cvss-suite 3.3.0 → 4.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 773b87ded42d73797271e4dd4c05a261b69bc957295fe75654084f4edf4a4521
4
- data.tar.gz: e5ecc4e25e13cc8663ca12cbb8b065246ee25b0e44fbfb6bfdbbfdb61ef16b61
3
+ metadata.gz: a98ea207abe8f8db3eebbf32c5a456adde2609fa7af6356c081d38a1e339b6a3
4
+ data.tar.gz: 1fef95f8f7fe6cbd43f2e2002b71eb52d78220a9f18d580e3f032961312f12e9
5
5
  SHA512:
6
- metadata.gz: 3538af971b672a09547bc6f1286714876c7fe4ee61d19d4fddfaf961c42b014040cabd4259c0e22cb177064109d877a7339101ff7258afeb1b3ed937ed3cc516
7
- data.tar.gz: 8b3ffb3367ee5437b1ee0026ca7f1677da233c844124455886c580cb2cedc5cd0b72c712a920741dc942600fc58a99c4f88f3c6c3b23ae750c962e6cc3ba1907
6
+ metadata.gz: 4656cf5eb77bc4fd7b73e55a2fd52a10af66e03d1538fc4648a97b199c38607576d41f79276ef610632a3de91b12335ccbcafaedf09440892e1c95802ff3e8b5
7
+ data.tar.gz: 16e273bd0b0f731f406aed50260cc565f54c6092e9d72e25675e489cc4924fc01b346ba7c2aac48da600db18910c30ed831d4e4eb98c099d79edcbba1135f3cf
data/CHANGES.md CHANGED
@@ -2,6 +2,17 @@
2
2
  All notable changes to this project will be documented in this file.
3
3
  This project adheres to [Semantic Versioning](http://semver.org/).
4
4
 
5
+ ## [4.0.0] - 2024-08-31
6
+
7
+ ### Breaking Changes
8
+ * Removed score method for all CVSS 4.0 metrics. Since CVSS 4.0 only has one score, it doesn't make sense for each metric to return a separate score. See [#46](https://github.com/0llirocks/cvss-suite/issues/46) for more information.
9
+
10
+ ## [3.3.0] - 2024-08-31
11
+
12
+ ### Improvements
13
+ * Prepare support for ruby 3.4. Closes [#44](https://github.com/0llirocks/cvss-suite/issues/44). Many thanks to @HParker for adding this feature.
14
+ * Add score method for CVSS 4.0 and later as an alias for overall_score.
15
+
5
16
  ## [3.2.2] - 2024-08-04
6
17
 
7
18
  ### Fixes
data/LICENSE.md CHANGED
@@ -12,6 +12,7 @@ Contributors:
12
12
  - joePedantic <https://github.com/joePedantic>
13
13
  - Brandyn Phelps <https://github.com/brphelps>
14
14
  - Karim ElGhandour <https://github.com/kghandour>
15
+ - Adam Hess <https://github.com/HParker>
15
16
 
16
17
  Permission is hereby granted, free of charge, to any person obtaining a copy of
17
18
  this software and associated documentation files (the "Software"), to deal in
@@ -10,7 +10,7 @@ require_relative 'cvss40_threat'
10
10
 
11
11
  module CvssSuite
12
12
  ##
13
- # This class represents a CVSS Threat metric in version 3.1.
13
+ # This class represents all CVSS metrics combined in version 4.0.
14
14
  class Cvss40AllUp < CvssMetric
15
15
  ##
16
16
  # Returns score of this metric
@@ -18,12 +18,6 @@ module CvssSuite
18
18
  :vulnerable_system_confidentiality, :vulnerable_system_integrity, :vulnerable_system_availability,
19
19
  :subsequent_system_confidentiality, :subsequent_system_integrity, :subsequent_system_availability
20
20
 
21
- ##
22
- # Returns score of this metric
23
- def score
24
- Cvss40CalcHelper.new(@properties.map { |p| [p.abbreviation, p.selected_value[:abbreviation]] }.to_h).score
25
- end
26
-
27
21
  private
28
22
 
29
23
  def init_properties
@@ -18,12 +18,6 @@ module CvssSuite
18
18
  :modified_subsequent_system_confidentiality, :modified_subsequent_system_integrity,
19
19
  :modified_subsequent_system_availability
20
20
 
