From cb89cb35e9055ca39e74d116767726f62dbb03c5 Mon Sep 17 00:00:00 2001 From: Fabian Kutsche Date: Mon, 29 Aug 2022 09:31:42 +0200 Subject: [PATCH 1/2] add: update vector function --- lib/cvss.js | 26 ++++++++---- lib/util.js | 71 +++++++++++++++++++++---------- test/cvss.spec.js | 104 +++++++++++++++++++++++++++++----------------- 3 files changed, 133 insertions(+), 68 deletions(-) diff --git a/lib/cvss.js b/lib/cvss.js index ad93b5a..a3e5295 100644 --- a/lib/cvss.js +++ b/lib/cvss.js @@ -80,14 +80,13 @@ function CVSS(vector) { /** * Retrives the version from the vector string - * - * @return {String} returns the version number + * + * @return {String} returns the version number */ - function getVersion(){ + function getVersion() { return util.getVersion(vector); } - /** * Parses the vector to a number score * @@ -125,8 +124,19 @@ function CVSS(vector) { return util.getCleanVectorString(vector); } - vector = parseVectorObjectToString(vector); + /** + * Updates a vector's metric by a specific value + * + * @param {String} vector + * @param {String} metric + * @param {String} value + * @returns {String} Vector with updated value + */ + function updateVectorValue(metric, value) { + return util.updateVectorValue(vector, metric, value); + } + vector = parseVectorObjectToString(vector); //Check if vector version is valid const isVersionValid = getVersion(); @@ -134,7 +144,6 @@ function CVSS(vector) { throw new Error("The vector version is not valid"); } - //Check if vector format is valid const isValid = isVectorValid(); if (!isValid) { @@ -153,8 +162,9 @@ function CVSS(vector) { getDetailedVectorObject, getVersion, getCleanVectorString, - isValid + updateVectorValue, + isValid, }; } -module.exports = CVSS; \ No newline at end of file +module.exports = CVSS; diff --git a/lib/util.js b/lib/util.js index bcba551..1aa1075 100644 --- a/lib/util.js +++ b/lib/util.js @@ -17,7 +17,9 @@ const findMetric = function (abbr) { */ const findMetricValue = function (abbr, vectorObject) { const definition = findMetric(abbr); - const value = definition.metrics.find((metric) => metric.abbr === vectorObject[definition.abbr]); + const value = definition.metrics.find( + (metric) => metric.abbr === vectorObject[definition.abbr] + ); return value; }; @@ -57,7 +59,9 @@ function roundUpExact(num) { function getVectorObject(vector) { const vectorArray = vector.split("/"); const vectorObject = {}; - definitions.definitions.forEach((definition) => (vectorObject[definition["abbr"]] = "X")); + definitions.definitions.forEach( + (definition) => (vectorObject[definition["abbr"]] = "X") + ); for (const entry of vectorArray) { const values = entry.split(":"); @@ -102,13 +106,17 @@ function getDetailedVectorObject(vector) { abbr: vectorDef.abbr, fullName: `${vectorDef.name} (${vectorDef.abbr})`, value: vectorDef.metrics.find((def) => def.abbr === values[1]).name, - valueAbbr: values[1] + valueAbbr: values[1], }; return Object.assign(vectorObjectAccumulator, { - metrics: Object.assign(metrics, { [values[0].trim()]: detailedVectorObject }) + metrics: Object.assign(metrics, { + [values[0].trim()]: detailedVectorObject, + }), }); } else { - return Object.assign(vectorObjectAccumulator, { [values[0].trim()]: values[1] }); + return Object.assign(vectorObjectAccumulator, { + [values[0].trim()]: values[1], + }); } }, { metrics: {} } @@ -153,21 +161,25 @@ const isVectorValid = function (vector) { * Exit example: * ((((((((((AV:[NALP]|AC:[LH])|PR:[NLH])|UI:[NR])|S:[UC])|C:[NLW])|I:[NLW])|A:[NLW])|E:[XUPFH])|RL:[XOTWU])|RC:[XURC]) */ - const expression = definitions.definitions.reduce((accumulator, currentValue, index) => { - const serializedAbbr = `${currentValue.abbr}:[${currentValue.metrics.reduce( - (accumulator2, currentValue2) => { + const expression = definitions.definitions.reduce( + (accumulator, currentValue, index) => { + const serializedAbbr = `${ + currentValue.abbr + }:[${currentValue.metrics.reduce((accumulator2, currentValue2) => { return accumulator2 + currentValue2.abbr; - }, - "" - )}]`; - if (index !== 0) { - return `(${accumulator}|${serializedAbbr})`; - } else { - return serializedAbbr; - } - }, ""); + }, "")}]`; + if (index !== 0) { + return `(${accumulator}|${serializedAbbr})`; + } else { + return serializedAbbr; + } + }, + "" + ); - const totalExpressionVector = new RegExp("^CVSS:3.(0|1)(/" + expression + ")+$"); + const totalExpressionVector = new RegExp( + "^CVSS:3.