NAME
CVSS::Base - Base class for CVSS
DESCRIPTION
These are base class for CVSS::v2, CVSS::v3 and CVSS::v4 classes.
METHODS
- $cvss->version
-
Return the CVSS version.
- $cvss->vector_string
-
Return the CVSS vector string.
- $cvss->metrics
-
Return the HASH of CVSS metrics.
- $cvss->scores
-
Return the HASH of calculated score (base, impact, temporal).
$scores = $cvss->scores; say Dumper($scores); # { "base" => "7.4", # "exploitability" => "1.6", # "impact" => "5.9" } - $cvss->base_score
-
Return the base score (0 - 10).
- $cvss->base_severity
-
Return the base severity (LOW, MEDIUM, HIGH or CRITICAL).
- $cvss->calculate_score
-
Performs the calculation of the score in accordance with the CVSS specification.
- score_to_severity ( $score )
-
Convert the score in severity
METRICS
- $cvss->M ( $metric )
-
Return the metric value (short)
say $cvss->M('AV'); # A - $cvss->metric ( $metric )
-
Return the metric value (long)
say $cvss->metric('AV'); # ADJACENT_NETWORK - $cvss->metric_group_is_set ( $group )
DATA REPRESENTATIONS
- $cvss->to_vector_string
-
Convert the CVSS object in vector string
say $cvss->to_vector_string; # CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H # or say $cvss; # CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H - $cvss->to_xml
-
Convert the CVSS object in XML in according of CVSS XML Schema Definition.
https://nvd.nist.gov/schema/cvss-v2_0.2.xsd - XSD for CVSS v2.0
https://www.first.org/cvss/cvss-v3.0.xsd - XSD for CVSS v3.0
https://www.first.org/cvss/cvss-v3.1.xsd - XSD for CVSS v3.1
https://www.first.org/cvss/cvss-v4.0.xsd - XSD for CVSS v4.0
say $cvss->to_xml; # <?xml version="1.0" encoding="UTF-8"?> # <cvssv3.1 xmlns="https://www.first.org/cvss/cvss-v3.1.xsd" # xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" # xsi:schemaLocation="https://www.first.org/cvss/cvss-v3.1.xsd https://www.first.org/cvss/cvss-v3.1.xsd" # > # # <base_metrics> # <attack-vector>ADJACENT_NETWORK</attack-vector> # <attack-complexity>LOW</attack-complexity> # <privileges-required>LOW</privileges-required> # <user-interaction>REQUIRED</user-interaction> # <scope>UNCHANGED</scope> # <confidentiality-impact>HIGH</confidentiality-impact> # <integrity-impact>HIGH</integrity-impact> # <availability-impact>HIGH</availability-impact> # <base-score>7.4</base-score> # <base-severity>HIGH</base-severity> # </base_metrics> # # </cvssv3.1> - $cvss->TO_JSON
-
Helper method for JSON modules (JSON, JSON::PP, JSON::XS, Mojo::JSON, etc).
Convert the CVSS object in JSON format in according of CVSS JSON Schema.
https://www.first.org/cvss/cvss-v2.0.json - JSON Schema for CVSS v2.0.
https://www.first.org/cvss/cvss-v3.0.json - JSON Schema for CVSS v3.0.
https://www.first.org/cvss/cvss-v3.1.json - JSON Schema for CVSS v3.1.
https://www.first.org/cvss/cvss-v4.0.json - JSON Schema for CVSS v4.0.
use Mojo::JSON qw(encode_json); say encode_json($cvss); # { # "attackComplexity" : "LOW", # "attackVector" : "ADJACENT_NETWORK", # "availabilityImpact" : "HIGH", # "baseScore" : 7.4, # "baseSeverity" : "HIGH", # "confidentialityImpact" : "HIGH", # "integrityImpact" : "HIGH", # "privilegesRequired" : "LOW", # "scope" : "UNCHANGED", # "userInteraction" : "REQUIRED", # "vectorString" : "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", # "version" : "3.1" # }
SEE ALSO
SUPPORT
Bugs / Feature Requests
Please report any bugs or feature requests through the issue tracker at https://github.com/giterlizzi/perl-CVSS/issues. You will be notified automatically of any progress on your issue.
Source Code
This is open source software. The code repository is available for public review and contribution under the terms of the license.
https://github.com/giterlizzi/perl-CVSS
git clone https://github.com/giterlizzi/perl-CVSS.gitAUTHOR
Giuseppe Di Terlizzi <gdt@cpan.org>
LICENSE AND COPYRIGHT
This software is copyright (c) 2023-2024 by Giuseppe Di Terlizzi.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.