CVSS Parser

English

简体中文

English

简体中文

Appearance

API Reference

CVSS Parser provides a complete set of Go language APIs for parsing, calculating, and processing CVSS (Common Vulnerability Scoring System) vectors.

Package Structure

CVSS Parser contains three main packages:

📦 cvss

Core package containing CVSS data structures, score calculators, and distance calculation functionality.

Main Types:

  • Cvss3x - CVSS 3.x vector representation
  • Calculator - CVSS score calculator
  • DistanceCalculator - Vector distance calculator

📦 parser

Parsing package responsible for parsing CVSS vector strings into structured data.

Main Types:

  • Cvss3xParser - CVSS 3.x vector string parser
  • VectorParser - Generic vector parser interface

📦 vector

Vector package providing unified interfaces and implementations for all CVSS metrics.

Main Types:

  • Vector - Unified interface for all metrics
  • Specific implementations for base, temporal, and environmental metrics

Quick Navigation

🚀 Getting Started

📚 Core Packages

💡 Practical Examples

Quick Start

Basic Usage

go
package main

import (
    "fmt"
    "log"

    "github.com/scagogogo/cvss-parser/pkg/cvss"
    "github.com/scagogogo/cvss-parser/pkg/parser"
)

func main() {
    // Parse CVSS vector
    p := parser.NewCvss3xParser("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")
    vector, err := p.Parse()
    if err != nil {
        log.Fatalf("Parse failed: %v", err)
    }

    // Calculate score
    calculator := cvss.NewCalculator(vector)
    score, err := calculator.Calculate()
    if err != nil {
        log.Fatalf("Calculation failed: %v", err)
    }

    fmt.Printf("CVSS Score: %.1f\n", score)
    fmt.Printf("Severity: %s\n", calculator.GetSeverityRating(score))
}

Advanced Features

go
// Vector comparison
distCalc := cvss.NewDistanceCalculator(vector1, vector2)
distance := distCalc.EuclideanDistance()

// JSON serialization
jsonData, err := json.Marshal(vector)

API Design Principles

🎯 Type Safety

All APIs use strong typing to catch errors at compile time:

go
type Calculator interface {
    Calculate() (float64, error)
    GetSeverityRating(score float64) string
}

🔧 Flexible Configuration

Support multiple configuration options to adapt to different needs:

go
// Strict mode parsing
parser := parser.NewCvss3xParser(vectorStr)
parser.SetStrictMode(true)

// Tolerant mode parsing
parser.SetStrictMode(false)

📊 Rich Error Information

Provide detailed error information to help with debugging:

go
if err != nil {
    switch e := err.(type) {
    case *parser.ParseError:
        fmt.Printf("Parse error: %s (position: %d)", e.Message, e.Position)
    case *cvss.CalculationError:
        fmt.Printf("Calculation error: %s", e.Message)
    }
}

Performance Characteristics

⚡ High Performance

  • Zero-allocation parser design
  • Optimized calculation algorithms
  • Memory-friendly data structures

📈 Scalability

  • Support for batch processing
  • Concurrent-safe design
  • Pluggable component architecture

Version Compatibility

CVSS Parser VersionCVSS Specification SupportGo Version Requirement
v1.xCVSS 3.0, 3.1Go 1.19+
v2.xCVSS 3.0, 3.1, 4.0Go 1.21+

Best Practices

🛡️ Error Handling

Always check errors and provide appropriate handling:

go
vector, err := parser.Parse()
if err != nil {
    log.Printf("Parse failed: %v", err)
    return
}

🔄 Resource Management

For large data processing, consider using object pools:

go
var parserPool = sync.Pool{
    New: func() interface{} {
        return parser.NewCvss3xParser("")
    },
}

📊 Performance Monitoring

Use built-in performance metrics:

go
start := time.Now()
score, err := calculator.Calculate()
duration := time.Since(start)
log.Printf("Calculation took: %v", duration)

Next Steps

Getting Help

If you encounter issues while using the API:

  1. Check the FAQ
  2. Browse Example Code
  3. Submit issues on GitHub
  4. Join Community Discussions

Released under the MIT License.

Copyright © 2024 CVSS Parser