(0|1)(/" + expression + ")+$" + ); //Checks if the vector is in valid format if (!totalExpressionVector.test(vector)) { @@ -185,9 +197,12 @@ const isVectorValid = function (vector) { */ const allExpressions = definitions.definitions.map((currentValue) => { return new RegExp( - `/${currentValue.abbr}:[${currentValue.metrics.reduce((accumulator2, currentValue2) => { - return accumulator2 + currentValue2.abbr; - }, "")}]`, + `/${currentValue.abbr}:[${currentValue.metrics.reduce( + (accumulator2, currentValue2) => { + return accumulator2 + currentValue2.abbr; + }, + "" + )}]`, "g" ); }); @@ -206,7 +221,7 @@ const isVectorValid = function (vector) { /\/S:[UC]/g, /\/C:[NLH]/g, /\/I:[NLH]/g, - /\/A:[NLH]/g + /\/A:[NLH]/g, ]; //Checks whether all mandatory parameters are present in the vector @@ -244,6 +259,15 @@ function parseVectorObjectToString(obj) { return vectorString; } +function updateVectorValue(vector, metric, value) { + const vectorObject = getVectorObject(vector); + vectorObject[metric] = value; + + const vectorString = parseVectorObjectToString(vectorObject); + + return getCleanVectorString(vectorString); +} + /** * Retrives the version from the vector string * @@ -268,8 +292,9 @@ module.exports = { findMetric, findMetricValue, getRating, + updateVectorValue, isVectorValid, parseVectorObjectToString, getVersion, - getCleanVectorString + getCleanVectorString, }; diff --git a/test/cvss.spec.js b/test/cvss.spec.js index 22e01c8..e2e72aa 100644 --- a/test/cvss.spec.js +++ b/test/cvss.spec.js @@ -34,7 +34,7 @@ describe("Score Tests", () => { RC: "X", RL: "X", S: "U", - UI: "N" + UI: "N", }); expect(vector5.getScore()).toBe(8.2); }); @@ -42,10 +42,14 @@ describe("Score Tests", () => { describe("Version Tests", () => { it("Should return the Version", () => { - const vector5 = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R"); + const vector5 = CVSS( + "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R" + ); expect(vector5.getVersion()).toBe("3.0"); - const vector6 = CVSS("CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R"); + const vector6 = CVSS( + "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R" + ); expect(vector6.getVersion()).toBe("3.1"); const vector7 = () => { @@ -62,10 +66,14 @@ describe("Version Tests", () => { describe("Temporal Tests", () => { it("Should return the temporal score", () => { - const vector5 = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R"); + const vector5 = CVSS( + "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R" + ); expect(vector5.getTemporalScore()).toBe(4.7); - const vector6 = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:F/RL:U/RC:X"); + const vector6 = CVSS( + "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:F/RL:U/RC:X" + ); expect(vector6.getTemporalScore()).toBe(5.4); const vector7 = CVSS({ @@ -80,7 +88,7 @@ describe("Temporal Tests", () => { RC: "X", RL: "X", S: "U", - UI: "N" + UI: "N", }); expect(vector7.getTemporalScore()).toBe(8.2); }); @@ -219,7 +227,7 @@ describe("Vector Object Tests", () => { MS: "X", MC: "X", MI: "X", - MA: "X" + MA: "X", }); }); @@ -249,7 +257,7 @@ describe("Vector Object Tests", () => { MS: "X", MC: "X", MI: "X", - MA: "X" + MA: "X", }); }); }); @@ -307,13 +315,19 @@ describe("Check vector", () => { }); it("all tests must have the vectors in valid format", () => { - const vector = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R"); + const vector = CVSS( + "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R" + ); expect(vector.isValid).toBe(true); - const vector2 = CVSS("CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R"); + const vector2 = CVSS( + "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R" + ); expect(vector2.isValid).toBe(true); - const vector3 = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L/E:U/RL:T/RC:R"); + const vector3 = CVSS( + "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L/E:U/RL:T/RC:R" + ); expect(vector3.isValid).toBe(true); }); }); @@ -330,58 +344,58 @@ describe("Detailed Vector Object Tests", () => { abbr: "AV", fullName: "Attack Vector (AV)", value: "Network", - valueAbbr: "N" + valueAbbr: "N", }, AC: { name: "Attack Complexity", abbr: "AC", fullName: "Attack Complexity (AC)", value: "Low", - valueAbbr: "L" + valueAbbr: "L", }, PR: { name: "Privileges Required", abbr: "PR", fullName: "Privileges Required (PR)", value: "None", - valueAbbr: "N" + valueAbbr: "N", }, UI: { name: "User Interaction", abbr: "UI", fullName: "User Interaction (UI)", value: "None", - valueAbbr: "N" + valueAbbr: "N", }, S: { name: "Scope", abbr: "S", fullName: "Scope (S)", value: "Unchanged", - valueAbbr: "U" + valueAbbr: "U", }, C: { name: "Confidentiality", abbr: "C", fullName: "Confidentiality (C)", value: "High", - valueAbbr: "H" + valueAbbr: "H", }, I: { name: "Integrity", abbr: "I", fullName: "Integrity (I)", value: "High", - valueAbbr: "H" + valueAbbr: "H", }, A: { name: "Availability", abbr: "A", fullName: "Availability (A)", value: "High", - valueAbbr: "H" - } - } + valueAbbr: "H", + }, + }, }); }); @@ -396,58 +410,58 @@ describe("Detailed Vector Object Tests", () => { abbr: "AV", fullName: "Attack Vector (AV)", value: "Network", - valueAbbr: "N" + valueAbbr: "N", }, AC: { name: "Attack Complexity", abbr: "AC", fullName: "Attack Complexity (AC)", value: "High", - valueAbbr: "H" + valueAbbr: "H", }, PR: { name: "Privileges Required", abbr: "PR", fullName: "Privileges Required (PR)", value: "High", - valueAbbr: "H" + valueAbbr: "H", }, UI: { name: "User Interaction", abbr: "UI", fullName: "User Interaction (UI)", value: "Required", - valueAbbr: "R" + valueAbbr: "R", }, S: { name: "Scope", abbr: "S", fullName: "Scope (S)", value: "Unchanged", - valueAbbr: "U" + valueAbbr: "U", }, C: { name: "Confidentiality", abbr: "C", fullName: "Confidentiality (C)", value: "High", - valueAbbr: "H" + valueAbbr: "H", }, I: { name: "Integrity", abbr: "I", fullName: "Integrity (I)", value: "None", - valueAbbr: "N" + valueAbbr: "N", }, A: { name: "Availability", abbr: "A", fullName: "Availability (A)", value: "None", - valueAbbr: "N" - } - } + valueAbbr: "N", + }, + }, }); }); }); @@ -463,10 +477,12 @@ describe("Create vector from object", () => { S: "U", C: "H", I: "N", - A: "N" + A: "N", }; - expect(CVSS(vectorObject).vector).toBe("CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N"); + expect(CVSS(vectorObject).vector).toBe( + "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N" + ); const vectorObject1 = { A: "N", @@ -480,7 +496,7 @@ describe("Create vector from object", () => { RC: "X", RL: "X", S: "U", - UI: "N" + UI: "N", }; expect(CVSS(vectorObject1).vector).toBe( @@ -510,7 +526,7 @@ describe("Create vector from object", () => { MS: "C", MC: "H", MI: "H", - MA: "H" + MA: "H", }; expect(CVSS(vectorObject).getScore()).toBe(7.1); @@ -525,10 +541,14 @@ describe("Clean Vector String Test", () => { CVSS( "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:W/RC:X/CR:X/IR:X/AR:M/MAV:A/MAC:X/MPR:X/MUI:N/MS:X/MC:X/MI:X/MA:X" ).getCleanVectorString() - ).toBe("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:W/AR:M/MAV:A/MUI:N"); + ).toBe( + "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:P/RL:W/AR:M/MAV:A/MUI:N" + ); expect( - CVSS("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/E:X/RL:X/RC:X").getCleanVectorString() + CVSS( + "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/E:X/RL:X/RC:X" + ).getCleanVectorString() ).toBe("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"); expect( @@ -538,3 +558,13 @@ describe("Clean Vector String Test", () => { ).toBe("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"); }); }); + +describe("Update Vector Value Test", () => { + it("Should return the updated vector as string", () => { + expect( + CVSS( + "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/RL:X/RC:X" + ).updateVectorValue("AV", "L") + ).toBe("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"); + }); +}); From 40e6dd71c05283185170c8fc21b3ead7dd35d042 Mon Sep 17 00:00:00 2001 From: Fabian Kutsche Date: Mon, 29 Aug 2022 09:35:47 +0200 Subject: [PATCH 2/2] add: bump version and update readme --- README.md | 49 +++++++++++++++++++++++++----------------- dist/cvss.d.ts | 1 + dist/production.min.js | 2 +- dist/util.d.ts | 1 + package.json | 2 +- 5 files changed, 33 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index c1bd6af..2576ce2 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@

cvss.js by turingpoint.

- Version + Version License: MIT @@ -20,9 +20,9 @@ yarn add @turingpointde/cvss.js Import the library to use it in your code: ```js -const CVSS = require('@turingpointde/cvss.js'); +const CVSS = require("@turingpointde/cvss.js"); // or -import CVSS from '@turingpointde/cvss.js'; +import CVSS from "@turingpointde/cvss.js"; ``` You can also use the library directly from the **CDN** (instead of yarn or npm): @@ -37,14 +37,14 @@ After importing the library, the CVSS function must first be called with the vec ```js // Vector only with base score -const vector1 = CVSS('CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L'); +const vector1 = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"); // Vector with temporal score const vector2 = CVSS( - 'CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R', + "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R" ); // Vector with environmental score const vector3 = CVSS( - 'CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/CR:M/IR:H/AR:M/MAV:N/MAC:H/MPR:L/MUI:N/MS:C/MC:N/MI:L/MA:L', + "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/CR:M/IR:H/AR:M/MAV:N/MAC:H/MPR:L/MUI:N/MS:C/MC:N/MI:L/MA:L" ); ``` @@ -52,15 +52,15 @@ It is possible to pass in an object as