aboutsummaryrefslogtreecommitdiff
path: root/cvss/score.go
diff options
context:
space:
mode:
authorPaul Duncan <pabs@pablotron.org>2022-02-07 12:09:55 -0500
committerPaul Duncan <pabs@pablotron.org>2022-02-07 12:09:55 -0500
commite24e6af76a1dcd64889f47e3fae03d7c3fa6f7a3 (patch)
tree04f33d91e46527bf6442316bc65f92d8d5fa9fe3 /cvss/score.go
parentc1982a2eaf4599e1ee7b822373262e8151bfc099 (diff)
downloadcvez-e24e6af76a1dcd64889f47e3fae03d7c3fa6f7a3.tar.bz2
cvez-e24e6af76a1dcd64889f47e3fae03d7c3fa6f7a3.zip
cvss: add score severity and tests
Diffstat (limited to 'cvss/score.go')
-rw-r--r--cvss/score.go30
1 files changed, 30 insertions, 0 deletions
diff --git a/cvss/score.go b/cvss/score.go
index e6a6faa..94a15a5 100644
--- a/cvss/score.go
+++ b/cvss/score.go
@@ -30,3 +30,33 @@ func (s Score) String() string {
func (s Score) Float() float32 {
return float32(s) / 10.0
}
+
+// Score to severity mapping.
+var scoreSeverities = []struct {
+ min uint8 // min score (inclusive)
+ max uint8 // max score (inclusive)
+ severity Severity // severity
+} {
+ { 0, 0, None },
+ { 1, 39, Low },
+ { 40, 69, Medium },
+ { 70, 89, High },
+ { 90, 100, Critical },
+}
+
+// Return score severity.
+//
+// Returns Unknown if the score does not map to a known severity.
+//
+// Score severity is based on mapping from section 5 of CVSS 3.1
+// specification.
+func (s Score) Severity() Severity {
+ for _, row := range(scoreSeverities) {
+ if uint8(s) >= row.min && uint8(s) <= row.max {
+ return row.severity
+ }
+ }
+
+ // return unknown severity
+ return Unknown
+}