From fe2cbef80f06121b3f7fc65b43f4a0c530cd8188 Mon Sep 17 00:00:00 2001 From: Spiegel Date: Tue, 31 Jan 2023 19:52:48 +0900 Subject: [PATCH 1/2] Fixed *.Decode method when not enough metrics (issue ##26) --- cvsserr/errors.go | 42 +-- cvsserr/errors_test.go | 46 --- v2/metric/base.go | 9 +- v2/metric/environmental.go | 17 +- v2/metric/metric_test.go | 563 +++++++++----------------------- v2/metric/temporal.go | 13 +- v3/metric/base.go | 7 +- v3/metric/base_test.go | 2 +- v3/metric/environmental.go | 5 +- v3/metric/environmental_test.go | 2 +- v3/metric/temporal.go | 5 +- v3/metric/temporal_test.go | 2 +- 12 files changed, 181 insertions(+), 532 deletions(-) delete mode 100644 cvsserr/errors_test.go diff --git a/cvsserr/errors.go b/cvsserr/errors.go index f8feb31..ea975f0 100644 --- a/cvsserr/errors.go +++ b/cvsserr/errors.go @@ -1,39 +1,19 @@ package cvsserr -import "fmt" +import "errors" -// Num is error number for CVSS -type Num int - -const ( - ErrNullPointer Num = iota + 1 - ErrUndefinedMetric - ErrInvalidVector - ErrNotSupportVer - ErrNotSupportMetric - ErrInvalidTemplate - ErrSameMetric - ErrInvalidValue +var ( + ErrNullPointer = errors.New("Null reference instance") + ErrUndefinedMetric = errors.New("undefined metric") + ErrInvalidVector = errors.New("invalid vector") + ErrNotSupportVer = errors.New("not support version") + ErrNotSupportMetric = errors.New("not support metric") + ErrInvalidTemplate = errors.New("invalid templete string") + ErrSameMetric = errors.New("exist same metric") + ErrInvalidValue = errors.New("invalid value of metric") + ErrNoMetrics = errors.New("no metrics") ) -var errMessage = map[Num]string{ - ErrNullPointer: "Null reference instance", - ErrUndefinedMetric: "undefined metric", - ErrInvalidVector: "invalid vector", - ErrNotSupportVer: "not support version", - ErrNotSupportMetric: "not support metric", - ErrInvalidTemplate: "invalid templete string", - ErrSameMetric: "exist same metric", - ErrInvalidValue: "invalid value of metric", -} - -func (n Num) Error() string { - if s, ok := errMessage[n]; ok { - return s - } - return fmt.Sprintf("unknown error (%d)", int(n)) -} - /* Copyright 2018-2023 Spiegel * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/cvsserr/errors_test.go b/cvsserr/errors_test.go deleted file mode 100644 index 1b8edce..0000000 --- a/cvsserr/errors_test.go +++ /dev/null @@ -1,46 +0,0 @@ -package cvsserr - -import ( - "fmt" - "testing" -) - -func TestNumError(t *testing.T) { - testCases := []struct { - err error - str string - }{ - {err: ErrNullPointer, str: "Null reference instance"}, - {err: ErrUndefinedMetric, str: "undefined metric"}, - {err: ErrInvalidVector, str: "invalid vector"}, - {err: ErrNotSupportVer, str: "not support version"}, - {err: ErrNotSupportMetric, str: "not support metric"}, - {err: ErrInvalidTemplate, str: "invalid templete string"}, - {err: ErrSameMetric, str: "exist same metric"}, - {err: ErrInvalidValue, str: "invalid value of metric"}, - {err: Num(9), str: "unknown error (9)"}, - } - - for _, tc := range testCases { - errStr := tc.err.Error() - if errStr != tc.str { - t.Errorf("\"%v\" != \"%v\"", errStr, tc.str) - } - fmt.Printf("Info(TestNumError): %+v\n", tc.err) - } -} - -/* Copyright 2019-2023 Spiegel - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ diff --git a/v2/metric/base.go b/v2/metric/base.go index 35608e7..c945c04 100644 --- a/v2/metric/base.go +++ b/v2/metric/base.go @@ -48,9 +48,6 @@ func (m *Base) Decode(vector string) (*Base, error) { m = NewBase() } values := strings.Split(vector, "/") - if len(values) < 6 { // Temporal and Environmental metrics are optional - return nil, errs.Wrap(cvsserr.ErrInvalidVector, errs.WithContext("vector", vector)) - } // parse metrics var lastErr error for _, value := range values { @@ -117,11 +114,11 @@ func (m *Base) decodeOne(str string) error { // GetError returns error instance if unknown metric func (m *Base) GetError() error { if m == nil { - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) } switch true { case !m.AV.IsUnknown(), !m.AC.IsUnknown(), !m.Au.IsUnknown(), !m.C.IsUnknown(), !m.I.IsUnknown(), !m.A.IsUnknown(): - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) default: return nil } @@ -174,7 +171,7 @@ func (m *Base) Severity() Severity { return severity(m.Score()) } -/* Copyright 2018-2023 Spiegel +/* Copyright 2023 Spiegel * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/v2/metric/environmental.go b/v2/metric/environmental.go index 2607b68..97a7594 100644 --- a/v2/metric/environmental.go +++ b/v2/metric/environmental.go @@ -32,11 +32,11 @@ type Environmental struct { func NewEnvironmental() *Environmental { return &Environmental{ Temporal: NewTemporal(), - CDP: CollateralDamagePotentialNotDefined, - TD: TargetDistributionNotDefined, - CR: ConfidentialityRequirementNotDefined, - IR: IntegrityRequirementNotDefined, - AR: AvailabilityRequirementNotDefined, + CDP: CollateralDamagePotentialInvalid, + TD: TargetDistributionInvalid, + CR: ConfidentialityRequirementInvalid, + IR: IntegrityRequirementInvalid, + AR: AvailabilityRequirementInvalid, names: map[string]bool{}, } } @@ -47,9 +47,6 @@ func (m *Environmental) Decode(vector string) (*Environmental, error) { m = NewEnvironmental() } values := strings.Split(vector, "/") - if len(values) < 6 { // Temporal and Environmental metrics are optional - return nil, errs.Wrap(cvsserr.ErrInvalidVector, errs.WithContext("vector", vector)) - } // parse metrics var lastErr error for _, value := range values { @@ -118,14 +115,14 @@ func (m *Environmental) decodeOne(str string) error { // GetError returns error instance if undefined metric func (m *Environmental) GetError() error { if m == nil { - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) } if err := m.Temporal.GetError(); err != nil { return errs.Wrap(err) } switch true { case !m.CDP.IsValid(), !m.TD.IsValid(), !m.CR.IsValid(), !m.IR.IsValid(), !m.AR.IsValid(): - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) default: return nil } diff --git a/v2/metric/metric_test.go b/v2/metric/metric_test.go index 0a516d6..93f49f1 100644 --- a/v2/metric/metric_test.go +++ b/v2/metric/metric_test.go @@ -7,23 +7,63 @@ import ( "github.com/goark/go-cvss/cvsserr" ) -func TestValidation(t *testing.T) { +func TestValidationBase(t *testing.T) { + testCases := []struct { + vec string + err error + }{ + {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:", err: cvsserr.ErrInvalidVector}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N/:", err: cvsserr.ErrInvalidVector}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N/X:X", err: cvsserr.ErrNotSupportMetric}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N", err: cvsserr.ErrNoMetrics}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:0", err: cvsserr.ErrInvalidValue}, + {vec: "AV:N/AC:H/Au:M/C:C/I:0/A:C", err: cvsserr.ErrInvalidValue}, + {vec: "AV:N/AC:H/Au:M/C:0/I:N/A:C", err: cvsserr.ErrInvalidValue}, + {vec: "AV:N/AC:H/Au:0/C:C/I:N/A:C", err: cvsserr.ErrInvalidValue}, + {vec: "AV:N/AC:0/Au:M/C:C/I:N/A:C", err: cvsserr.ErrInvalidValue}, + {vec: "AV:0/AC:H/Au:M/C:C/I:N/A:C", err: cvsserr.ErrInvalidValue}, + {vec: "AV:N/AC:L/Au:N/C:N/I:N/A:C", err: nil}, + } + + for _, tc := range testCases { + _, err := NewBase().Decode(tc.vec) + if !errors.Is(err, tc.err) { + t.Errorf("Decode(%s) = \"%+v\", want \"%v\".", tc.vec, err, tc.err) + } + } +} + +func TestValidationTemporal(t *testing.T) { testCases := []struct { vec string err error }{ {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:", err: cvsserr.ErrInvalidVector}, {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/:", err: cvsserr.ErrInvalidVector}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/:X", err: cvsserr.ErrInvalidVector}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND", err: cvsserr.ErrNoMetrics}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/X:X", err: cvsserr.ErrNotSupportMetric}, {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:0", err: cvsserr.ErrInvalidValue}, {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:0/RC:ND", err: