Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(tui): show CVSS severity on TUI for Ubuntu (#638)

Browse Source 
* fix(tui): show CVSS severity on TUI for Ubuntu

* refactoring
This commit is contained in:
Kota Kanbe
2018-05-02 17:07:20 +09:00
committed by GitHub
parent d5d88d8cf0
commit 241c943424
4 changed files with 34 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
models/vulninfos.go
View File

@@ -233,7 +233,7 @@ func (v VulnInfo) Cvss2Scores() (values []CveContentCvss) {
for _, adv := range v.DistroAdvisories {
if adv.Severity != "" {
values = append(values, CveContentCvss{
Type: "Vendor",
Type: "Advisory",
Value: Cvss{
Type: CVSS2,
Score: severityToV2ScoreRoughly(adv.Severity),
@@ -245,6 +245,28 @@ func (v VulnInfo) Cvss2Scores() (values []CveContentCvss) {
}
}
// An OVAL entry in Ubuntu and Debian has only severity (CVSS score isn't included).
// Show severity and dummy score calculated roghly.
order = append(order, AllCveContetTypes.Except(order...)...)
for _, ctype := range order {
if cont, found := v.CveContents[ctype]; found &&
cont.Cvss2Score == 0 &&
cont.Cvss3Score == 0 &&
cont.Severity != "" {
values = append(values, CveContentCvss{
Type: cont.Type,
Value: Cvss{
Type: CVSS2,
Score: severityToV2ScoreRoughly(cont.Severity),
CalculatedBySeverity: true,
Vector: "-",
Severity: strings.ToUpper(cont.Severity),
},
})
}
}
return
}