Skip to content
forked from goark/go-cvss

Common Vulnerability Scoring System (CVSS)

License

Notifications You must be signed in to change notification settings

thejohnbrown/go-cvss

 
 

Repository files navigation

go-cvss - Common Vulnerability Scoring System (CVSS)

check vulns lint status GitHub license GitHub release

Importing CVSS vector and scoring.

  • Supoort CVSS version 3.0 and 3.1
  • Exporting CVSS information with template string

Sample Code

Base Metrics

package main

import (
    "fmt"
    "os"

    "github.com/spiegel-im-spiegel/go-cvss/v3/metric"
)

func main() {
    bm, err := metric.NewBase().Decode("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H") //CVE-2020-1472: ZeroLogon
    if err != nil {
        fmt.Fprintln(os.Stderr, err)
        return
    }
    fmt.Printf("Severity: %v (%v)\n", bm.Severity(), bm.Score())
    // Output:
    // Severity: Critical (10)
}

Temporal Metrics

package main

import (
    "fmt"
    "os"

    "github.com/spiegel-im-spiegel/go-cvss/v3/metric"
)

func main() {
    tm, err := metric.NewTemporal().Decode("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:W/RC:R") //CVE-2020-1472: ZeroLogon
    if err != nil {
        fmt.Fprintln(os.Stderr, err)
        return
    }
    fmt.Printf("Base Severity: %v (%v)\n", tm.BaseMetrics().Severity(), tm.BaseMetrics().Score())
    fmt.Printf("Temporal Severity: %v (%v)\n", tm.Severity(), tm.Score())
    // Output:
    // Base Severity: Critical (10)
    // Temporal Severity: Critical (9.1)
}

Reporting with template

ref: sample.go

Reference

About

Common Vulnerability Scoring System (CVSS)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 99.9%
  • Shell 0.1%