Comments (5)
Hey Christopher, what about https://github.com/pandatix/js-cvss aka NPM @pandatix/js-cvss
?
Chandan used it for Vulnogram upcoming release and was very happy about it :)
I think a better solution would be to refactor the calculator to split up the core value (CVSS V4 functionalities) from the GUI.
from cvss-v4-calculator.
Hey Lucas, thanks for the quick response! We are currently looking into this repository for our calculator page and were already aware of the hard work you did for https://github.com/pandatix/js-cvss. Our preference is to avoid using two sets of "truth". As you seem to understand, the way things are currently written aren't friendly for alternative use cases of the CVSS v4 functionalities.
Re:
I think a better solution would be to refactor the calculator to split up the core value (CVSS V4 functionalities) from the GUI.
No disagreement here 😄
from cvss-v4-calculator.
If someone would try to integrate js-cvss into this project or make a different attempt to decouple math from GUI so it still runs without build steps, then I would be happy to look at it.
from cvss-v4-calculator.
Also in for this. I'm not using vue (nor do I want to) and I need to implement v4 into a Rails app. The previous v3.0 and v3.1 were a lot more developer-friendly. I'll take a look at js-cvss but it'd be nice to run the official script.
from cvss-v4-calculator.
@MattBudz You could use https://github.com/RedHatProductSecurity/cvss as a base. It is written in Python and has a lot of tests for v4.0 generated using the Javascript implementation.
from cvss-v4-calculator.
Related Issues (20)
- Show macro vector in a more transparent way
- Specific Vector Crashes Calculator HOT 1
- New base scores with "MaxBase" considerations.
- Provider Urgency (U): White → Clear
- Bug/compliance: metrics could be defined more than once
- Bug/compliance: metrics with invalid value gives NaN score
- Question: How do CVSS v4.0 Nomenclatures map to CVSS 3.x score types? HOT 12
- Macrovector=1 does not always mean "Medium" HOT 3
- CVSS vector should be generated in Base/Threat/Environmental/Supplemental order HOT 3
- Bug/compliance: (Non-)mandatory metrics behavior is not implemented
- Incorrect metric order HOT 4
- Invalid vector validation
- Potential Incorrect Rounding For Final Score HOT 7
- Cannot run the code locally. HOT 4
- Discrepancy on score with certain vectors when compared to FIRST calculator HOT 9
- API endpoint HOT 3
- Unknown variable eq3 / eq6
- CVSS v4.0 should show only one score and call sections "metrics"
- EQ3 needs to be changed to [0-2]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cvss-v4-calculator.