cvss

package module
v0.0.0-...-a4ad666 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 30, 2015 License: MIT Imports: 3 Imported by: 4

README

umisama/go-cvssBuild Status

A Common Vulnerability Scoring System 2.0 (CVSSv2) implementation for golang.

status

complete.

intallation

off cource, go getable

go get github.com/umisama/go-cvss

usage

simple example is here

import "github.com/umisama/go-cvss"


// Create vector with formated string.
v, err := cvss.ParseVectors(
        "(AV:L/AC:H/Au:N/C:N/I:P/A:C)")
if err != nil {
        panic(err) // if string is invalid.
}
fmt.Printf("string: %s \n", v.String())
fmt.Printf(
        "base_score: %f  / temporal_score: %f / environment_score: %f\noverall %f\n\n",
        v.BaseScore(), v.TemporalScore(), v.EnvironmentalScore(), v.Score())

// Supporting temporal/environment vectors.
v, err = cvss.ParseVectors(
        "(AV:L/AC:H/Au:N/C:N/I:P/A:C/E:POC/RL:OF/RC:C/CDP:L/TD:M/CR:L/IR:L/AR:H)")
if err != nil {
        panic(err) // if string is invalid.
}
fmt.Printf("string: %s \n", v.String())
fmt.Printf(
        "base_score: %f  / temporal_score: %f / environment_score: %f\noverall %f\n\n",
        v.BaseScore(), v.TemporalScore(), v.EnvironmentalScore(), v.Score())

// You can create struct directly.
v = cvss.Vectors{
        AV:  cvss.AccessVector_Local,
        AC:  cvss.AccessComplexity_High,
        Au:  cvss.Authentication_None,
        C:   cvss.Impact_None,
        I:   cvss.Impact_Partial,
        A:   cvss.Impact_Complete,
        E:   cvss.Exploitability_ProofOfConcept,
        RL:  cvss.RemediationLevel_OfficialFix,
        RC:  cvss.ReportConfidence_Confirmed,
        CDP: cvss.CollateralDamagePotential_Low,
        TD:  cvss.TargetDistribution_Medium,
        CR:  cvss.Requirement_Low,
        IR:  cvss.Requirement_Low,
        AR:  cvss.Requirement_High,
}
fmt.Printf("string: %s \n", v.String())
fmt.Printf(
        "base_score: %f  / temporal_score: %f / environment_score: %f\noverall %f\n\n",
        v.BaseScore(), v.TemporalScore(), v.EnvironmentalScore(), v.Score())

document

reference

license

under the MIT License

Documentation

Overview

Package cvss provides parsing and scoring with Common Vulunerability Scoring System version 2.0(CVSS v2).

See https://github.com/umisama/go-cvss for examples.

Index

Constants

View Source 
const (
	// Define all metric factors.
	// must use these, don't create yourself.
	AccessVector_Local                   = AccessVector("L")
	AccessVector_AdjacentNetwork         = AccessVector("A")
	AccessVector_Network                 = AccessVector("N")
	AccessComplexity_High                = AccessComplexity("H")
	AccessComplexity_Medium              = AccessComplexity("M")
	AccessComplexity_Low                 = AccessComplexity("L")
	Authentication_Multiple              = Authentication("M")
	Authentication_Single                = Authentication("S")
	Authentication_None                  = Authentication("N")
	Impact_Complete                      = Impact("C")
	Impact_Partial                       = Impact("P")
	Impact_None                          = Impact("N")
	Exploitability_Unproven              = Exploitability("U")
	Exploitability_ProofOfConcept        = Exploitability("POC")
	Exploitability_Functional            = Exploitability("F")
	Exploitability_High                  = Exploitability("H")
	Exploitability_NotDefined            = Exploitability("ND")
	RemediationLevel_OfficialFix         = RemediationLevel("OF")
	RemediationLevel_TemporaryFix        = RemediationLevel("T")
	RemediationLevel_Workaround          = RemediationLevel("W")
	RemediationLevel_Unavailable         = RemediationLevel("U")
	RemediationLevel_NotDefined          = RemediationLevel("ND")
	ReportConfidence_Unconfirmed         = ReportConfidence("UC")
	ReportConfidence_Uncorroborated      = ReportConfidence("UR")
	ReportConfidence_Confirmed           = ReportConfidence("C")
	ReportConfidence_NotDefined          = ReportConfidence("ND")
	CollateralDamagePotential_None       = CollateralDamagePotential("N")
	CollateralDamagePotential_Low        = CollateralDamagePotential("L")
	CollateralDamagePotential_LowMedium  = CollateralDamagePotential("LM")
	CollateralDamagePotential_MediumHigh = CollateralDamagePotential("MH")
	CollateralDamagePotential_High       = CollateralDamagePotential("H")
	CollateralDamagePotential_NotDefined = CollateralDamagePotential("ND")
	TargetDistribution_None              = TargetDistribution("N")
	TargetDistribution_Low               = TargetDistribution("L")
	TargetDistribution_Medium            = TargetDistribution("M")
	TargetDistribution_High              = TargetDistribution("H")
	TargetDistribution_NotDefined        = TargetDistribution("ND")
	Requirement_Low                      = Requirement("L")
	Requirement_Medium                   = Requirement("M")
	Requirement_High                     = Requirement("H")
	Requirement_NotDefined               = Requirement("ND")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessComplexity 

type AccessComplexity string

AccessComplexity reprecents access complexity in base vectors. implemements Metric interface.

