Calculate CVSS score from CVSS vector

nexB / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

https://public.vulnerablecode.io

Apache License 2.0

505 stars 186 forks source link

Calculate CVSS score from CVSS vector #713

Open Hritik14 opened 2 years ago

Hritik14 commented 2 years ago

We should have a way to calculate CVSS score from the given CVSS vector in our ScoringSystem. The calculated score should also be saved in the database. For now we can have the CVSS base scores.

See: https://www.first.org/cvss/calculator/3.0

(via: https://github.com/nexB/vulnerablecode/wiki/WeeklyMeetings#meeting-on-tuesday-2022-04-26-at-1000-utc)

DennisClark commented 1 year ago

this post from NIST might be interesting to those following this issue: https://csrc.nist.gov/publications/detail/nistir/8409/final