well ```js const vectorObject = { - CVSS: '3.0', - AV: 'N', - AC: 'H', - PR: 'H', - UI: 'R', - S: 'U', - C: 'H', - I: 'N', - A: 'N', + CVSS: "3.0", + AV: "N", + AC: "H", + PR: "H", + UI: "R", + S: "U", + C: "H", + I: "N", + A: "N", }; console.log(CVSS(vectorObject).vector); // "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N" @@ -71,7 +71,7 @@ To get the scores, simply call the respective function. ```js // Create a vector const vector = CVSS( - 'CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/CR:M/IR:H/AR:M/MAV:N/MAC:H/MPR:L/MUI:N/MS:C/MC:N/MI:L/MA:L', + "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/CR:M/IR:H/AR:M/MAV:N/MAC:H/MPR:L/MUI:N/MS:C/MC:N/MI:L/MA:L" ); console.log(vector.getScore()); // 3.6 @@ -82,7 +82,7 @@ console.log(vector.getEnvironmentalScore()); // 5.1 Sometimes it is useful to get a qualitative rating of a score ```js -const vector = CVSS('CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L'); +const vector = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"); console.log(vector.getRating()); // Medium console.log(vector.getTemporalRating()); // Medium @@ -92,7 +92,7 @@ console.log(vector.getEnvironmentalRating()); // Low A few useful variables/functions to work with the vectors: ```js -const vector = CVSS('CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L'); +const vector = CVSS("CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"); console.log(vector.isValid); // true console.log(vector.vector); // CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L @@ -103,7 +103,7 @@ The following functions are suitable for displaying the vector in a human-readab ```js const vector = CVSS( - 'CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R/MAC:X/MUI:X/MA:X/MI:X', + "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:U/RL:T/RC:R/MAC:X/MUI:X/MA:X/MI:X" ); console.log(vector.getVectorObject()); // { CVSS: "3.0", AV: "N", AC: "H", PR: "L", UI: "R", S: "C", C: "L", I: "L", A: "L", E: "U", RL: "T", RC: "R", CR: "X", IR: "X", AR: "X", MAV: "X", MAC: "X", MPR: "X", MUI: "X", MS: "X" , MC: "X", MI: "X", MA: "X" } @@ -229,6 +229,15 @@ console.log(vector.getDetailedVectorObject()); // see spoiler below +To update a vector's metric: + +```js +const vector = CVSS( + "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N/RL:X/RC:X" +).updateVectorValue("AV", "L"); +console.log(vector); // "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" +``` + ## Contributing Contributions, issues and feature requests are welcome. @@ -236,5 +245,5 @@ Feel free to check out the [issues page](https://github.com/turingpointde/cvss.j ## License -Copyright © 2021 [turingpoint GmbH](https://turingpoint.eu). +Copyright © 2022 [turingpoint GmbH](https://turingpoint.eu). This project is [MIT](LICENSE) licensed. diff --git a/dist/cvss.d.ts b/dist/cvss.d.ts index 5c310e1..2d91700 100644 --- a/dist/cvss.d.ts +++ b/dist/cvss.d.ts @@ -16,5 +16,6 @@ declare function CVSS(vector: string): { getDetailedVectorObject: () => any; getVersion: () => string; getCleanVectorString: () => string; + updateVectorValue: (metric: string, value: string) => string; isValid: true; }; diff --git a/dist/production.min.js b/dist/production.min.js index 04b31e6..19ce3b5 100644 --- a/dist/production.min.js +++ b/dist/production.min.js @@ -1 +1 @@ -var CVSS;(()=>{var e={10:(e,n,r)=>{const a=r(803);e.exports=a},803:(e,n,r)=>{const a=r(502),i=r(14);e.exports=function(e){function n(){return a.getVersion(e)}function r(){return i.getScore(e)}function t(){return i.getTemporalScore(e)}function c(){return i.getEnvironmentalScore(e)}var b;if(b=e,e=a.parseVectorObjectToString(b),"Error"===n())throw new Error("The vector version is not valid");const m=a.isVectorValid(e);if(!m)throw new Error("The vector format is not valid!");return{vector:e,getScore:r,getTemporalScore:t,getEnvironmentalScore:c,getRating:function(){return a.getRating(r())},getTemporalRating:function(){return a.getRating(t())},getEnvironmentalRating:function(){return a.getRating(c())},getVectorObject:function(){return a.getVectorObject(e)},getDetailedVectorObject:function(){return a.getDetailedVectorObject(e)},getVersion:n,getCleanVectorString:function(){return a.getCleanVectorString(e)},isValid:m}}},868:e=>{"use strict";e.exports=JSON.parse('{"version":"3.0","definitions":[{"name":"Attack Vector","abbr":"AV","metrics":[{"name":"Network","abbr":"N","numerical":0.85},{"name":"Adjacent","abbr":"A","numerical":0.62},{"name":"Local","abbr":"L","numerical":0.55},{"name":"Physical","abbr":"P","numerical":0.2}]},{"name":"Attack Complexity","abbr":"AC","metrics":[{"name":"Low","abbr":"L","numerical":0.77},{"name":"High","abbr":"H","numerical":0.44}]},{"name":"Privileges