
- # Authors:
7
- # 0llirocks <http://0lli.rocks>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
@@ -1,11 +1,5 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2016-2022 Siemens AG
4
- # Copyright (c) 2022 0llirocks
5
- #
6
- # Authors:
7
- # 0llirocks <http://0lli.rocks>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
@@ -1,11 +1,5 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2018-2022 Siemens AG
4
- # Copyright (c) 2022 0llirocks
5
- #
6
- # Authors:
7
- # 0llirocks <http://0lli.rocks>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
@@ -1,14 +1,8 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2016-2022 Siemens AG
4
- # Copyright (c) 2022-2023 0llirocks
5
- #
6
- # Authors:
7
- # 0llirocks <http://0lli.rocks>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
12
6
  module CvssSuite
13
- VERSION = '3.1.1'.freeze
7
+ VERSION = '3.2.1'.freeze
14
8
  end
data/lib/cvss_suite.rb CHANGED
@@ -1,17 +1,12 @@
1
1
  # CVSS-Suite, a Ruby gem to manage the CVSS vector
2
2
  #
3
- # Copyright (c) 2016-2022 Siemens AG
4
- # Copyright (c) 2022 0llirocks
5
- #
6
- # Authors:
7
- # 0llirocks <http://0lli.rocks>
8
- #
9
3
  # This work is licensed under the terms of the MIT license.
10
4
  # See the LICENSE.md file in the top-level directory.
11
5
 
12
6
  require 'cvss_suite/cvss2/cvss2'
13
7
  require 'cvss_suite/cvss3/cvss3'
14
8
  require 'cvss_suite/cvss31/cvss31'
9
+ require 'cvss_suite/cvss40/cvss40'
15
10
  require 'cvss_suite/version'
16
11
  require 'cvss_suite/errors'
17
12
  require 'cvss_suite/invalid_cvss'
@@ -23,7 +18,8 @@ module CvssSuite
23
18
  { string: 'AV:', version: 2 },
24
19
  { string: '(AV:', version: 2 },
25
20
  { string: 'CVSS:3.0/', version: 3.0 },
26
- { string: 'CVSS:3.1/', version: 3.1 }
21
+ { string: 'CVSS:3.1/', version: 3.1 },
22
+ { string: 'CVSS:4.0/', version: 4.0 }
27
23
  ].freeze
28
24
 
29
25
  ##
@@ -39,6 +35,8 @@ module CvssSuite
39
35
  Cvss3.new(prepare_vector(@vector_string))
40
36
  when 3.1
41
37
  Cvss31.new(prepare_vector(@vector_string))
38
+ when 4.0
39
+ Cvss40.new(prepare_vector(@vector_string))
42
40
  else
43
41
  InvalidCvss.new
44
42
  end
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cvss-suite
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.1
4
+ version: 3.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0llirocks
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-10-15 00:00:00.000000000 Z
11
+ date: 2024-05-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ">="
17
+ - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: '1.10'
19
+ version: 2.4.22
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ">="
24
+ - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: '1.10'
26
+ version: 2.4.22
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rspec
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -52,6 +52,20 @@ dependencies:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: '1.2'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rubocop
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - '='
60
+ - !ruby/object:Gem::Version
61
+ version: 1.50.2
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - '='
67
+ - !ruby/object:Gem::Version
68
+ version: 1.50.2
55
69
  - !ruby/object:Gem::Dependency
56
70
  name: simplecov
57
71
  requirement: !ruby/object:Gem::Requirement
@@ -67,8 +81,9 @@ dependencies:
67
81
  - !ruby/object:Gem::Version
68
82
  version: '0.18'
69
83
  description: |-
70
- This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
71
- Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
84
+ This Ruby gem calculates the score based on the vector of the
85
+ Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document)
86
+ in version 4.0, 3.1, 3.0 and 2.
72
87
  email:
73
88
  executables: []
74
89
  extensions: []
@@ -108,6 +123,20 @@ files:
108
123
  - lib/cvss_suite/cvss31/cvss31_base.rb
109
124
  - lib/cvss_suite/cvss31/cvss31_environmental.rb
110
125
  - lib/cvss_suite/cvss31/cvss31_temporal.rb
126
+ - lib/cvss_suite/cvss40/cvss40.rb
127
+ - lib/cvss_suite/cvss40/cvss40_all_up.rb
128
+ - lib/cvss_suite/cvss40/cvss40_base.rb
129
+ - lib/cvss_suite/cvss40/cvss40_calc_helper.rb
130
+ - lib/cvss_suite/cvss40/cvss40_constants_levels.rb
131
+ - lib/cvss_suite/cvss40/cvss40_constants_macro_vector_lookup.rb
132
+ - lib/cvss_suite/cvss40/cvss40_constants_max_composed.rb
133
+ - lib/cvss_suite/cvss40/cvss40_constants_max_severity.rb
134
+ - lib/cvss_suite/cvss40/cvss40_environmental.rb
135
+ - lib/cvss_suite/cvss40/cvss40_environmental_security.rb
136
+ - lib/cvss_suite/cvss40/cvss40_supplemental.rb
137
+ - lib/cvss_suite/cvss40/cvss40_threat.rb
138
+ - lib/cvss_suite/cvss_31_and_before.rb
139
+ - lib/cvss_suite/cvss_40_and_later.rb
111
140
  - lib/cvss_suite/cvss_metric.rb
112
141
  - lib/cvss_suite/cvss_property.rb
113
142
  - lib/cvss_suite/errors.rb
@@ -115,13 +144,13 @@ files:
115
144
  - lib/cvss_suite/helpers/cvss3_helper.rb
116
145
  - lib/cvss_suite/invalid_cvss.rb
117
146
  - lib/cvss_suite/version.rb
118
- homepage:
147
+ homepage: https://cvss-suite.0lli.rocks
119
148
  licenses:
120
149
  - MIT
121
150
  metadata:
122
151
  bug_tracker_uri: https://github.com/0llirocks/cvss-suite/issues
123
152
  changelog_uri: https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md
124
- documentation_uri: https://www.rubydoc.info/gems/cvss-suite/3.1.1
153
+ documentation_uri: https://www.rubydoc.info/gems/cvss-suite/3.2.1
125
154
  homepage_uri: https://cvss-suite.0lli.rocks
126
155
  source_code_uri: https://github.com/0llirocks/cvss-suite
127
156
  post_install_message:
@@ -139,7 +168,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
139
168
  - !ruby/object:Gem::Version
140
169
  version: '0'
141
170
  requirements: []
142
- rubygems_version: 3.3.7
171
+ rubygems_version: 3.0.3.1
143
172
  signing_key:
144
173
  specification_version: 4
145
174
  summary: Ruby gem for processing cvss vectors.