ctxis / cvsslib Goto Github PK
View Code? Open in Web Editor NEWA library implementing CVSS v2 and v3 scores
License: GNU Lesser General Public License v3.0
A library implementing CVSS v2 and v3 scores
License: GNU Lesser General Public License v3.0
Hi:
I was wondering if you would consider another license such as the LGPL so that this library can be used in other non-GPL tools such as https://github.com/nexB/scancode-toolkit/ ?
Thanks!
When saving a cvss2 object from the django admin interface, an AttributeError is received. This error appears to be because the value (0.35, etc) is being saved as a string instead of a number. If I attempt to save the object via the command line with numeric values, it succeeds. When i attempt to save a value as a string, I receive the same attribute error as I receive via the GUI.
Relevant code:
CVSS2Base = django_mixin(cvss2, attr_name="CVSS2Base")
class CVSS2(models.Model, metaclass=CVSS2Base):
pass
x = CVSS2()
x.exploitability=0.85
x.save() #works
x.exploitability='0.85'
x.save() #AttributeError, same as django-admin
Traceback below:
Environment:
Request Method: POST
Request URL: http://___.com/vm/admin/vm/cvss2/1/change/
Django Version: 1.11.5
Python Version: 3.6.2
Installed Applications:
['django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'vm.apps.VMConfig']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware']
Traceback:
File "/usr/lib64/python3.6/enum.py" in __getattr__
322. return cls._member_map_[name]
During handling of the above exception ('0.35'), another exception occurred:
File "/usr/lib64/python3.6/site-packages/django/core/handlers/exception.py" in inner
41. response = get_response(request)
File "/usr/lib64/python3.6/site-packages/django/core/handlers/base.py" in _get_response
187. response = self.process_exception_by_middleware(e, request)
File "/usr/lib64/python3.6/site-packages/django/core/handlers/base.py" in _get_response
185. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in wrapper
551. return self.admin_site.admin_view(view)(*args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in _wrapped_view
149. response = view_func(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
57. response = view_func(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/sites.py" in inner
224. return view(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in change_view
1511. return self.changeform_view(request, object_id, form_url, extra_context)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in _wrapper
67. return bound_func(*args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in _wrapped_view
149. response = view_func(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in bound_func
63. return func.__get__(self, type(self))(*args2, **kwargs2)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in changeform_view
1408. return self._changeform_view(request, object_id, form_url, extra_context)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in _changeform_view
1440. if form.is_valid():
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in is_valid
183. return self.is_bound and not self.errors
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in errors
175. self.full_clean()
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in full_clean
384. self._clean_fields()
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in _clean_fields
402. value = field.clean(value)
File "/usr/lib64/python3.6/site-packages/django/forms/fields.py" in clean
864. return self._coerce(value)
File "/usr/lib64/python3.6/site-packages/django/forms/fields.py" in _coerce
853. value = self.coerce(value)
File "/usr/lib/python3.6/site-packages/cvsslib/contrib/django_model.py" in to_python
23. return getattr(self.enum, value)
File "/usr/lib64/python3.6/enum.py" in __getattr__
324. raise AttributeError(name) from None
Exception Type: AttributeError at /vm/admin/vm/cvss2/1/change/
Exception Value: 0.35
When IR:H is included in the CVSS3 vector, an exception is thrown. This does not occur for IR:L, IR:M, or IR:X
from cvsslib import cvss2, cvss3, calculate_vector
v = 'CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/IR:L'
calculate_vector(v,cvss3)
(7.5, 7.5, 7.2)
v = 'CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/IR:M'
calculate_vector(v,cvss3)
(7.5, 7.5, 7.5)
v = 'CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/IR:H'
calculate_vector(v,cvss3)
Traceback (most recent call last):
File "", line 1, in
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/vector.py", line 62, in calculate_vector
return run_calc(module.calculate, getter=_getter)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/utils.py", line 91, in run_calc
result = function(*call_args, **kwargs)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/cvss3/calculations.py", line 145, in calculate
environment_score = run_calculation(calculate_environmental_score, override=override)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/utils.py", line 91, in run_calc
result = function(*call_args, **kwargs)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/cvss3/calculations.py", line 105, in calculate_environmental_score
modified_impact_sub_score = run_calculation(calculate_modified_impact_sub_score)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/utils.py", line 91, in run_calc
result = function(*call_args, **kwargs)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/cvss3/calculations.py", line 62, in calculate_modified_impact_sub_score
return IMPACT_UNCHANGED_COEFFECIENT * modified
TypeError: unsupported operand type(s) for *: 'decimal.Decimal' and 'float'
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.