cvss-suite 1.0.1 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/cvss_suite.gemspec +45 -1
- data/lib/cvss_suite/cvss.rb +5 -5
- data/lib/cvss_suite/version.rb +1 -1
- metadata +45 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ea284092d41dfe479cb616872fe7ec5a21df942
|
|
4
|
+
data.tar.gz: ad6f1417558619068e54d1e310d1b3f7a496bad7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 89b23a2086ef76bf0e5858dac1bea67a3f0f5d3fb37cfc7e134bfbdd9e949faecdb7126e5191a0d74c1408f19d3d07db5b8ada00fc40bbe89f417911e952a9ae
|
|
7
|
+
data.tar.gz: 0cf55d0f5e3dbee3fccecdffdeef10b6668c644f5105e3338ce7c9100a726632103928be666bad16169e1d621ef59331c73e548681310934dd95172fe648da32
|
data/cvss_suite.gemspec
CHANGED
|
@@ -12,7 +12,51 @@ Gem::Specification.new do |spec|
|
|
|
12
12
|
|
|
13
13
|
spec.summary = %q{Ruby gem for processing cvss vectors.}
|
|
14
14
|
spec.description = %q{This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
|
15
|
-
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
|
15
|
+
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
|
16
|
+
|
|
17
|
+
Homepage is still in progress and will be published soon (along with full documentation).
|
|
18
|
+
|
|
19
|
+
## Usage
|
|
20
|
+
|
|
21
|
+
```ruby
|
|
22
|
+
require 'cvss_suite'
|
|
23
|
+
|
|
24
|
+
cvss = CvssSuite.new('AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M')
|
|
25
|
+
|
|
26
|
+
vector = cvss.vector # 'AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M'
|
|
27
|
+
version = cvss.version # 2
|
|
28
|
+
|
|
29
|
+
# Scores
|
|
30
|
+
base_score = cvss.base_score # 4.9
|
|
31
|
+
temporal_score = cvss.temporal_score # 3.6
|
|
32
|
+
environmental_score = cvss.environmental_score # 3.2
|
|
33
|
+
overall_score = cvss.overall_score # 3.2
|
|
34
|
+
|
|
35
|
+
# Available options
|
|
36
|
+
access_vector = cvss.base.access_vector.name # 'Access Vector'
|
|
37
|
+
remediation_level = cvss.temporal.remediation_level.name # 'Remediation Level'
|
|
38
|
+
|
|
39
|
+
access_vector.choices.each do |choice|
|
|
40
|
+
choice[:name] # 'Local', 'Adjacent Network', 'Network'
|
|
41
|
+
choice[:abbreviation] # 'L', 'A', 'N'
|
|
42
|
+
choice[:selected] # false, true, false
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
# Selected options
|
|
46
|
+
cvss.base.access_vector.selected_choice[:name] # Adjacent Network
|
|
47
|
+
cvss.temporal.remediation_level.selected_choice[:name] # Temporary Fix
|
|
48
|
+
|
|
49
|
+
# Exceptions
|
|
50
|
+
|
|
51
|
+
CvssSuite.new('random_string') # will throw a RuntimeError: Vector is not valid!
|
|
52
|
+
CvssSuite.new() # will throw a ArgumentError
|
|
53
|
+
|
|
54
|
+
cvss = CvssSuite.new('AV:N/AC:P/C:P/AV:U/RL:OF/RC:C') # invalid vector, authentication is missing
|
|
55
|
+
|
|
56
|
+
version = cvss.version # 2
|
|
57
|
+
|
|
58
|
+
cvss.base_score # will throw a RuntimeError: Vector is not valid!