func (AccessComplexity) IsValid 

func (m AccessComplexity) IsValid() bool

func (AccessComplexity) String 

func (m AccessComplexity) String() string

func (AccessComplexity) StringShort 

func (m AccessComplexity) StringShort() string

type AccessVector 

type AccessVector string

AccessVector reprecents access vector in base vectors. implemements Metric interface.

func (AccessVector) IsValid 

func (m AccessVector) IsValid() bool

func (AccessVector) String 

func (m AccessVector) String() string

func (AccessVector) StringShort 

func (m AccessVector) StringShort() string

type Authentication 

type Authentication string

AccessComplexity reprecents authentication in base vectors. implemements Metric interface.

func (Authentication) IsValid 

func (m Authentication) IsValid() bool

func (Authentication) String 

func (m Authentication) String() string

func (Authentication) StringShort 

func (m Authentication) StringShort() string

type CollateralDamagePotential 

type CollateralDamagePotential string

CollateralDamagePotential reprecents temporal damage potential in environmental vectors. implemements Metric interface.

func (CollateralDamagePotential) IsValid 

func (m CollateralDamagePotential) IsValid() bool

func (CollateralDamagePotential) String 

func (m CollateralDamagePotential) String() string

func (CollateralDamagePotential) StringShort 

func (m CollateralDamagePotential) StringShort() string

type Exploitability 

type Exploitability string

Exploitability reprecents exploitability in temporal vectors. implemements Metric interface.

func (Exploitability) IsValid 

func (m Exploitability) IsValid() bool

func (Exploitability) String 

func (m Exploitability) String() string

func (Exploitability) StringShort 

func (m Exploitability) StringShort() string

type Impact 

type Impact string

AccessComplexity reprecents (confidentiality|integrity|availability) impact in base vectors. implemements Metric interface.

func (Impact) IsValid 

func (m Impact) IsValid() bool

func (Impact) String 

func (m Impact) String() string

func (Impact) StringShort 

func (m Impact) StringShort() string

type Metric 

type Metric interface {
	IsValid() bool

	String() string
	StringShort() string
	// contains filtered or unexported methods
}

Metric reprecents all metric factors.

type RemediationLevel 

type RemediationLevel string

RemediationLevel reprecents remediation level in temporal vectors. implemements Metric interface.

func (RemediationLevel) IsValid 

func (m RemediationLevel) IsValid() bool

func (RemediationLevel) String 

func (m RemediationLevel) String() string

func (RemediationLevel) StringShort 

func (m RemediationLevel) StringShort() string

type ReportConfidence 

type ReportConfidence string

ReportConfidence reprecents report confidence in temporal vectors. implemements Metric interface.

func (ReportConfidence) IsValid 

func (m ReportConfidence) IsValid() bool

func (ReportConfidence) String 

func (m ReportConfidence) String() string

func (ReportConfidence) StringShort 

func (m ReportConfidence) StringShort() string

type Requirement 

type Requirement string

Requirement reprecents (confidentiality|integrity|availability) requirement in environmental vectors. implemements Metric interface.

func (Requirement) IsValid 

func (m Requirement) IsValid() bool

func (Requirement) String 

func (m Requirement) String() string

func (Requirement) StringShort 

func (m Requirement) StringShort() string

type TargetDistribution 

type TargetDistribution string

TargetDistribution reprecents target distribution in environmental vectors. implemements Metric interface.

func (TargetDistribution) IsValid 

func (m TargetDistribution) IsValid() bool

func (TargetDistribution) String 

func (m TargetDistribution) String() string

func (TargetDistribution) StringShort 

func (m TargetDistribution) StringShort() string

type Vectors 

type Vectors struct {
	AV  AccessVector
	AC  AccessComplexity
	Au  Authentication
	C   Impact
	I   Impact
	A   Impact
	E   Exploitability
	RL  RemediationLevel
	RC  ReportConfidence
	CDP CollateralDamagePotential
	TD  TargetDistribution
	CR  Requirement
	IR  Requirement
	AR  Requirement
}

Vectors reprecents a CVSS vector.

func ParseVectors 

func ParseVectors(str string) (Vectors, error)

ParseVectors create new Vectors object with str. str must valid as CVSS base/temporal/environment vectors.

func (Vectors) AdjustedImpactSubScore 

func (m Vectors) AdjustedImpactSubScore() float64

AdjustedImpactSubScore returns m's adjusted impact sub-score in environmental score.

func (Vectors) BaseScore 

func (m Vectors) BaseScore() float64

BaseScore returns m's base score.

func (Vectors) EnvironmentalScore 

func (m Vectors) EnvironmentalScore() float64

EnvironmentalScore returns m's environmental score.

func (Vectors) ExploitabilitySubScore 

func (m Vectors) ExploitabilitySubScore() float64

ExploitabilitySubScore returns m's exploitability sub-score in base score.

func (Vectors) HasEnvironmentalVectors 

func (m Vectors) HasEnvironmentalVectors() bool

IsValid returns true if Vectors has environmental vectors.

func (Vectors) HasTemporalVectors 

func (m Vectors) HasTemporalVectors() bool

IsValid returns true if Vectors has temporal vectors.

func (Vectors) ImpactSubScore 

func (m Vectors) ImpactSubScore() float64

ImpactSubScore returns m's impact sub-score in base score.

func (Vectors) IsValid 

func (m Vectors) IsValid() bool

IsValid returns true if Vectors is valid vector.

func (Vectors) Score 

func (m Vectors) Score() float64

Score returns m's overall score.

func (Vectors) String 

func (m Vectors) String() string

String returns formatted m.

func (Vectors) TemporalScore 

func (m Vectors) TemporalScore() float64

TemporalScore returns m's temporal score.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.