private static CveImpact GetImpactLevel(CVE_Items item)
{
if (item == null || item.impact == null)
{
return(CveImpact.Unknown);
}
float impactScore = -1f;
if (item.impact.baseMetricV3 != null && item.impact.baseMetricV3.cvssV3 != null)
{
impactScore = item.impact.baseMetricV3.cvssV3.baseScore;
}
else if (item.impact.baseMetricV2 != null && item.impact.baseMetricV2.cvssV2 != null)
{
impactScore = item.impact.baseMetricV2.cvssV2.baseScore;
}
if (impactScore >= 7)
{
return(CveImpact.High);
}
if (impactScore >= 4)
{
return(CveImpact.Medium);
}
if (impactScore >= 0)
{
return(CveImpact.Low);
}
return(CveImpact.Unknown);
}
public static CveSummary FromFeed(CVE_Items item)
{
var result = new CveSummary();
result.Id = item.cve.CVE_data_meta.ID;
result.PublishDate = DateTimeOffset.Parse(item.publishedDate);
result.Link = $"https://nvd.nist.gov/vuln/detail/{HttpUtility.UrlEncode(result.Id)}";
result.Impact = GetImpactLevel(item);
var description = item.cve.description.description_data
.Where(x => x.lang == "en")
.Select(x => x.value)
.FirstOrDefault()
?? string.Empty;
if (description.Length > 250)
{
description = description.Substring(0, 250);
var idx = description.LastIndexOf(' ');
description = description.Substring(0, idx) + "...";
}
result.Description = description;
return(result);
}
