@pandatix/js-cvss
TypeScript icon, indicating that this package has built-in type declarations

0.4.4 • Public • Published

JS-CVSS

NPM
License CI CodeQL
OpenSSF Scoreboard

js-cvss is another Common Vulnerability Scoring System (CVSS) implementation, in TypeScript.

Note

Specified by first.org, the CVSS provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity.

It currently supports :

Warning

It won't support CVSS v1.0, as despite it was a good CVSS start, it can't get vectorized, abbreviations and enumerations are not strongly specified, so the cohesion and interoperability can't be satisfied.

How to use

From your project, you can add @pandatix/js-cvss to your NPM dependencies using the following.

npm install '@pandatix/js-cvss' -D

Then, from your code, import what you need (let's say `CVSS40``) and go on !

import { CVSS40 } from '@pandatix/js-cvss';

...

let vec = CVSS40('CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L');
console.log(vec.Score());

Dependents (0)

Package Sidebar

Install

npm i @pandatix/js-cvss

Weekly Downloads

596

Version

0.4.4

License

MIT

Unpacked Size

163 kB

Total Files

36

Last publish

Collaborators

  • pandatix