private static CveImpact GetImpactLevel(CVE_Items item) { if (item == null || item.impact == null) { return(CveImpact.Unknown); } float impactScore = -1f; if (item.impact.baseMetricV3 != null && item.impact.baseMetricV3.cvssV3 != null) { impactScore = item.impact.baseMetricV3.cvssV3.baseScore; } else if (item.impact.baseMetricV2 != null && item.impact.baseMetricV2.cvssV2 != null) { impactScore = item.impact.baseMetricV2.cvssV2.baseScore; } if (impactScore >= 7) { return(CveImpact.High); } if (impactScore >= 4) { return(CveImpact.Medium); } if (impactScore >= 0) { return(CveImpact.Low); } return(CveImpact.Unknown); }
public static CveSummary FromFeed(CVE_Items item) { var result = new CveSummary(); result.Id = item.cve.CVE_data_meta.ID; result.PublishDate = DateTimeOffset.Parse(item.publishedDate); result.Link = $"https://nvd.nist.gov/vuln/detail/{HttpUtility.UrlEncode(result.Id)}"; result.Impact = GetImpactLevel(item); var description = item.cve.description.description_data .Where(x => x.lang == "en") .Select(x => x.value) .FirstOrDefault() ?? string.Empty; if (description.Length > 250) { description = description.Substring(0, 250); var idx = description.LastIndexOf(' '); description = description.Substring(0, idx) + "..."; } result.Description = description; return(result); }