Required","abbr":"PR","metrics":[{"name":"None","abbr":"N","numerical":{"changed":0.85,"unchanged":0.85}},{"name":"Low","abbr":"L","numerical":{"changed":0.68,"unchanged":0.62}},{"name":"High","abbr":"H","numerical":{"changed":0.5,"unchanged":0.27}}]},{"name":"User Interaction","abbr":"UI","metrics":[{"name":"None","abbr":"N","numerical":0.85},{"name":"Required","abbr":"R","numerical":0.62}]},{"name":"Scope","abbr":"S","metrics":[{"name":"Unchanged","abbr":"U"},{"name":"Changed","abbr":"C"}]},{"name":"Confidentiality","abbr":"C","metrics":[{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Integrity","abbr":"I","metrics":[{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Availability","abbr":"A","metrics":[{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Exploit Code Maturity","abbr":"E","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1},{"name":"Functional","abbr":"F","numerical":0.97},{"name":"Proof of Concept","abbr":"P","numerical":0.94},{"name":"Unproven","abbr":"U","numerical":0.91}]},{"name":"Remediation Level","abbr":"RL","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Unavailable","abbr":"U","numerical":1},{"name":"Workaround","abbr":"W","numerical":0.97},{"name":"Temporary Fix","abbr":"T","numerical":0.96},{"name":"Official Fix","abbr":"O","numerical":0.95}]},{"name":"Report Confidence","abbr":"RC","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Confirmed","abbr":"C","numerical":1},{"name":"Reasonable","abbr":"R","numerical":0.96},{"name":"Unknown","abbr":"U","numerical":0.92}]},{"name":"Confidentiality Req.","abbr":"CR","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1.5},{"name":"Medium","abbr":"M","numerical":1},{"name":"Low","abbr":"L","numerical":0.5}]},{"name":"Integrity Req.","abbr":"IR","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1.5},{"name":"Medium","abbr":"M","numerical":1},{"name":"Low","abbr":"L","numerical":0.5}]},{"name":"Availability Req.","abbr":"AR","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1.5},{"name":"Medium","abbr":"M","numerical":1},{"name":"Low","abbr":"L","numerical":0.5}]},{"name":"Modified Attack Vector","abbr":"MAV","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Network","abbr":"N","numerical":0.85},{"name":"Adjacent","abbr":"A","numerical":0.62},{"name":"Local","abbr":"L","numerical":0.55},{"name":"Physical","abbr":"P","numerical":0.2}]},{"name":"Modified Attack Complexity","abbr":"MAC","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Low","abbr":"L","numerical":0.77},{"name":"High","abbr":"H","numerical":0.44}]},{"name":"Modified Privileges Required","abbr":"MPR","metrics":[{"name":"Not Defined","abbr":"X","numerical":{"changed":1,"unchanged":1}},{"name":"None","abbr":"N","numerical":{"changed":0.85,"unchanged":0.85}},{"name":"Low","abbr":"L","numerical":{"changed":0.68,"unchanged":0.62}},{"name":"High","abbr":"H","numerical":{"changed":0.5,"unchanged":0.27}}]},{"name":"Modified User Interaction","abbr":"MUI","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0.85},{"name":"Required","abbr":"R","numerical":0.62}]},{"name":"Modified Scope","abbr":"MS","metrics":[{"name":"Not Defined","abbr":"X"},{"name":"Unchanged","abbr":"U"},{"name":"Changed","abbr":"C"}]},{"name":"Modified Confidentiality","abbr":"MC","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Modified Integrity","abbr":"MI","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Modified Availability","abbr":"MA","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]}]}')},14:(e,n,r)=>{const a=r(502);function i(e){const n=a.getVectorObject(e),r="C"===n.S,i=t(n),o=c(i,r,e);if(o<=0)return 0;const u=b(n,r);return m(r?Math.min(1.08*(o+u),10):Math.min(o+u,10),1,e)}const t=function(e){return 1-(1-a.findMetricValue("C",e).numerical)*(1-a.findMetricValue("I",e).numerical)*(1-a.findMetricValue("A",e).numerical)},c=function(e,n,r){return n?"3.0"===a.getVersion(r)||"3.1"===a.getVersion(r)?7.52*(e-.029)-3.25*Math.pow(e-.02,15):void 0:6.42*e},b=function(e,n){const r=a.findMetricValue("AV",e).numerical,i=a.findMetricValue("AC",e).numerical,t=a.findMetricValue("PR",e).numerical,c=a.findMetricValue("UI",e).numerical;return 8.22*r*i*(n?t.changed:t.unchanged)*c};function m(e,n,r){return"3.0"===a.getVersion(r)?a.roundUpApprox(e,n):"3.1"===a.getVersion(r)?a.roundUpExact(e):void 0}e.exports={getScore:i,getTemporalScore:function(e){const n=a.getVectorObject(e),r=i(e),t=a.findMetricValue("E",n),c=t?t.numerical:1,b=a.findMetricValue("RL",n),o=b?b.numerical:1,u=a.findMetricValue("RC",n);return m(r*c*o*(u?u.numerical:1),1,e)},getEnvironmentalScore:function(e){const n=a.getVectorObject(e),r="X"===n.MS?"C"===n.S:"C"===n.MS,i=function(e){let n=a.findMetricValue("MC",e),r=a.findMetricValue("MI",e),i=a.findMetricValue("MA",e);const t=a.findMetricValue("CR",e).numerical,c=a.findMetricValue("IR",e).numerical,b=a.findMetricValue("AR",e).numerical;return n&&"X"!