UNPKG

@pandatix/js-cvss

Version:

JavaScript implementation of the CVSS (Common Vulnerability Scoring System) standard from FIRST.ORG.

github.com/pandatix/js-cvss

pandatix/js-cvss

76 lines (75 loc) 2.49 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/** * Implementation of the CVSS v4.0 specification (https://www.first.org/cvss/v4.0/specification-document). */ export declare class CVSS40 { private _metrics; /** * Construct a CVSS v4.0 object, and parse the vector if provided. * If not, the Base metrics is set to the default values (score = 0). * * @param vector The vector to parse. * @throws When the vector is invalid. */ constructor(vector?: string); /** * Parse the provided vector. * Makes use of the regex for code simplicity, but we could use the * `metrics` constant to provide better accurate error messages. * * @param vector The vector to parse. * @throws When the vector is invalid. */ private parse; /** * Return the vector string representation of the CVSS v4.0 object. * * @return The vector string representation. */ Vector(): string; /** * Get the metric value given its value (e.g. 'AV'). * * @param metric The metric to get the value of. * @return The corresponding metric value. * @throws Metric does not exist. */ Get(metric: string): string; /** * Set the metric value given its key and value (e.g. 'AV' and 'L'). * * @param metric The metric to set the value of. * @param value The corresponding metric value. * @throws Metric does not exist or has an invalid value. */ Set(metric: string, value: string): void; /** * Compute the CVSS v4.0 Score of the current object, given its metrics and their * corresponding values. * * The implementation internals are largely based upon https://github.com/pandatix/go-cvss * submodule 40. * * @return The score (between 0.0 and 10.0 both included). */ Score(): number; /** * Gives the nomenclature of the current CVSS v4.0 object i.e. its structure * according to the Base, Threat and Environmental metric groups. * * @return The nomenclature string. */ Nomenclature(): string; private getReal; private macrovector; private static severityDistance; private static getValue; private static roundup; /** * Give the corresponding rating of the provided score. * * @param score The score to rate. * @return The rating. * @throws When the score is out of bounds. */ static Rating(score: number): 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'NONE'; }