5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
# File 'lib/jekyll-cve-badge/api-helper.rb', line 5
def get_cvss_severity_score(cve_id)
uri = URI.parse("https://services.nvd.nist.gov/rest/json/cve/1.0/#{cve_id}")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Get.new(uri.request_uri)
response = http.request(request)
if response.code != "200"
[nil, nil]
end
result = JSON.parse(response.body)
if result["result"]["CVE_Items"][0]["impact"]["baseMetricV3"] != nil
[result["result"]["CVE_Items"][0]["impact"]["baseMetricV3"]["cvssV3"]["baseSeverity"], result["result"]["CVE_Items"][0]["impact"]["baseMetricV3"]["cvssV3"]["baseScore"]]
else
[result["result"]["CVE_Items"][0]["impact"]["baseMetricV2"]["severity"], result["result"]["CVE_Items"][0]["impact"]["baseMetricV2"]["cvssV2"]["baseScore"]]
end
end
|