21
- ##
22
- # Returns score of this metric
23
- def score
24
- Cvss40CalcHelper.new(@properties.map { |p| [p.abbreviation, p.selected_value[:abbreviation]] }.to_h).score
25
- end
26
-
27
21
  private
28
22
 
29
23
  def init_properties
@@ -14,12 +14,6 @@ module CvssSuite
14
14
  # Property of this metric
15
15
  attr_reader :confidentiality_requirements, :integrity_requirements, :availability_requirements
16
16
 
17
- ##
18
- # Returns score of this metric
19
- def score
20
- Cvss40CalcHelper.new(@properties.map { |p| [p.abbreviation, p.selected_value[:abbreviation]] }.to_h).score
21
- end
22
-
23
17
  private
24
18
 
25
19
  def init_properties
@@ -15,14 +15,6 @@ module CvssSuite
15
15
  attr_reader :safety, :automatable, :recovery, :value_density,
16
16
  :vulnerability_response_effort, :provider_urgency
17
17
 
18
- ##
19
- # Returns score of this metric
20
- def score
21
- return 1.0 unless valid?
22
-
23
- @exploit_code_maturity.score * @remediation_level.score * @report_confidence.score
24
- end
25
-
26
18
  private
27
19
 
28
20
  def init_properties
@@ -14,12 +14,6 @@ module CvssSuite
14
14
  # Property of this metric
15
15
  attr_reader :exploit_maturity
16
16
 
17
- ##
18
- # Returns score of this metric
19
- def score
20
- Cvss40CalcHelper.new(@properties.map { |p| [p.abbreviation, p.selected_value[:abbreviation]] }.to_h).score
21
- end
22
-
23
17
  private
24
18
 
25
19
  def init_properties
@@ -10,8 +10,8 @@ module CvssSuite
10
10
  # This class represents any CVSS vector. Do not instantiate this class!
11
11
  class Cvss40AndLater < Cvss
12
12
  ##
13
- # Metric of a CVSS vector for CVSS 2, 3, 3.1.
14
- attr_reader :temporal, :environmental
13
+ # Metric of a CVSS vector for CVSS 4.0.
14
+ attr_reader :supplemental, :environmental, :environmental_security, :threat
15
15
 
16
16
  ##
17
17
  # Creates a new CVSS vector by a +vector+, for all CVSS versions from 4.0.
@@ -4,5 +4,5 @@
4
4
  # See the LICENSE.md file in the top-level directory.
5
5
 
6
6
  module CvssSuite
7
- VERSION = '3.3.0'.freeze
7
+ VERSION = '4.0.0'.freeze
8
8
  end
metadata CHANGED
@@ -1,11 +1,10 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cvss-suite
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.0
4
+ version: 4.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0llirocks
8
- autorequire:
9
8
  bindir: exe
10
9
  cert_chain: []
11
10
  date: 2024-08-31 00:00:00.000000000 Z
@@ -84,7 +83,6 @@ description: |-
84
83
  This Ruby gem calculates the score based on the vector of the
85
84
  Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document)
86
85
  in version 4.0, 3.1, 3.0 and 2.
87
- email:
88
86
  executables: []
89
87
  extensions: []
90
88
  extra_rdoc_files: []
@@ -150,10 +148,9 @@ licenses:
150
148
  metadata:
151
149
  bug_tracker_uri: https://github.com/0llirocks/cvss-suite/issues
152
150
  changelog_uri: https://github.com/0llirocks/cvss-suite/blob/master/CHANGES.md
153
- documentation_uri: https://www.rubydoc.info/gems/cvss-suite/3.3.0
151
+ documentation_uri: https://www.rubydoc.info/gems/cvss-suite/4.0.0
154
152
  homepage_uri: https://cvss-suite.0lli.rocks
155
153
  source_code_uri: https://github.com/0llirocks/cvss-suite
156
- post_install_message:
157
154
  rdoc_options: []
158
155
  require_paths:
159
156
  - lib
@@ -168,8 +165,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
168
165
  - !ruby/object:Gem::Version
169
166
  version: '0'
170
167
  requirements: []
171
- rubygems_version: 3.0.3.1
172
- signing_key:
168
+ rubygems_version: 3.6.0.dev
173
169
  specification_version: 4
174
170
  summary: Ruby gem for processing cvss vectors.
175
171
  test_files: []