==n.abbr||(n=a.findMetricValue("C",e)),r&&"X"!==r.abbr||(r=a.findMetricValue("I",e)),i&&"X"!==i.abbr||(i=a.findMetricValue("A",e)),Math.min(1-(1-n.numerical*t)*(1-r.numerical*c)*(1-i.numerical*b),.915)}(n),t=function(e,n){let r=a.findMetricValue("MAV",e),i=a.findMetricValue("MAC",e),t=a.findMetricValue("MPR",e),c=a.findMetricValue("MUI",e);r&&"X"!==r.abbr||(r=a.findMetricValue("AV",e)),i&&"X"!==i.abbr||(i=a.findMetricValue("AC",e)),t&&"X"!==t.abbr||(t=a.findMetricValue("PR",e)),c&&"X"!==c.abbr||(c=a.findMetricValue("UI",e));const b=n?t.numerical.changed:t.numerical.unchanged;return 8.22*r.numerical*i.numerical*b*c.numerical}(n,r),c=function(e,n,r){return n?"3.0"===a.getVersion(r)?7.52*(e-.029)-3.25*Math.pow(e-.02,15):"3.1"===a.getVersion(r)?7.52*(e-.029)-3.25*Math.pow(.9731*e-.02,13):void 0:6.42*e}(i,r,e);if(c<=0)return 0;const b=a.findMetricValue("E",n),o=a.findMetricValue("RL",n),u=a.findMetricValue("RC",n),l=b?b.numerical:1,d=o?o.numerical:1,f=u?u.numerical:1;return m(r?m(Math.min(1.08*(c+t),10),1,e)*l*d*f:m(Math.min(c+t,10),1,e)*l*d*f,1,e)}}},502:(e,n,r)=>{const a=r(868),i=function(e){return a.definitions.find((n=>n.abbr===e))};e.exports={roundUpExact:function(e){const n=Math.round(1e5*e);return n%1e4==0?n/1e5:(Math.floor(n/1e4)+1)/10},roundUpApprox:function(e,n){return n=Math.pow(10,n),Math.ceil(e*n)/n},getVectorObject:function(e){const n=e.split("/"),r={};a.definitions.forEach((e=>r[e.abbr]="X"));for(const e of n){const n=e.split(":");r[n[0]]=n[1]}return r},getDetailedVectorObject:function(e){return e.split("/").reduce(((e,n,r)=>{const a=n.split(":"),t={...e.metrics};if(r){const n=i(a[0]),r={name:n.name,abbr:n.abbr,fullName:`${n.name} (${n.abbr})`,value:n.metrics.find((e=>e.abbr===a[1])).name,valueAbbr:a[1]};return Object.assign(e,{metrics:Object.assign(t,{[a[0].trim()]:r})})}return Object.assign(e,{[a[0].trim()]:a[1]})}),{metrics:{}})},findMetric:i,findMetricValue:function(e,n){const r=i(e);return r.metrics.find((e=>e.abbr===n[r.abbr]))},getRating:function(e){let n="None";return n=0===e?"None":e<=3.9?"Low":e<=6.9?"Medium":e<=8.9?"High":"Critical",n},isVectorValid:function(e){const n=a.definitions.reduce(((e,n,r)=>{const a=`${n.abbr}:[${n.metrics.reduce(((e,n)=>e+n.abbr),"")}]`;return 0!==r?`(${e}|${a})`:a}),"");if(!new RegExp("^CVSS:3.(0|1)(/"+n+")+$").test(e))return!1;const r=a.definitions.map((e=>new RegExp(`/${e.abbr}:[${e.metrics.reduce(((e,n)=>e+n.abbr),"")}]`,"g")));for(const n of r)if((e.match(n)||[]).length>1)return!1;const i=[/\/AV:[NALP]/g,/\/AC:[LH]/g,/\/PR:[NLH]/g,/\/UI:[NR]/g,/\/S:[UC]/g,/\/C:[NLH]/g,/\/I:[NLH]/g,/\/A:[NLH]/g];for(const n of i)if((e.match(n)||[]).length<1)return!1;return!0},parseVectorObjectToString:function(e){if("string"==typeof e)return e;let n=`CVSS:${e.CVSS}/`;for(const r of a.definitions){const a=r.abbr;Object.prototype.hasOwnProperty.call(e,a)&&(n+=`${a}:${e[a]}/`)}return n=n.slice(0,-1),n},getVersion:function(e){const n=e.split("/");return"CVSS:3.0"===n[0]?"3.0":"CVSS:3.1"===n[0]?"3.1":"Error"},getCleanVectorString:function(e){const n=e.split("/"),r=[];for(const e of n)"X"!==e.split(":")[1]&&r.push(e);return r.join("/")}}}},n={},r=function r(a){var i=n[a];if(void 0!==i)return i.exports;var t=n[a]={exports:{}};return e[a](t,t.exports,r),t.exports}(10);CVSS=r})(); \ No newline at end of file +var CVSS;(()=>{var e={10:(e,n,r)=>{const a=r(803);e.exports=a},803:(e,n,r)=>{const a=r(502),i=r(14);e.exports=function(e){function n(){return a.getVersion(e)}function r(){return i.getScore(e)}function t(){return i.getTemporalScore(e)}function c(){return i.getEnvironmentalScore(e)}var b;if(b=e,e=a.parseVectorObjectToString(b),"Error"===n())throw new Error("The vector version is not valid");const m=a.isVectorValid(e);if(!m)throw new Error("The vector format is not valid!");return{vector:e,getScore:r,getTemporalScore:t,getEnvironmentalScore:c,getRating:function(){return a.getRating(r())},getTemporalRating:function(){return a.getRating(t())},getEnvironmentalRating:function(){return a.getRating(c())},getVectorObject:function(){return a.getVectorObject(e)},getDetailedVectorObject:function(){return a.getDetailedVectorObject(e)},getVersion:n,getCleanVectorString:function(){return a.getCleanVectorString(e)},updateVectorValue:function(n,r){return a.updateVectorValue(e,n,r)},isValid:m}}},868:e=>{"use strict";e.exports=JSON.parse('{"version":"3.0","definitions":[{"name":"Attack Vector","abbr":"AV","metrics":[{"name":"Network","abbr":"N","numerical":0.85},{"name":"Adjacent","abbr":"A","numerical":0.62},{"name":"Local","abbr":"L","numerical":0.55},{"name":"Physical","abbr":"P","numerical":0.2}]},{"name":"Attack