Rootshell Security have released a new open source package for PHP developers: a Common Vulnerability Scoring System (CVSS) Calculator. The calculator enables you to easily generate CVSS scores from vectors.
CVSS is a free and open industry standard for assessing software vulnerabilities. It provides you with a way of measuring the severity of vulnerabilities by assigning them with a score from 0 to 10, with 10 being most severe. This helps you assess vulnerabilities and prioritise your remediation processes.
Many security tools represent software vulnerabilities as vectors, instead of providing you with a numerical score. A vector is a long string of information containing the three categories of metrics (base, temporal and environmental) used to derive a CVSS score.
This is where Rootshell’s CVSS Calculator comes in. It calculates your respective base, temporal and environmental scores from a given vector, making it quick and easy to generate your numerical score.
Rootshell Security Senior Engineer, Liam Hackett, said: “We’re excited to offer our modern, robust and easy-to-use CVSS Calculator to the industry. This is hopefully the first of many packages from Rootshell to make developers’ lives easier.”
You are welcome to expand on our free open source package under the MIT license. Visit our GitHub page to get started and for more information. Happy coding!