ctxis / cvsslib Goto Github PK
View Code? Open in Web Editor NEWA library implementing CVSS v2 and v3 scores
License: GNU Lesser General Public License v3.0
cvsslib's Issues
Error calculating CVSS3 when Integrity Requirement is set to High
When IR:H is included in the CVSS3 vector, an exception is thrown. This does not occur for IR:L, IR:M, or IR:X
from cvsslib import cvss2, cvss3, calculate_vector
v = 'CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/IR:L'
calculate_vector(v,cvss3)
(7.5, 7.5, 7.2)
v = 'CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/IR:M'
calculate_vector(v,cvss3)
(7.5, 7.5, 7.5)
v = 'CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/IR:H'
calculate_vector(v,cvss3)
Traceback (most recent call last):
File "", line 1, in
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/vector.py", line 62, in calculate_vector
return run_calc(module.calculate, getter=_getter)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/utils.py", line 91, in run_calc
result = function(*call_args, **kwargs)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/cvss3/calculations.py", line 145, in calculate
environment_score = run_calculation(calculate_environmental_score, override=override)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/utils.py", line 91, in run_calc
result = function(*call_args, **kwargs)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/cvss3/calculations.py", line 105, in calculate_environmental_score
modified_impact_sub_score = run_calculation(calculate_modified_impact_sub_score)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/utils.py", line 91, in run_calc
result = function(*call_args, **kwargs)
File "/home/st07572/dev/vmenv/lib/python3.6/site-packages/cvsslib/cvss3/calculations.py", line 62, in calculate_modified_impact_sub_score
return IMPACT_UNCHANGED_COEFFECIENT * modified
TypeError: unsupported operand type(s) for *: 'decimal.Decimal' and 'float'
Unable to save object via django-admin
When saving a cvss2 object from the django admin interface, an AttributeError is received. This error appears to be because the value (0.35, etc) is being saved as a string instead of a number. If I attempt to save the object via the command line with numeric values, it succeeds. When i attempt to save a value as a string, I receive the same attribute error as I receive via the GUI.
Relevant code:
CVSS2Base = django_mixin(cvss2, attr_name="CVSS2Base")
class CVSS2(models.Model, metaclass=CVSS2Base):
pass
x = CVSS2()
x.exploitability=0.85
x.save() #works
x.exploitability='0.85'
x.save() #AttributeError, same as django-admin
Traceback below:
Environment:
Request Method: POST
Request URL: http://___.com/vm/admin/vm/cvss2/1/change/
Django Version: 1.11.5
Python Version: 3.6.2
Installed Applications:
['django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'vm.apps.VMConfig']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware']
Traceback:
File "/usr/lib64/python3.6/enum.py" in __getattr__
322. return cls._member_map_[name]
During handling of the above exception ('0.35'), another exception occurred:
File "/usr/lib64/python3.6/site-packages/django/core/handlers/exception.py" in inner
41. response = get_response(request)
File "/usr/lib64/python3.6/site-packages/django/core/handlers/base.py" in _get_response
187. response = self.process_exception_by_middleware(e, request)
File "/usr/lib64/python3.6/site-packages/django/core/handlers/base.py" in _get_response
185. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in wrapper
551. return self.admin_site.admin_view(view)(*args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in _wrapped_view
149. response = view_func(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
57. response = view_func(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/sites.py" in inner
224. return view(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in change_view
1511. return self.changeform_view(request, object_id, form_url, extra_context)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in _wrapper
67. return bound_func(*args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in _wrapped_view
149. response = view_func(request, *args, **kwargs)
File "/usr/lib64/python3.6/site-packages/django/utils/decorators.py" in bound_func
63. return func.__get__(self, type(self))(*args2, **kwargs2)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in changeform_view
1408. return self._changeform_view(request, object_id, form_url, extra_context)
File "/usr/lib64/python3.6/site-packages/django/contrib/admin/options.py" in _changeform_view
1440. if form.is_valid():
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in is_valid
183. return self.is_bound and not self.errors
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in errors
175. self.full_clean()
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in full_clean
384. self._clean_fields()
File "/usr/lib64/python3.6/site-packages/django/forms/forms.py" in _clean_fields
402. value = field.clean(value)
File "/usr/lib64/python3.6/site-packages/django/forms/fields.py" in clean
864. return self._coerce(value)
File "/usr/lib64/python3.6/site-packages/django/forms/fields.py" in _coerce
853. value = self.coerce(value)
File "/usr/lib/python3.6/site-packages/cvsslib/contrib/django_model.py" in to_python
23. return getattr(self.enum, value)
File "/usr/lib64/python3.6/enum.py" in __getattr__
324. raise AttributeError(name) from None
Exception Type: AttributeError at /vm/admin/vm/cvss2/1/change/
Exception Value: 0.35
add cvss 3.1 support
License?
Hi:
I was wondering if you would consider another license such as the LGPL so that this library can be used in other non-GPL tools such as https://github.com/nexB/scancode-toolkit/ ?
Thanks!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.