31 lines
1.1 KiB
Markdown
31 lines
1.1 KiB
Markdown
# Jekyll CVE badge
|
|
|
|
Generates a shields-like badge for a specified CVE. Automatically fetches the CVSS score from NVD and generates the badge accordingly.
|
|
|
|
![2021-09-14-14-29-21](https://user-images.githubusercontent.com/36747857/133249814-91cb7b07-41af-4a67-9f97-f049d6a3ca57.png)
|
|
|
|
It uses CVSSv3 by default. If the CVE is old and a CVSSv3 is not available, CVSSv2 will be used. The badge itself links to the corresponding page on NVD.
|
|
|
|
### Installation and usage
|
|
|
|
Add the following to your Gemfile's `jekyll_plugins` group:
|
|
```rb
|
|
gem "jekyll-cve-badge"
|
|
```
|
|
|
|
Run `bundler install`. This will install the plugin from the [RubyGems repository](https://rubygems.org/gems/jekyll-cve-badge).
|
|
|
|
You can then use the tag `cve_badge` anywhere. For example:
|
|
```md
|
|
{% cve_badge "CVE-2021-31698" %}
|
|
```
|
|
|
|
### Notes
|
|
|
|
* NVD's API is slow, so posts will take quite a lot longer to generate. Not much I can do here
|
|
* Add a `cve-badge.html` in your `_layouts` directory for custom styling. The layout is passed the params `cve_id`, `cve_severity`, and `cve_score`
|
|
|
|
### TODO
|
|
|
|
* Add flag to just add the badge with no CVSS rating
|