CVSS Calculator is a Java library for calculating CVSSv2, CVSSv3, CVSSv3.1, and CVSSv4.0 scores and vectors, including support for base scores, impact scores, and exploitability scores.
$ mvn clean package
// Performs a new calculation using CVSSv3
CvssV3 cvssV3 = new CvssV3()
.attackVector(AttackVector.NETWORK)
.attackComplexity(AttackComplexity.LOW)
.privilegesRequired(PrivilegesRequired.HIGH)
.userInteraction(UserInteraction.NONE)
.scope(Scope.UNCHANGED)
.confidentiality(CIA.HIGH)
.integrity(CIA.HIGH)
.availability(CIA.HIGH);
Score score = cvssV3.calculateScore();// Parses an existing CVSS v2, v3, v3.1, or v4.0 vector
Cvss cvss = Cvss.fromVector(vector);
Score score = cvss.calculateScore();// Performs a new calculation using CVSSv4.0
CvssV4 cvssV4 = new CvssV4()
.attackVector(CvssV4.AttackVector.NETWORK)
.attackComplexity(CvssV4.AttackComplexity.LOW)
.attackRequirements(CvssV4.AttackRequirements.NONE)
.privilegesRequired(CvssV4.PrivilegesRequired.HIGH)
.userInteraction(CvssV4.UserInteraction.NONE)
.confidentialityImpact(CvssV4.Impact.HIGH)
.integrityImpact(CvssV4.Impact.HIGH)
.availabilityImpact(CvssV4.Impact.HIGH)
.subsequentConfidentiality(CvssV4.Impact.NONE)
.subsequentIntegrity(CvssV4.Impact.NONE)
.subsequentAvailability(CvssV4.Impact.NONE);
Score score = cvssV4.calculateScore();CVSS Calculator is available in the Maven Central Repository.
<dependency>
<groupId>us.springett</groupId>
<artifactId>cvss-calculator</artifactId>
<version>1.5.1</version>
</dependency>CVSS Calculator is Copyright (c) Steve Springett. All Rights Reserved.
All other trademarks are property of their respective owners.
Permission to modify and redistribute is granted under the terms of the Apache 2.0 license.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
![@dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?s=64&v=4){kind=small}
