Module: CvssSuite

Defined in:
lib/cvss_suite.rb,
lib/cvss_suite/cvss.rb,
lib/cvss_suite/errors.rb,
lib/cvss_suite/version.rb,
lib/cvss_suite/cvss2/cvss2.rb,
lib/cvss_suite/cvss3/cvss3.rb,
lib/cvss_suite/cvss_metric.rb,
lib/cvss_suite/invalid_cvss.rb,
lib/cvss_suite/cvss31/cvss31.rb,
lib/cvss_suite/cvss40/cvss40.rb,
lib/cvss_suite/cvss_property.rb,
lib/cvss_suite/cvss2/cvss2_base.rb,
lib/cvss_suite/cvss3/cvss3_base.rb,
lib/cvss_suite/cvss_40_and_later.rb,
lib/cvss_suite/cvss31/cvss31_base.rb,
lib/cvss_suite/cvss40/cvss40_base.rb,
lib/cvss_suite/cvss_31_and_before.rb,
lib/cvss_suite/cvss2/cvss2_temporal.rb,
lib/cvss_suite/cvss3/cvss3_temporal.rb,
lib/cvss_suite/cvss40/cvss40_all_up.rb,
lib/cvss_suite/cvss40/cvss40_threat.rb,
lib/cvss_suite/helpers/cvss3_helper.rb,
lib/cvss_suite/helpers/cvss31_helper.rb,
lib/cvss_suite/cvss31/cvss31_temporal.rb,
lib/cvss_suite/cvss2/cvss2_environmental.rb,
lib/cvss_suite/cvss3/cvss3_environmental.rb,
lib/cvss_suite/cvss40/cvss40_calc_helper.rb,
lib/cvss_suite/cvss40/cvss40_supplemental.rb,
lib/cvss_suite/cvss31/cvss31_environmental.rb,
lib/cvss_suite/cvss40/cvss40_environmental.rb,
lib/cvss_suite/cvss40/cvss40_constants_levels.rb,
lib/cvss_suite/cvss40/cvss40_constants_max_composed.rb,
lib/cvss_suite/cvss40/cvss40_constants_max_severity.rb,
lib/cvss_suite/cvss40/cvss40_environmental_security.rb,
lib/cvss_suite/cvss40/cvss40_constants_macro_vector_lookup.rb

Overview

CVSS-Suite, a Ruby gem to manage the CVSS vector

This work is licensed under the terms of the MIT license. See the LICENSE.md file in the top-level directory.

Defined Under Namespace

Modules: Cvss31Helper, Cvss3Helper, Cvss40Constants, Errors Classes: Cvss, Cvss2, Cvss2Base, Cvss2Environmental, Cvss2Temporal, Cvss3, Cvss31, Cvss31AndBefore, Cvss31Base, Cvss31Environmental, Cvss31Temporal, Cvss3Base, Cvss3Environmental, Cvss3Temporal, Cvss40, Cvss40AllUp, Cvss40AndLater, Cvss40Base, Cvss40CalcHelper, Cvss40Environmental, Cvss40EnvironmentalSecurity, Cvss40Supplemental, Cvss40Threat, CvssMetric, CvssProperty, InvalidCvss

Constant Summary collapse

CVSS_VECTOR_BEGINNINGS = 
[
  { string: 'AV:', version: 2 },
  { string: '(AV:', version: 2 },
  { string: 'CVSS:3.0/', version: 3.0 },
  { string: 'CVSS:3.1/', version: 3.1 },
  { string: 'CVSS:4.0/', version: 4.0 }
].freeze
VERSION = 
'4.1.2'.freeze

Class Method Summary collapse

Class Method Details

.new(vector) ⇒ Object

Returns a CVSS class by a vector.



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/cvss_suite.rb', line 27

def self.new(vector)
  return InvalidCvss.new unless vector.is_a? String

  @vector_string = if vector.frozen?
                     vector.dup
                   else
                     vector
                   end

  case version
  when 2
    Cvss2.new(prepare_vector(@vector_string))
  when 3.0
    Cvss3.new(prepare_vector(@vector_string))
  when 3.1
    Cvss31.new(prepare_vector(@vector_string))
  when 4.0
    Cvss40.new(prepare_vector(@vector_string))
  else
    InvalidCvss.new
  end
end

.prepare_cvss2_vector(vector) ⇒ Object 



73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'lib/cvss_suite.rb', line 73

def self.prepare_cvss2_vector(vector)
  start_of_vector = vector.index('AV')

  if start_of_vector.nil?
    ''
  elsif start_of_vector == 1
    match_array = vector.scan(/\((?>[^)(]+|\g<0>)*\)/)
    if match_array.length == 1 && match_array[0] == vector
      vector.slice!(0)
      vector.slice!(vector.length - 1)
      vector
    else
      ''
    end
  else
    vector[start_of_vector..]
  end
end

.prepare_vector(vector) ⇒ Object 



58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
# File 'lib/cvss_suite.rb', line 58

def self.prepare_vector(vector)
  vector = vector.clone

  return prepare_cvss2_vector(vector) if version == 2

  version_string = CVSS_VECTOR_BEGINNINGS.detect { |v| v[:version] == version } [:string]
  start_of_vector = vector.index(version_string)

  if start_of_vector.nil?
    ''
  else
    vector[version_string.length..]
  end
end

.versionObject 



52
53
54
55
56
 
# File 'lib/cvss_suite.rb', line 52

def self.version
  CVSS_VECTOR_BEGINNINGS.each do |beginning|
    return beginning[:version] if @vector_string.start_with? beginning[:string]
  end
end