cvsserr.ErrInvalidValue}, {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:0/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:0/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:0/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:0/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:0/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:0/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:0/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, + {vec: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:ND/RC:ND", err: nil}, + } + + for _, tc := range testCases { + _, err := NewTemporal().Decode(tc.vec) + if !errors.Is(err, tc.err) { + t.Errorf("Decode(%s) = \"%+v\", want \"%v\".", tc.vec, err, tc.err) + } + } +} + +func TestValidationEnvironmental(t *testing.T) { + testCases := []struct { + vec string + err error + }{ + {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/AR:", err: cvsserr.ErrInvalidVector}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/:", err: cvsserr.ErrInvalidVector}, + {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/X:X", err: cvsserr.ErrNotSupportMetric}, {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/AR:0", err: cvsserr.ErrInvalidValue}, {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:0/AR:H", err: cvsserr.ErrInvalidValue}, {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:0/IR:M/AR:H", err: cvsserr.ErrInvalidValue}, @@ -31,8 +71,9 @@ func TestValidation(t *testing.T) { {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:0/TD:H/CR:M/IR:M/AR:H", err: cvsserr.ErrInvalidValue}, {vec: "av:n/ac:l/au:n/c:n/i:n/a:c/e:u/rl:nd/rc:nd/cdp:h/td:h/cr:m/ir:m/ar:h", err: cvsserr.ErrNotSupportMetric}, {vec: "AV:N/AC:L/AU:N/C:N/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/AR:H", err: cvsserr.ErrNotSupportMetric}, - {vec: "AV:N/AC:L/Au:N/C:N/I:N/A:C", err: nil}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: nil}, + {vec: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M", err: cvsserr.ErrNoMetrics}, + {vec: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:ND/CDP:H/TD:H/CR:M/IR:M/AR:H", err: cvsserr.ErrNoMetrics}, + {vec: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/AR:H", err: nil}, } for _, tc := range testCases { @@ -43,7 +84,7 @@ func TestValidation(t *testing.T) { } } -func TestScore(t *testing.T) { +func TestBaseScore(t *testing.T) { tests := []struct { name string vector string @@ -64,11 +105,11 @@ func TestScore(t *testing.T) { vector: "AV:L/AC:H/Au:N/C:C/I:C/A:C", want: 6.2, }, - { - name: "test", - vector: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", - want: 6.2, - }, + // { + // name: "test", + // vector: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", + // want: 6.2, + // }, { name: "test2", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C", @@ -77,20 +118,63 @@ func TestScore(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - m, err := NewEnvironmental().Decode(tt.vector) - + m, err := NewBase().Decode(tt.vector) if err != nil { t.Error(err) + } else { + if got := m.Score(); got != tt.want { + t.Errorf("Metrics.Score() = %v, want %v", got, tt.want) + } } + }) + } +} + +func TestBaseTemporalScore(t *testing.T) { + tests := []struct { + name string + vector string + base float64 + temp float64 + }{ + { + name: "CVE-2002-0392", + vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C", + base: 7.8, + temp: 6.4, + }, + { + name: "CVE-2003-0818", + vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C", + base: 10.0, + temp: 8.3, + }, + { + name: "CVE-2003-0062", + vector: "AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C", + base: 6.2, + temp: 4.9, + }, + } - if got := m.Base.Score(); got != tt.want { - t.Errorf("Metrics.Score() = %v, want %v", got, tt.want) + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + m, err := NewTemporal().Decode(tt.vector) + if err != nil { + t.Error(err) + } else { + if got := m.Base.Score(); got != tt.base { + t.Errorf("Metrics.Base.Score() = %v, want %v", got, tt.base) + } + if got := m.Score(); got != tt.temp { + t.Errorf("Metrics.Score() = %v, want %v", got, tt.temp) + } } }) } } -func TestEnvScore(t *testing.T) { +func TestEnvEnvironmentalScore(t *testing.T) { tests := []struct { name string vector string @@ -141,420 +225,57 @@ func TestEnvScore(t *testing.T) { } } -func TestDecode(t *testing.T) { +func TestEncodeBase(t *testing.T) { tests := []struct { name string vector string + outp string }{ - - {name: "CVE-2019-18322", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0145", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7842", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-6821", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2020-11898", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7779", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18283", vector: "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, - - {name: "CVE-2019-6812", vector: "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-6988", vector: "AV:A/AC:L/Au:N/C:N/I:P/A:P"}, - {name: "CVE-2019-12264", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2018-7762", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-11466", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-12741", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2020-10040", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-4703", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-11780", vector: "AV:N/AC:L/Au:N/C:C/I:N/A:N"}, - - {name: "CVE-2019-18335", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-11451", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0781", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - {name: "CVE-2018-7064", vector: "AV:A/AC:M/Au:S/C:P/I:P/A:P"}, - - {name: "CVE-2018-11452", vector: "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-6990", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-0169", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-0280", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-7502", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-0224", vector: "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, - - {name: "CVE-2019-6807", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, - {name: "CVE-2018-14795", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-10939", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2018-18065", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-16556", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0147", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2016-0868", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-11457", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-7851", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-13946", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - {name: "CVE-2014-3888", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - {name: "CVE-2015-6488", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0754", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2011-4861", vector: "AV:A/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-0175", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18331", vector: "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-8461", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-0158", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0275", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2019-10953", vector: "AV:A/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-0167", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7244", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12263", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2019-10920", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-6017", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2015-6492", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, - - {name: "CVE-2019-18330", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2012-1815", vector: "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-10931", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2017-14462", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2011-3389", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2018-7758", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, - - {name: "CVE-2019-18323", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-10044", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2019-13940", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-2680", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2019-6816", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:C"}, - - {name: "CVE-2018-7852", vector: "AV:N/AC:H/Au:N/C:N/I:P/A:P/E:U/RL:OF/RC:C"}, - - {name: "CVE-2018-0473", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, - {name: "CVE-2019-6572", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2012-6437", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2018-7759", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-6852", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2015-5698", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2250", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-0472", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2019-13103", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-0279", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0143", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-16196", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12260", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2012-6440", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7856", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2018-7809", vector: "AV:A/AC:L/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2019-13942", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2019-18217", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, - {name: "CVE-2013-2761", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, - - {name: "CVE-2019-6813", vector: "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0300", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0176", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0146", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-7845", vector: "AV:N/AC:M/Au:N/C:C/I:N/A:N"}, - - {name: "CVE-2020-11897", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-18314", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2019-6574", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2012-1816", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2019-18284", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-5390", vector: "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2013-0169", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18336", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2017-0273", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C"}, - - {name: "CVE-2019-18302", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12256", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2016-7113", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0301", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-9159", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0274", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7242", vector: "AV:L/AC:H/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-5176", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-13816", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-4690", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2016-5645", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2017-14470", vector: "AV:N/AC:H/Au:N/C:P/I:P/A:C"}, - {name: "CVE-2013-4651", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-7848", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-11460", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-7833", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-19282", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-11914", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0272", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2015-7937", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2017-12089", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6436", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18292", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-6850", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2019-6806", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-13810", vector: "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, - {name: "CVE-2018-19615", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, - {name: "CVE-2017-6030", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-14797", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-13814", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-7575", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2019-11478", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-0929", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-6980", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2251", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:U/RC:C"}, - - {name: "CVE-2019-19301", vector: "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, - {name: "CVE-2019-6577", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18289", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-16563", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2020-11909", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-6329", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-11911", vector: "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, - - {name: "CVE-2019-18306", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2020-11905", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2019-18298", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2016-7112", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-18297", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-6833", vector: "AV:N/AC:M/Au:S/C:N/I:N/A:P"}, - - {name: "CVE-2019-6851", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-13926", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2017-14464", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2249", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-7843", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2015-1049", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2016-2200", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - {name: "CVE-2014-0782", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - {name: "CVE-2012-1814", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-4833", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2252", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-16740", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-19281", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-7800", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6435", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-18300", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, - {name: "CVE-2017-6026", vector: "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2014-2349", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-15377", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-18304", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-13808", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2019-6568", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2009-3739", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-10919", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-7804", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18311", vector: "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, - {name: "CVE-2016-8561", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-3657", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2020-7525", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6438", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-6848", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-11901", vector: "AV:N/AC:H/Au:N/C:N/I:C/A:N"}, - {name: "CVE-2014-0317", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-8672", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2017-12088", vector: "AV:L/AC:L/Au:N/C:C/I:N/A:C"}, - - {name: "CVE-2019-18334", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-4784", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2018-11458", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-4843", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-11463", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-19616", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2016-8673", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-6868", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0267", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, - {name: "CVE-2012-1818", vector: "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, - {name: "CVE-2018-7781", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-6858", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:C"}, - {name: "CVE-2013-3633", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2020-10042", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0271", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-13809", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6442", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:C"}, - - {name: "CVE-2019-6828", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C"}, - {name: "CVE-2013-0659", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-13925", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:C"}, - {name: "CVE-2014-8479", vector: "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0755", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18303", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-6832", vector: "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-13813", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7083", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2017-14467", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7834", vector: "AV:N/AC:L/Au:N/C:P/I:C/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2015-8214", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-7902", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-18288", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-5391", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-0174", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-4842", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, - {name: "CVE-2018-7245", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-13812", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-10043", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18328", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2012-1817", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-11914", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-6856", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-5074", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18301", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-10592", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2019-18320", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-14793", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-7853", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12261", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-7090", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C"}, - {name: "CVE-2014-0160", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2908", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-5909", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2018-7830", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-0470", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - - {name: "CVE-2019-18290", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C"}, - - {name: "CVE-2017-12093", vector: "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C"}, - - {name: "CVE-2020-10045", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-9312", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2020-5608", vector: "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, - - {name: "CVE-2018-15373", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-16557", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-11913", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7821", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12257", vector: "AV:A/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-14526", vector: "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-7846", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:TF/RC:C"}, - - {name: "CVE-2020-7477", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, - - {name: "CVE-2019-13933", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - - {name: "CVE-2018-4848", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2020-7592", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:C"}, + {name: "CVE-2020-7477", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:P", outp: "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - _, err := NewEnvironmental().Decode(tt.vector) - + m, err := NewBase().Decode(tt.vector) if err != nil { t.Error(err) + } else if m.String() != tt.outp { + t.Errorf("String() = %v, want %v.", m.String(), tt.outp) } }) } } -func TestEncode(t *testing.T) { +func TestTemporalEncode(t *testing.T) { tests := []struct { name string vector string outp string }{ - {name: "CVE-2020-7477", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:P", outp: "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, {name: "CVE-2018-7846-1", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:TF/RC:C", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:TF/RC:C"}, {name: "CVE-2018-7846-2", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:ND", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:ND"}, - {name: "CVE-2018-7846-3", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:ND/RC:ND"}, - {name: "CVE-2018-7846-4", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/RL:TF", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:TF/RC:ND"}, - {name: "CVE-2018-7846-5", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/RC:C", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:C"}, - {name: "Issue #23-1", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M/AR:M"}, - {name: "Issue #23-2", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:ND/TD:ND/CR:M/IR:ND/AR:ND", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:ND/TD:ND/CR:M/IR:ND/AR:ND"}, - {name: "Issue #23-3", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M/AR:ND"}, - {name: "Issue #23-4", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:ND/AR:M"}, - {name: "Issue #23-5", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:ND/IR:M/AR:M"}, - {name: "Issue #23-6", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/CR:M/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:ND/CR:M/IR:M/AR:M"}, - {name: "Issue #23-7", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/TD:H/CR:M/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:ND/TD:H/CR:M/IR:M/AR:M"}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + m, err := NewTemporal().Decode(tt.vector) + if err != nil { + t.Error(err) + } else if m.String() != tt.outp { + t.Errorf("String() = %v, want %v.", m.String(), tt.outp) + } + }) + } +} + +func TestEnvironmentalEncode(t *testing.T) { + tests := []struct { + name string + vector string + outp string + }{ + {name: "Issue #23-1", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/E:POC/RL:TF/RC:C/CDP:N/TD:H/CR:M/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/E:POC/RL:TF/RC:C/CDP:N/TD:H/CR:M/IR:M/AR:M"}, + {name: "Issue #23-2", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/E:POC/RL:TF/RC:C/CDP:ND/TD:ND/CR:M/IR:ND/AR:ND", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/E:POC/RL:TF/RC:C/CDP:ND/TD:ND/CR:M/IR:ND/AR:ND"}, } for _, tt := range tests { @@ -569,5 +290,17 @@ func TestEncode(t *testing.T) { } } -/* Copyright 2022 luxifer */ -/* Contributed by Spiegel, 2023 */ +/* Copyright 2023 Spiegel + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ diff --git a/v2/metric/temporal.go b/v2/metric/temporal.go index 16835f5..976c93b 100644 --- a/v2/metric/temporal.go +++ b/v2/metric/temporal.go @@ -28,9 +28,9 @@ type Temporal struct { func NewTemporal() *Temporal { return &Temporal{ Base: NewBase(), - E: ExploitabilityNotDefined, - RL: RemediationLevelNotDefined, - RC: ReportConfidenceNotDefined, + E: ExploitabilityInvalid, + RL: RemediationLevelInvalid, + RC: ReportConfidenceInvalid, names: map[string]bool{}, } } @@ -41,9 +41,6 @@ func (m *Temporal) Decode(vector string) (*Temporal, error) { m = NewTemporal() } values := strings.Split(vector, "/") - if len(values) < 6 { // Temporal and Environmental metrics are optional - return nil, errs.Wrap(cvsserr.ErrInvalidVector, errs.WithContext("vector", vector)) - } // parse metrics var lastErr error for _, value := range values { @@ -102,14 +99,14 @@ func (m *Temporal) decodeOne(str string) error { // GetError returns error instance if undefined metric func (m *Temporal) GetError() error { if m == nil { - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) } if err := m.Base.GetError(); err != nil { return errs.Wrap(err) } switch true { case !m.E.IsValid(), !m.RL.IsValid(), !m.RC.IsValid(): - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) default: return nil } diff --git a/v3/metric/base.go b/v3/metric/base.go index 9574832..7c5a4d4 100644 --- a/v3/metric/base.go +++ b/v3/metric/base.go @@ -55,9 +55,6 @@ func (bm *Base) Decode(vector string) (*Base, error) { bm = NewBase() } values := strings.Split(vector, "/") - if len(values) < 9 { - return bm, errs.Wrap(cvsserr.ErrInvalidVector, errs.WithContext("vector", vector)) - } //CVSS version ver, err := GetVersion(values[0]) if err != nil { @@ -142,11 +139,11 @@ func (bm *Base) decodeOne(str string) error { // GetError returns error instance if undefined metric func (bm *Base) GetError() error { if bm == nil { - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) } switch true { case bm.Ver == VUnknown, bm.AV.IsUnknown(), bm.AC.IsUnknown(), bm.PR.IsUnknown(), bm.UI.IsUnknown(), bm.S.IsUnknown(), bm.C.IsUnknown(), bm.I.IsUnknown(), bm.A.IsUnknown(): - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) default: return nil } diff --git a/v3/metric/base_test.go b/v3/metric/base_test.go index e965033..90e7bfc 100644 --- a/v3/metric/base_test.go +++ b/v3/metric/base_test.go @@ -18,7 +18,7 @@ func TestDecodeError(t *testing.T) { {vector: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:0/A:H", err: cvsserr.ErrInvalidValue}, {vector: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/A:H", err: cvsserr.ErrSameMetric}, {vector: "CVSS:2.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N", err: cvsserr.ErrNotSupportVer}, - {vector: "CVSS:3.1", err: cvsserr.ErrInvalidVector}, + {vector: "CVSS:3.1", err: cvsserr.ErrNoMetrics}, {vector: "CVSS3.1/AV:X/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N", err: cvsserr.ErrInvalidVector}, {vector: "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A-N", err: cvsserr.ErrInvalidVector}, {vector: "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:", err: cvsserr.ErrInvalidVector}, diff --git a/v3/metric/environmental.go b/v3/metric/environmental.go index 999ff58..502da76 100644 --- a/v3/metric/environmental.go +++ b/v3/metric/environmental.go @@ -64,9 +64,6 @@ func (em *Environmental) Decode(vector string) (*Environmental, error) { em = NewEnvironmental() } values := strings.Split(vector, "/") - if len(values) < 9 { // E, RL, RC metrics are optional. - return em, errs.Wrap(cvsserr.ErrInvalidVector, errs.WithContext("vector", vector)) - } //CVSS version ver, err := GetVersion(values[0]) if err != nil { @@ -173,7 +170,7 @@ func (em *Environmental) decodeOne(str string) error { // GetError returns error instance if undefined metric func (em *Environmental) GetError() error { if em == nil { - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) } if err := em.Temporal.GetError(); err != nil { return errs.Wrap(err) diff --git a/v3/metric/environmental_test.go b/v3/metric/environmental_test.go index 7bfc5c0..77be13b 100644 --- a/v3/metric/environmental_test.go +++ b/v3/metric/environmental_test.go @@ -16,7 +16,7 @@ func TestEnvironmentalScore(t *testing.T) { }{ {vector: "XXXX:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L/E:P/RL:O/RC:U/CR:L/IR:M/AR:L/MAV:P/MAC:L/MPR:L/MUI:R/MS:C/MC:H/MI:H/MA:H", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, {vector: "CVSS:1.0/S:U/AV:N/AC:L/PR:H/UI:N/C:L/I:L/A:N", err: cvsserr.ErrNotSupportVer, score: 0, sav: SeverityNone}, - {vector: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/C:L/I:L/A:N", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, + {vector: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/C:L/I:L/A:N", err: cvsserr.ErrNoMetrics, score: 0, sav: SeverityNone}, {vector: "CVSS:3.0/S:U/AV:N/AC:L/PR:H/UI:N/C:L/I:L/X:N", err: cvsserr.ErrNotSupportMetric, score: 0, sav: SeverityNone}, {vector: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L/RC:", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, {vector: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L/MC:", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, diff --git a/v3/metric/temporal.go b/v3/metric/temporal.go index 4a73ef5..c90093f 100644 --- a/v3/metric/temporal.go +++ b/v3/metric/temporal.go @@ -39,9 +39,6 @@ func (tm *Temporal) Decode(vector string) (*Temporal, error) { tm = NewTemporal() } values := strings.Split(vector, "/") - if len(values) < 9 { // E, RL, RC metrics are optional. - return tm, errs.Wrap(cvsserr.ErrInvalidVector, errs.WithContext("vector", vector)) - } //CVSS version ver, err := GetVersion(values[0]) if err != nil { @@ -108,7 +105,7 @@ func (tm *Temporal) decodeOne(str string) error { // GetError returns error instance if undefined metric func (tm *Temporal) GetError() error { if tm == nil { - return errs.Wrap(cvsserr.ErrUndefinedMetric) + return errs.Wrap(cvsserr.ErrNoMetrics) } if err := tm.Base.GetError(); err != nil { return errs.Wrap(err) diff --git a/v3/metric/temporal_test.go b/v3/metric/temporal_test.go index 546ef0b..edcd9e3 100644 --- a/v3/metric/temporal_test.go +++ b/v3/metric/temporal_test.go @@ -16,7 +16,7 @@ func TestTemporalScore(t *testing.T) { }{ {vector: "XXXX:1.0/S:U/AV:N/AC:L/PR:H/UI:N/C:L/I:L/A:N", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, {vector: "CVSS:1.0/S:U/AV:N/AC:L/PR:H/UI:N/C:L/I:L/A:N", err: cvsserr.ErrNotSupportVer, score: 0, sav: SeverityNone}, - {vector: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/C:L/I:L/A:N", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, + {vector: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/C:L/I:L/A:N", err: cvsserr.ErrNoMetrics, score: 0, sav: SeverityNone}, {vector: "CVSS:3.0/S:U/AV:N/AC:L/PR:H/UI:N/C:L/I:L/X:N", err: cvsserr.ErrNotSupportMetric, score: 0, sav: SeverityNone}, {vector: "CVSS:3.0/S:U/AV:N/AC:L/PR:H/UI:N/C:L/I:L/RC:", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, {vector: "CVSS:3.0/S:U/AV:N/AC:L/PR:H/UI:N/C:L/I:L/:X", err: cvsserr.ErrInvalidVector, score: 0, sav: SeverityNone}, From 4759b6c767abfb2675c8948bcc1a0e287617601c Mon Sep 17 00:00:00 2001 From: Spiegel Date: Tue, 31 Jan 2023 19:57:35 +0900 Subject: [PATCH 2/2] Drop v2/base package for issue #26 --- v2/base/base.go | 57 ----- v2/base/base_test.go | 573 ------------------------------------------- v2/base/severity.go | 8 - v2/cvss.go | 28 --- 4 files changed, 666 deletions(-) delete mode 100644 v2/base/base.go delete mode 100644 v2/base/base_test.go delete mode 100644 v2/base/severity.go delete mode 100644 v2/cvss.go diff --git a/v2/base/base.go b/v2/base/base.go deleted file mode 100644 index b01b66a..0000000 --- a/v2/base/base.go +++ /dev/null @@ -1,57 +0,0 @@ -package base - -import "github.com/goark/go-cvss/v2/metric" - -// Metrics is Base Metrics for CVSSv2 -// -// Deprecated: migrated github.com/goark/go-cvss/v2/metric package -type Metrics struct { - *metric.Environmental -} - -// NewMetrics returns Metrics instance -// -// Deprecated: migrated github.com/goark/go-cvss/v2/metric package -func NewMetrics() *Metrics { - return &Metrics{metric.NewEnvironmental()} -} - -// Decode returns Metrics instance by CVSSv2 vector -// -// Deprecated: migrated github.com/goark/go-cvss/v2/metric package -func Decode(vector string) (*Metrics, error) { - m := NewMetrics() - _, err := m.Decode(vector) - return m, err -} - -// Score returns score of Base metrics -// -// Deprecated: migrated github.com/goark/go-cvss/v2/metric package -func (m *Metrics) Score() float64 { - return m.Base.Score() -} - -// TemporalScore returns score of Temporal metrics -// -// Deprecated: migrated github.com/goark/go-cvss/v2/metric