Complexity","abbr":"AC","metrics":[{"name":"Low","abbr":"L","numerical":0.77},{"name":"High","abbr":"H","numerical":0.44}]},{"name":"Privileges Required","abbr":"PR","metrics":[{"name":"None","abbr":"N","numerical":{"changed":0.85,"unchanged":0.85}},{"name":"Low","abbr":"L","numerical":{"changed":0.68,"unchanged":0.62}},{"name":"High","abbr":"H","numerical":{"changed":0.5,"unchanged":0.27}}]},{"name":"User Interaction","abbr":"UI","metrics":[{"name":"None","abbr":"N","numerical":0.85},{"name":"Required","abbr":"R","numerical":0.62}]},{"name":"Scope","abbr":"S","metrics":[{"name":"Unchanged","abbr":"U"},{"name":"Changed","abbr":"C"}]},{"name":"Confidentiality","abbr":"C","metrics":[{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Integrity","abbr":"I","metrics":[{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Availability","abbr":"A","metrics":[{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Exploit Code Maturity","abbr":"E","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1},{"name":"Functional","abbr":"F","numerical":0.97},{"name":"Proof of Concept","abbr":"P","numerical":0.94},{"name":"Unproven","abbr":"U","numerical":0.91}]},{"name":"Remediation Level","abbr":"RL","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Unavailable","abbr":"U","numerical":1},{"name":"Workaround","abbr":"W","numerical":0.97},{"name":"Temporary Fix","abbr":"T","numerical":0.96},{"name":"Official Fix","abbr":"O","numerical":0.95}]},{"name":"Report Confidence","abbr":"RC","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Confirmed","abbr":"C","numerical":1},{"name":"Reasonable","abbr":"R","numerical":0.96},{"name":"Unknown","abbr":"U","numerical":0.92}]},{"name":"Confidentiality Req.","abbr":"CR","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1.5},{"name":"Medium","abbr":"M","numerical":1},{"name":"Low","abbr":"L","numerical":0.5}]},{"name":"Integrity Req.","abbr":"IR","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1.5},{"name":"Medium","abbr":"M","numerical":1},{"name":"Low","abbr":"L","numerical":0.5}]},{"name":"Availability Req.","abbr":"AR","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"High","abbr":"H","numerical":1.5},{"name":"Medium","abbr":"M","numerical":1},{"name":"Low","abbr":"L","numerical":0.5}]},{"name":"Modified Attack Vector","abbr":"MAV","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Network","abbr":"N","numerical":0.85},{"name":"Adjacent","abbr":"A","numerical":0.62},{"name":"Local","abbr":"L","numerical":0.55},{"name":"Physical","abbr":"P","numerical":0.2}]},{"name":"Modified Attack Complexity","abbr":"MAC","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"Low","abbr":"L","numerical":0.77},{"name":"High","abbr":"H","numerical":0.44}]},{"name":"Modified Privileges Required","abbr":"MPR","metrics":[{"name":"Not Defined","abbr":"X","numerical":{"changed":1,"unchanged":1}},{"name":"None","abbr":"N","numerical":{"changed":0.85,"unchanged":0.85}},{"name":"Low","abbr":"L","numerical":{"changed":0.68,"unchanged":0.62}},{"name":"High","abbr":"H","numerical":{"changed":0.5,"unchanged":0.27}}]},{"name":"Modified User Interaction","abbr":"MUI","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0.85},{"name":"Required","abbr":"R","numerical":0.62}]},{"name":"Modified Scope","abbr":"MS","metrics":[{"name":"Not Defined","abbr":"X"},{"name":"Unchanged","abbr":"U"},{"name":"Changed","abbr":"C"}]},{"name":"Modified Confidentiality","abbr":"MC","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Modified Integrity","abbr":"MI","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]},{"name":"Modified Availability","abbr":"MA","metrics":[{"name":"Not Defined","abbr":"X","numerical":1},{"name":"None","abbr":"N","numerical":0},{"name":"Low","abbr":"L","numerical":0.22},{"name":"High","abbr":"H","numerical":0.56}]}]}')},14:(e,n,r)=>{const a=r(502);function i(e){const n=a.getVectorObject(e),r="C"===n.S,i=t(n),o=c(i,r,e);if(o<=0)return 0;const u=b(n,r);return m(r?Math.min(1.08*(o+u),10):Math.min(o+u,10),1,e)}const t=function(e){return 1-(1-a.findMetricValue("C",e).numerical)*(1-a.findMetricValue("I",e).numerical)*(1-a.findMetricValue("A",e).numerical)},c=function(e,n,r){return n?"3.0"===a.getVersion(r)||"3.1"===a.getVersion(r)?7.52*(e-.029)-3.25*Math.pow(e-.02,15):void 0:6.42*e},b=function(e,n){const r=a.findMetricValue("AV",e).numerical,i=a.findMetricValue("AC",e).numerical,t=a.findMetricValue("PR",e).numerical,c=a.findMetricValue("UI",e).numerical;return 8.22*r*i*(n?t.changed:t.unchanged)*c};function m(e,n,r){return"3.0"===a.getVersion(r)?a.roundUpApprox(e,n):"3.1"===a.getVersion(r)?a.roundUpExact(e):void 0}e.exports={getScore:i,getTemporalScore:function(e){const n=a.getVectorObject(e),r=i(e),t=a.findMetricValue("E",n),c=t?t.numerical:1,b=a.findMetricValue("RL",n),o=b?b.numerical:1,u=a.findMetricValue("RC",n);return m(r*c*o*(u?u.numerical:1),1,e)},getEnvironmentalScore:function(e){const n=a.getVectorObject(e),r="X"===n.MS?"C"===n.S:"C"===n.MS,i=function(e){let n=a.findMetricValue("MC",e),r=a.findMetricValue("MI",e),i=a.findMetricValue("MA",e);const t=a.findMetricValue("CR",e).numerical,c=a.findMetricValue("IR",e).numerical,b=a.findMetricValue("AR",e).numerical;return n&&"X"!