|
|
59
|
+
```}
|
|
16
60
|
spec.homepage = "https://github.com/siemens/cvss-suite"
|
|
17
61
|
|
|
18
62
|
# Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
|
data/lib/cvss_suite/cvss.rb
CHANGED
|
@@ -15,19 +15,19 @@ class Cvss
|
|
|
15
15
|
attr_reader :version
|
|
16
16
|
|
|
17
17
|
##
|
|
18
|
-
# Returns the vector itself
|
|
18
|
+
# Returns the vector itself.
|
|
19
19
|
|
|
20
|
-
attr_reader :
|
|
20
|
+
attr_reader :vector
|
|
21
21
|
|
|
22
22
|
##
|
|
23
23
|
# Creates a new CVSS vector by a +vector+ and a +version+.
|
|
24
24
|
#
|
|
25
|
-
# Raises an exception if it is called on Cvss class
|
|
25
|
+
# Raises an exception if it is called on Cvss class.
|
|
26
26
|
|
|
27
27
|
def initialize(vector, version)
|
|
28
28
|
raise 'Do not instantiate this class!' if self.class == Cvss
|
|
29
29
|
@version = version
|
|
30
|
-
@
|
|
30
|
+
@vector = vector
|
|
31
31
|
@properties = []
|
|
32
32
|
extract_metrics
|
|
33
33
|
init_metrics
|
|
@@ -75,7 +75,7 @@ class Cvss
|
|
|
75
75
|
|
|
76
76
|
def prepared_vector
|
|
77
77
|
start_of_vector = @vector_string.index('AV')
|
|
78
|
-
@
|
|
78
|
+
@vector[start_of_vector..-1]
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
def required_amount_of_properties
|
data/lib/cvss_suite/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cvss-suite
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Oliver Hamboerger
|
|
@@ -111,6 +111,50 @@ dependencies:
|
|
|
111
111
|
description: |-
|
|
112
112
|
This Ruby gem helps you to process the vector of the Common Vulnerability Scoring System (https://www.first.org/cvss/specification-document).
|
|
113
113
|
Besides calculating the Base, Temporal and Environmental Score, you are able to extract the selected option.
|
|
114
|
+
|
|
115
|
+
Homepage is still in progress and will be published soon (along with full documentation).
|
|
116
|
+
|
|
117
|
+
## Usage
|
|
118
|
+
|
|
119
|
+
```ruby
|
|
120
|
+
require 'cvss_suite'
|
|
121
|
+
|
|
122
|
+
cvss = CvssSuite.new('AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M')
|
|
123
|
+
|
|
124
|
+
vector = cvss.vector # 'AV:A/AC:M/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:UC/CDP:L/TD:M/CR:M/IR:M/AR:M'
|
|
125
|
+
version = cvss.version # 2
|
|
126
|
+
|
|
127
|
+
# Scores
|
|
128
|
+
base_score = cvss.base_score # 4.9
|
|
129
|
+
temporal_score = cvss.temporal_score # 3.6
|
|
130
|
+
environmental_score = cvss.environmental_score # 3.2
|
|
131
|
+
overall_score = cvss.overall_score # 3.2
|
|
132
|
+
|
|
133
|
+
# Available options
|
|
134
|
+
access_vector = cvss.base.access_vector.name # 'Access Vector'
|
|
135
|
+
remediation_level = cvss.temporal.remediation_level.name # 'Remediation Level'
|
|
136
|
+
|
|
137
|
+
access_vector.choices.each do |choice|
|
|
138
|
+
choice[:name] # 'Local', 'Adjacent Network', 'Network'
|
|
139
|
+
choice[:abbreviation] # 'L', 'A', 'N'
|
|
140
|
+
choice[:selected] # false, true, false
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
# Selected options
|
|
144
|
+
cvss.base.access_vector.selected_choice[:name] # Adjacent Network
|
|
145
|
+
cvss.temporal.remediation_level.selected_choice[:name] # Temporary Fix
|
|
146
|
+
|
|
147
|
+
# Exceptions
|
|
148
|
+
|
|
149
|
+
CvssSuite.new('random_string') # will throw a RuntimeError: Vector is not valid!
|
|
150
|
+
CvssSuite.new() # will throw a ArgumentError
|
|
151
|
+
|
|
152
|
+
cvss = CvssSuite.new('AV:N/AC:P/C:P/AV:U/RL:OF/RC:C') # invalid vector, authentication is missing
|
|
153
|
+
|
|
154
|
+
version = cvss.version # 2
|
|
155
|
+
|
|
156
|
+
cvss.base_score # will throw a RuntimeError: Vector is not valid!
|
|
157
|
+
```
|
|
114
158
|
email:
|
|
115
159
|
- oliver.hamboerger@siemens.com
|
|
116
160
|
executables: []
|