File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 3333
3434from vulnerabilities import severity_systems
3535from vulnerabilities .oval_parser import OvalParser
36+ from vulnerabilities .severity_systems import CVSSV3
37+ from vulnerabilities .severity_systems import CVSSV4
38+ from vulnerabilities .severity_systems import CVSSV31
3639from vulnerabilities .severity_systems import SCORING_SYSTEMS
3740from vulnerabilities .severity_systems import ScoringSystem
3841from vulnerabilities .utils import classproperty
@@ -67,6 +70,19 @@ def __post_init__(self):
6770 if not isinstance (self .value , str ):
6871 self .value = str (self .value )
6972
73+ if self .scoring_elements and self .system in (CVSSV3 , CVSSV31 , CVSSV4 ):
74+ vector_value = self .value
75+ try :
76+ vector_value = float (vector_value )
77+ except (TypeError , ValueError ):
78+ vector_value = None
79+
80+ cvss_score = self .system .compute (self .scoring_elements )
81+ if vector_value and float (cvss_score ) != vector_value :
82+ raise ValueError (
83+ f"CVSS vector and base score do not match: { self .scoring_elements } != { self .value } "
84+ )
85+
7086 def to_dict (self ):
7187 data = {
7288 "system" : self .system .identifier ,
Original file line number Diff line number Diff line change @@ -113,8 +113,9 @@ def to_advisories(data):
113113 severities = []
114114 if "support/security/CVE" in link and vector_link_tag :
115115 parsed_link = urlparse .urlparse (vector_link_tag ["href" ])
116- cvss3_vector = urlparse .parse_qs (parsed_link .query )[ "vector" ]
116+ cvss3_vector = urlparse .parse_qs (parsed_link .query ). get ( "vector" , [ "" ])[ 0 ]
117117 cvss3_base_score = vector_link_tag .text
118+ cvss3_vector = "CVSS:3.0/" + cvss3_vector .removeprefix ("CVSS:3.0/" )
118119 severity = VulnerabilitySeverity (
119120 system = severity_systems .CVSSV3 ,
120121 value = cvss3_base_score ,
You can’t perform that action at this time.
0 commit comments