==n.abbr||(n=a.findMetricValue("C",e)),r&&"X"!==r.abbr||(r=a.findMetricValue("I",e)),i&&"X"!==i.abbr||(i=a.findMetricValue("A",e)),Math.min(1-(1-n.numerical*t)*(1-r.numerical*c)*(1-i.numerical*b),.915)}(n),t=function(e,n){let r=a.findMetricValue("MAV",e),i=a.findMetricValue("MAC",e),t=a.findMetricValue("MPR",e),c=a.findMetricValue("MUI",e);r&&"X"!==r.abbr||(r=a.findMetricValue("AV",e)),i&&"X"!==i.abbr||(i=a.findMetricValue("AC",e)),t&&"X"!==t.abbr||(t=a.findMetricValue("PR",e)),c&&"X"!==c.abbr||(c=a.findMetricValue("UI",e));const b=n?t.numerical.changed:t.numerical.unchanged;return 8.22*r.numerical*i.numerical*b*c.numerical}(n,r),c=function(e,n,r){return n?"3.0"===a.getVersion(r)?7.52*(e-.029)-3.25*Math.pow(e-.02,15):"3.1"===a.getVersion(r)?7.52*(e-.029)-3.25*Math.pow(.9731*e-.02,13):void 0:6.42*e}(i,r,e);if(c<=0)return 0;const b=a.findMetricValue("E",n),o=a.findMetricValue("RL",n),u=a.findMetricValue("RC",n),l=b?b.numerical:1,d=o?o.numerical:1,f=u?u.numerical:1;return m(r?m(Math.min(1.08*(c+t),10),1,e)*l*d*f:m(Math.min(c+t,10),1,e)*l*d*f,1,e)}}},502:(e,n,r)=>{const a=r(868),i=function(e){return a.definitions.find((n=>n.abbr===e))};function t(e){const n=e.split("/"),r={};a.definitions.forEach((e=>r[e.abbr]="X"));for(const e of n){const n=e.split(":");r[n[0]]=n[1]}return r}function c(e){const n=e.split("/"),r=[];for(const e of n)"X"!==e.split(":")[1]&&r.push(e);return r.join("/")}function b(e){if("string"==typeof e)return e;let n=`CVSS:${e.CVSS}/`;for(const r of a.definitions){const a=r.abbr;Object.prototype.hasOwnProperty.call(e,a)&&(n+=`${a}:${e[a]}/`)}return n=n.slice(0,-1),n}e.exports={roundUpExact:function(e){const n=Math.round(1e5*e);return n%1e4==0?n/1e5:(Math.floor(n/1e4)+1)/10},roundUpApprox:function(e,n){return n=Math.pow(10,n),Math.ceil(e*n)/n},getVectorObject:t,getDetailedVectorObject:function(e){return e.split("/").reduce(((e,n,r)=>{const a=n.split(":"),t={...e.metrics};if(r){const n=i(a[0]),r={name:n.name,abbr:n.abbr,fullName:`${n.name} (${n.abbr})`,value:n.metrics.find((e=>e.abbr===a[1])).name,valueAbbr:a[1]};return Object.assign(e,{metrics:Object.assign(t,{[a[0].trim()]:r})})}return Object.assign(e,{[a[0].trim()]:a[1]})}),{metrics:{}})},findMetric:i,findMetricValue:function(e,n){const r=i(e);return r.metrics.find((e=>e.abbr===n[r.abbr]))},getRating:function(e){let n="None";return n=0===e?"None":e<=3.9?"Low":e<=6.9?"Medium":e<=8.9?"High":"Critical",n},updateVectorValue:function(e,n,r){const a=t(e);return a[n]=r,c(b(a))},isVectorValid:function(e){const n=a.definitions.reduce(((e,n,r)=>{const a=`${n.abbr}:[${n.metrics.reduce(((e,n)=>e+n.abbr),"")}]`;return 0!==r?`(${e}|${a})`:a}),"");if(!new RegExp("^CVSS:3.(0|1)(/"+n+")+$").test(e))return!1;const r=a.definitions.map((e=>new RegExp(`/${e.abbr}:[${e.metrics.reduce(((e,n)=>e+n.abbr),"")}]`,"g")));for(const n of r)if((e.match(n)||[]).length>1)return!1;const i=[/\/AV:[NALP]/g,/\/AC:[LH]/g,/\/PR:[NLH]/g,/\/UI:[NR]/g,/\/S:[UC]/g,/\/C:[NLH]/g,/\/I:[NLH]/g,/\/A:[NLH]/g];for(const n of i)if((e.match(n)||[]).length<1)return!1;return!0},parseVectorObjectToString:b,getVersion:function(e){const n=e.split("/");return"CVSS:3.0"===n[0]?"3.0":"CVSS:3.1"===n[0]?"3.1":"Error"},getCleanVectorString:c}}},n={},r=function r(a){var i=n[a];if(void 0!==i)return i.exports;var t=n[a]={exports:{}};return e[a](t,t.exports,r),t.exports}(10);CVSS=r})(); \ No newline at end of file diff --git a/dist/util.d.ts b/dist/util.d.ts index b1d3607..d2172d9 100644 --- a/dist/util.d.ts +++ b/dist/util.d.ts @@ -45,6 +45,7 @@ export function findMetricValue(abbr: string, vectorObject: any): any; * @returns {String} returns one of the five possible ratings */ export function getRating(score: any): string; +export function updateVectorValue(vector: any, metric: any, value: any): string; /** * Checks whether the vector passed is valid * diff --git a/package.json b/package.json index ed90299..0f6edaf 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@turingpointde/cvss.js", - "version": "1.4.6", + "version": "1.4.7", "description": "A tiny library to work with cvss vectors", "scripts": { "build": "webpack && tsc",