CSAF
2 results

 view release on metacpan or  search on metacpan

lib/CSAF/Util/CVSS.pm  view on Meta::CPAN 

    MI  => {X => 'NOT_DEFINED', N => 'NONE',      L => 'LOW', H => 'HIGH'},
    MPR => {X => 'NOT_DEFINED', N => 'NONE',      L => 'LOW', H => 'HIGH'},
    MS  => {X => 'NOT_DEFINED', U => 'UNCHANGED', C => 'CHANGED'},
    MUI => {X => 'NOT_DEFINED', N => 'NONE',      R => 'REQUIRED'},
};


sub decode_cvss_vector_string {

    my $vector_string = shift;
    my $decoded       = {};

    if ($vector_string =~ /^CVSS:3[.][0-1]\/(.*)/) {

        my %cvss = split /[:\/]/, $1;

        foreach my $metric (keys %cvss) {

            if (defined $CVSS3_METRIC_LABEL->{$metric}) {

                my $value = $cvss{$metric};
                my $label = $CVSS3_METRIC_LABEL->{$metric};

                $decoded->{$label} = $CVSS3_METRIC_VALUES->{$metric}->{$value} || $value;

            }
        }

    }
    else {

        my %cvss = split /[:\/]/, $vector_string;

        foreach my $metric (keys %cvss) {

            if (defined $CVSS2_METRIC_LABEL->{$metric}) {

                my $value = $cvss{$metric};
                my $label = $CVSS2_METRIC_LABEL->{$metric};

                $decoded->{$label} = $CVSS2_METRIC_VALUES->{$metric}->{$value} || $value;

            }
        }

    }

    return $decoded;

}

1;

__END__

=encoding utf-8

=head1 NAME

lib/CSAF/Util/CVSS.pm  view on Meta::CPAN 

CVSS utility for L<CSAF>.

=head2 FUNCTIONS

=over

=item decode_cvss_vector_string

Decode the provided CVSS (v2.0 or v3.x) vector string.

    my $decoded = decode_cvss_vector_string('CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L/E:F/RL:O/RC:C');

    say $decoded->{attackVector}; # LOCAL

=back

=head1 SUPPORT

=head2 Bugs / Feature Requests

Please report any bugs or feature requests through the issue tracker
at L<https://github.com/giterlizzi/perl-CSAF/issues>.
You will be notified automatically of any progress on your issue.

lib/CSAF/Validator/OptionalTests.pm  view on Meta::CPAN 

            return if (!$fixed_products);

            if (my $cvss = $score->cvss_v2) {

                my $is_invalid = 0;

                if (!$cvss->targetDistribution) {

                    $is_invalid = 1;

                    my $decoded = decode_cvss_vector_string($score->cvss_v2->vectorString);

                    if (!defined($decoded->{targetDistribution})) {
                        $is_invalid = 1;
                    }
                    else {
                        $is_invalid = 0;
                    }

                }

                if ($is_invalid) {
                    $self->add_message(

lib/CSAF/Validator/OptionalTests.pm  view on Meta::CPAN 


                my $is_invalid = 0;

                if (   !$cvss->modifiedIntegrityImpact
                    || !$cvss->modifiedAvailabilityImpact
                    || !$cvss->modifiedConfidentialityImpact)
                {

                    $is_invalid = 1;

                    my $decoded = decode_cvss_vector_string($score->cvss_v3->vectorString);

                    if (   !defined($decoded->{modifiedIntegrityImpact})
                        || !defined($decoded->{modifiedAvailabilityImpact})
                        || !defined($decoded->{modifiedConfidentialityImpact}))
                    {
                        $is_invalid = 1;
                    }
                    else {
                        $is_invalid = 0;
                    }

                }

                if ($is_invalid) {



( run in 0.551 second using v1.01-cache-2.11-cpan-26ccb49234f )