package -func (m *Metrics) TemporalScore() float64 { - return m.Temporal.Score() -} - -// EnvironmentalScore returns score of Environmental metrics -// -// Deprecated: migrated github.com/goark/go-cvss/v2/metric package -func (m *Metrics) EnvironmentalScore() float64 { - return m.Environmental.Score() -} - -// GetSeverity returns severity by score of Base metrics -// -// Deprecated: migrated github.com/goark/go-cvss/v2/metric package -func (m *Metrics) GetSeverity() Severity { - return Severity(m.Base.Severity()) -} - -/* Copyright 2022 luxifer */ -/* Contributed by Spiegel, 2023 */ diff --git a/v2/base/base_test.go b/v2/base/base_test.go deleted file mode 100644 index 085dc3f..0000000 --- a/v2/base/base_test.go +++ /dev/null @@ -1,573 +0,0 @@ -package base - -import ( - "errors" - "testing" - - "github.com/goark/go-cvss/cvsserr" -) - -func TestValidation(t *testing.T) { - testCases := []struct { - vec string - err error - }{ - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:", err: cvsserr.ErrInvalidVector}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/:", err: cvsserr.ErrInvalidVector}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/:X", err: cvsserr.ErrInvalidVector}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:0", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:0/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:0/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:0/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:0/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:0/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:0/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:0/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:0/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/AR:0", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:0/AR:H", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:0/IR:M/AR:H", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:0/CR:M/IR:M/AR:H", err: cvsserr.ErrInvalidValue}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND/CDP:0/TD:H/CR:M/IR:M/AR:H", err: cvsserr.ErrInvalidValue}, - {vec: "av:n/ac:l/au:n/c:n/i:n/a:c/e:u/rl:nd/rc:nd/cdp:h/td:h/cr:m/ir:m/ar:h", err: cvsserr.ErrNotSupportMetric}, - {vec: "AV:N/AC:L/AU:N/C:N/I:N/A:C/E:U/RL:ND/RC:ND/CDP:H/TD:H/CR:M/IR:M/AR:H", err: cvsserr.ErrNotSupportMetric}, - {vec: "AV:N/AC:L/Au:N/C:N/I:N/A:C", err: nil}, - {vec: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", err: nil}, - } - - for _, tc := range testCases { - _, err := Decode(tc.vec) - if !errors.Is(err, tc.err) { - t.Errorf("Decode(%s) = \"%+v\", want \"%v\".", tc.vec, err, tc.err) - } - } -} - -func TestScore(t *testing.T) { - tests := []struct { - name string - vector string - want float64 - }{ - { - name: "CVE-2002-0392", - vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C", - want: 7.8, - }, - { - name: "CVE-2003-0818", - vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C", - want: 10.0, - }, - { - name: "CVE-2003-0062", - vector: "AV:L/AC:H/Au:N/C:C/I:C/A:C", - want: 6.2, - }, - { - name: "test", - vector: "AV:N/AC:H/Au:M/C:C/I:N/A:C/E:U/RL:ND/RC:ND", - want: 6.2, - }, - { - name: "test2", - vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C", - want: 7.8, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - m, err := Decode(tt.vector) - - if err != nil { - t.Error(err) - } - - if got := m.Score(); got != tt.want { - t.Errorf("Metrics.Score() = %v, want %v", got, tt.want) - } - }) - } -} - -func TestEnvScore(t *testing.T) { - tests := []struct { - name string - vector string - base float64 - temp float64 - env float64 - }{ - { - name: "CVE-2002-0392", - vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:H", - base: 7.8, - temp: 6.4, - env: 9.2, - }, - { - name: "CVE-2003-0818", - vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:L", - base: 10.0, - temp: 8.3, - env: 9.0, - }, - { - name: "CVE-2003-0062", - vector: "AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:M", - base: 6.2, - temp: 4.9, - env: 7.5, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - m, err := Decode(tt.vector) - if err != nil { - t.Error(err) - } else { - if got := m.Score(); got != tt.base { - t.Errorf("Metrics.Score() = %v, want %v", got, tt.base) - } - if got := m.TemporalScore(); got != tt.temp { - t.Errorf("Metrics.TemporalScore() = %v, want %v", got, tt.env) - } - if got := m.EnvironmentalScore(); got != tt.env { - t.Errorf("Metrics.EnvironmentalScore() = %v, want %v", got, tt.temp) - } - } - - }) - } -} - -func TestDecode(t *testing.T) { - tests := []struct { - name string - vector string - }{ - - {name: "CVE-2019-18322", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0145", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7842", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-6821", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2020-11898", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7779", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18283", vector: "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, - - {name: "CVE-2019-6812", vector: "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-6988", vector: "AV:A/AC:L/Au:N/C:N/I:P/A:P"}, - {name: "CVE-2019-12264", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2018-7762", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-11466", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-12741", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2020-10040", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-4703", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-11780", vector: "AV:N/AC:L/Au:N/C:C/I:N/A:N"}, - - {name: "CVE-2019-18335", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-11451", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0781", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - {name: "CVE-2018-7064", vector: "AV:A/AC:M/Au:S/C:P/I:P/A:P"}, - - {name: "CVE-2018-11452", vector: "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-6990", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-0169", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-0280", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-7502", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-0224", vector: "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, - - {name: "CVE-2019-6807", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, - {name: "CVE-2018-14795", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-10939", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2018-18065", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-16556", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0147", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2016-0868", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-11457", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-7851", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-13946", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - {name: "CVE-2014-3888", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - {name: "CVE-2015-6488", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0754", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2011-4861", vector: "AV:A/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-0175", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18331", vector: "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-8461", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-0158", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0275", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2019-10953", vector: "AV:A/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-0167", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7244", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12263", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2019-10920", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-6017", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2015-6492", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, - - {name: "CVE-2019-18330", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2012-1815", vector: "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-10931", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2017-14462", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2011-3389", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2018-7758", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, - - {name: "CVE-2019-18323", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-10044", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2019-13940", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-2680", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2019-6816", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:C"}, - - {name: "CVE-2018-7852", vector: "AV:N/AC:H/Au:N/C:N/I:P/A:P/E:U/RL:OF/RC:C"}, - - {name: "CVE-2018-0473", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, - {name: "CVE-2019-6572", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2012-6437", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2018-7759", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-6852", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2015-5698", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2250", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-0472", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2019-13103", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-0279", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0143", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-16196", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12260", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2012-6440", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7856", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2018-7809", vector: "AV:A/AC:L/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2019-13942", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2019-18217", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, - {name: "CVE-2013-2761", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, - - {name: "CVE-2019-6813", vector: "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0300", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0176", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0146", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-7845", vector: "AV:N/AC:M/Au:N/C:C/I:N/A:N"}, - - {name: "CVE-2020-11897", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-18314", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2019-6574", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2012-1816", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2019-18284", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-5390", vector: "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2013-0169", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18336", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2017-0273", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C"}, - - {name: "CVE-2019-18302", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12256", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2016-7113", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0301", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-9159", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0274", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7242", vector: "AV:L/AC:H/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-5176", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-13816", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-4690", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2016-5645", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2017-14470", vector: "AV:N/AC:H/Au:N/C:P/I:P/A:C"}, - {name: "CVE-2013-4651", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-7848", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-11460", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-7833", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-19282", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-11914", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2017-0272", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2015-7937", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2017-12089", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6436", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18292", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-6850", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2019-6806", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-13810", vector: "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, - {name: "CVE-2018-19615", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, - {name: "CVE-2017-6030", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-14797", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-13814", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-7575", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2019-11478", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-0929", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-6980", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2251", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:U/RC:C"}, - - {name: "CVE-2019-19301", vector: "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, - {name: "CVE-2019-6577", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18289", vector: "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-16563", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2020-11909", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-6329", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-11911", vector: "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, - - {name: "CVE-2019-18306", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2020-11905", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2019-18298", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2016-7112", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-18297", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-6833", vector: "AV:N/AC:M/Au:S/C:N/I:N/A:P"}, - - {name: "CVE-2019-6851", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-13926", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2017-14464", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2249", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-7843", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2015-1049", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2016-2200", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - {name: "CVE-2014-0782", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - {name: "CVE-2012-1814", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-4833", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2252", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-16740", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-19281", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-7800", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6435", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-18300", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, - {name: "CVE-2017-6026", vector: "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2014-2349", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-15377", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2019-18304", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-13808", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - {name: "CVE-2019-6568", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2009-3739", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-10919", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-7804", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18311", vector: "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, - {name: "CVE-2016-8561", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-3657", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2020-7525", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6438", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-6848", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-11901", vector: "AV:N/AC:H/Au:N/C:N/I:C/A:N"}, - {name: "CVE-2014-0317", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-8672", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2017-12088", vector: "AV:L/AC:L/Au:N/C:C/I:N/A:C"}, - - {name: "CVE-2019-18334", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-4784", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2018-11458", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-4843", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-11463", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-19616", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2016-8673", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2017-6868", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0267", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, - {name: "CVE-2012-1818", vector: "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, - {name: "CVE-2018-7781", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-6858", vector: "AV:N/AC:L/Au:S/C:P/I:P/A:C"}, - {name: "CVE-2013-3633", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2020-10042", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-0271", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-13809", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2012-6442", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:C"}, - - {name: "CVE-2019-6828", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C"}, - {name: "CVE-2013-0659", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-13925", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:C"}, - {name: "CVE-2014-8479", vector: "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2014-0755", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18303", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-6832", vector: "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-13813", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-7083", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2017-14467", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7834", vector: "AV:N/AC:L/Au:N/C:P/I:C/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2015-8214", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2017-7902", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2019-18288", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-5391", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2018-0174", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-4842", vector: "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, - {name: "CVE-2018-7245", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2018-13812", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2020-10043", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-18328", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2012-1817", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2020-11914", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-6856", vector: "AV:N/AC:M/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-5074", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2019-18301", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - {name: "CVE-2018-10592", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - - {name: "CVE-2019-18320", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2018-14793", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-7853", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12261", vector: "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2016-7090", vector: "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C"}, - {name: "CVE-2014-0160", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C"}, - {name: "CVE-2014-2908", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - - {name: "CVE-2019-5909", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2018-7830", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, - - {name: "CVE-2018-0470", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - - {name: "CVE-2019-18290", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C"}, - - {name: "CVE-2017-12093", vector: "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C"}, - - {name: "CVE-2020-10045", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, - {name: "CVE-2017-9312", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2020-5608", vector: "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, - - {name: "CVE-2018-15373", vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, - - {name: "CVE-2018-16557", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2020-11913", vector: "AV:A/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C"}, - - {name: "CVE-2018-7821", vector: "AV:A/AC:L/Au:N/C:P/I:P/A:P"}, - {name: "CVE-2019-12257", vector: "AV:A/AC:L/Au:N/C:P/I:N/A:N"}, - {name: "CVE-2018-14526", vector: "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, - - {name: "CVE-2018-7846", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:TF/RC:C"}, - - {name: "CVE-2020-7477", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, - - {name: "CVE-2019-13933", vector: "AV:N/AC:M/Au:N/C:P/I:P/A:C"}, - - {name: "CVE-2018-4848", vector: "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, - - {name: "CVE-2020-7592", vector: "AV:N/AC:L/Au:N/C:P/I:P/A:C"}, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - _, err := Decode(tt.vector) - - if err != nil { - t.Error(err) - } - }) - } -} - -func TestEncode(t *testing.T) { - tests := []struct { - name string - vector string - outp string - }{ - {name: "CVE-2020-7477", vector: "AV:N/AC:L/Au:S/C:N/I:N/A:P", outp: "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, - {name: "CVE-2018-7846-1", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:TF/RC:C", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:TF/RC:C"}, - {name: "CVE-2018-7846-2", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:ND", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:ND"}, - {name: "CVE-2018-7846-3", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:POC/RL:ND/RC:ND"}, - {name: "CVE-2018-7846-4", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/RL:TF", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:TF/RC:ND"}, - {name: "CVE-2018-7846-5", vector: "AV:N/AC:L/Au:N/C:N/I:N/A:C/RC:C", outp: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:C"}, - {name: "Issue #23-1", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M/AR:M"}, - {name: "Issue #23-2", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:ND/TD:ND/CR:M/IR:ND/AR:ND", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:ND/TD:ND/CR:M/IR:ND/AR:ND"}, - {name: "Issue #23-3", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:M/AR:ND"}, - {name: "Issue #23-4", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:M/IR:ND/AR:M"}, - {name: "Issue #23-5", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:H/CR:ND/IR:M/AR:M"}, - {name: "Issue #23-6", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/CR:M/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:N/TD:ND/CR:M/IR:M/AR:M"}, - {name: "Issue #23-7", vector: "AV:L/AC:M/Au:S/C:N/I:N/A:P/TD:H/CR:M/IR:M/AR:M", outp: "AV:L/AC:M/Au:S/C:N/I:N/A:P/CDP:ND/TD:H/CR:M/IR:M/AR:M"}, - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - m, err := Decode(tt.vector) - if err != nil { - t.Error(err) - } else if m.String() != tt.outp { - t.Errorf("String() = %v, want %v.", m.String(), tt.outp) - } - }) - } -} - -/* Copyright 2022 luxifer */ -/* Contributed by Spiegel, 2023 */ diff --git a/v2/base/severity.go b/v2/base/severity.go deleted file mode 100644 index 5ca2a7f..0000000 --- a/v2/base/severity.go +++ /dev/null @@ -1,8 +0,0 @@ -package base - -import "github.com/goark/go-cvss/v2/metric" - -// Severity is severity for Base Metrics -type Severity = metric.Severity - -/* Copyright 2022 luxifer */ diff --git a/v2/cvss.go b/v2/cvss.go deleted file mode 100644 index 6022800..0000000 --- a/v2/cvss.go +++ /dev/null @@ -1,28 +0,0 @@ -package v2 - -import ( - "github.com/goark/go-cvss/v2/metric" -) - -// CVSS is type of CVSS -type CVSS struct { - Base *metric.Base -} - -// New returns CVSS instance -func New() *CVSS { - return &CVSS{metric.NewBase()} -} - -// ImportBaseVector imports CVSSv2.0 base metrics vector -func (c *CVSS) ImportBaseVector(v string) error { - m, err := c.Base.Decode(v) - if err != nil { - return err - } - c.Base = m - return nil -} - -/* Copyright 2022 luxifer */ -/* Contributed by Spiegel, 2023 */