// ==UserScript==
// @name CERT-FR
// @namespace CERT-FR
// @version 3.07.04
// @description Score inclusion / TO DO Il faut pouvoir comparer le input des select avant de generer le ichier texte
// @author SRI/DELANOY
// @icon data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAKAAAACgCAIAAAAErfB6AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAErYSURBVHhe5X0HXBTH+/6qSTTGxG+KBaOxRI0mxsTYqWfvJSbRxK7Uw9577713AekdBOm9CoIgVYr0Lr139PfOzrHszhUOOFL+/+fzfOBud3Zudt+dd9535p0Z6v3/K6A++Ij65EvqyyHUgB+oYVOo0TOonxZRE5dTU9dQiqqUiiY1TbuF8FVJFZ2CBD8tpkbPRJfAhXB5ry8hK0Gm/338hwVMffQx1esratBP1M9LOMKTFSHbQT9Tn/ahPuop+Mn/IP5jAqa6fkB92pf6YQ4pjL+BY+ZSn/WDAgiK8h/Bf0PAVJcu1LdTKWUNiscnn7ts2Wr+kADU+3AFqms3QeH+3fhXCxjV11HTKIUN5FNuB0EwWHhIQs2fuRz0+8GkzPwPZmwmjoslFGz09H+5pP+lAqYGjqUm/Uk+UMlU1hL8VdAYs/7UvD23P56zDZ+SW7bPyjtc44IRpaI1fdvVk7oOOvYBxh4h103dt9+wgASzd94Y9teRyZoXqAnrBfm0iVDUQT8Jiv4vw79LwFSPT6kRSuTjE0dFDWryxm4zNveYvW3LdfMxa0/Cwa+XHYB8Vp7UXXLwHnzoOmMTSjlFNSwx47cjD6Diqmy5ChdeNne/Y+tD/bR6y1VTOitNSLzunP4pPccZO64L8seEug4/xD4igSOVqY8/Q3fyr8G/RcDUJ19QP84nnxfoUuKIkiZz8NeD9+tq6r9avAfq3LozT3rNpeurgnpsas6vh+5TPG3IFsSPDwZGJ68/q48+08rZyDn4srkHqqx0ff1545m3hWXUlI1dpmkz9R6z94Kdd6y9Z+28MXjFYWklPXYBmPf4vv5x/PMCprp/Ilob8/hrT+uxn+kXi3bfs/Z9Hpl0ydQNHZmiCpcP+G0/fB6x+tjmq2booLKWx8u4ww/t9J2CJmmcxxdCJp6hcfwrdGWl+dQ34sgje0FLzNPWvmKamVe8547NKV1HSl6NSYY4VQ0VUoW/7PADn7CEnnO3C46LasU5BA+7x6f0Lf6T+CcFjGyoySvJ59LMHzecPqbr0GU6rWOBChoxb7JAqPBkhyw/jI4oaSZnFSzcfxc+f7F4T0RCBn7ohq4vrpp7bL9pUVZZLVDRSpoOgVG77lihzzT9It/suGnZLGC+sWvIkUd2kGz4X0ehnWaSAadvv55bWApihs+8rVfjUnKgJPAaHX1o32Pm1pbiiSPcYJeughv+J/CPCRjpMQmVgKfdc862ffdsrLzCPpq1BY6c0HN4bO+PVDQrmePz6BNPHCGfrtM3Nb17BwoWDp5+4mTpEw619r6Nb3F51Yczt8Bn95DX9+38BL+oopWQkbf5Ol3j6a+ZuUUqm69Qypr9ft1HlOq2rY+xeyg+OGLlUVRyKMNUtfjU3M1XTS+buO+/Z0u8EyTh2p+X4Lv++/EPCJj6ZhylrE4+BTZ5/OnbrkPKT+ftgLrSja4lIOCY5GxUg1kpF+2/W1FVQ41f12fJXnMPEANS0WAtrz3z5OPZWyEfsI3hRflg5uYvF+/+38JdWE4g8s8X7e6/DOl2YPfZWxW3XF5+7NHO21Y3zT0peVbZ5NXj0/P+OPoQfebx9RwCo0GLKGhAtuhGoDDKmn8ceyTwuyZtwBVdNMGJ/2Yc/QD+VvytAqZ6fi7J+VHW2nrDfMs1c/SwpqgGxaTsum01dsPpWHim07Sh8YMcwNhBGlJBffTaE6hqKmhsOG9w19Z343mDltZaGQyxtrs6cAlUTa4ZNV79HPzojO3XoTzz9t6Gz4P+OATFO23gHJ2cffSx/Y5btJ7n8bfdtHjiGAR2AFjv7BxITvoLzEn0LP4u/H0Cpr75hbxbNhU1Htr7Q5X99fAD0LdwBFydxsammbtugOBRAh5/3Vn9urqGZwFRV03d/zjyCD1Z+jiSKJOPbKmkQU1cP1X74jkjl/0PbLtO24SUxIT1ldW1Spsvg9RP6DqgAkxVzSssgxYa3rzQmFQyE2EOmSB4KJ2Pv0PA1EefUPLryZvk8vNFu3IKSwf/eRi8EbCY6KeGzNchyw+BgH8/8vCrpXtRyskbUV+EBE3Y2VTRUj9nWFNTR79YWr2gEYGDPP5RnWfFZVXoIGGEi6PiRqp7L/x8OhWdLmCq73Dy3kRSQd3aK7y+oREIV/2ifhYe3wk9x7C4tEvGbjtvWWEDSirCU56m/cGMzdC4gmL/dP6O3gt3/W/RLmh0hy4/DBywbB98hYNwChJAMmikmQtbJyRTUD/44KmNd/io1cehnKg5n6rmEhwDbTSZeJo2srSh3gsdR/xqKH5KnYfOFTAakSVuSSK7zdgM/H7NyZuWXvAQVxx++OXiPVhjt0K6BR2x8tieu9ZeofHVtaDLGxsamxqbwLgGCMrDBhyEE5AAkkHimtp677CEvXdtwFRGjbEUrTj2kRS0Ly099ACaCe2rpra+r9gJ4OC++7ZJmfm3rbzFvj0/LRIUqHPQiQKm5NeRN0PzF7Wz3bB7SlBF689jj6EqbLpmNgH3UUioUnBKXg3a7H33bKOTsvJLKkBOgh9uRlFRUVJy8quIiOdBwT6+fm7uHs109/bxDXrxIjIyKiUltaioGEmbBciqoKTidVrO/vu2veZsRy2CxJJ8u/IoNMZQp4l3se/SvZAbtCmfzN1+XOcZ1HX22RYqbKC6ddYoZKcIGA3ZiqsBSpoWXmFQdRbvvyt8w0P/PHLkkf2PG0+LvRzsqSmqC/fdtfOPzM4vEfwejbj4eE8vb9undsamZpZW1hGRkQmJibl5eSDml2FhL8PC9Q2NnhgY6j7Rf6yr90hHV0fvCXwGwgc4Amctra0dnZ39AwLfJCXX1NQI8n3/Pqeg9Kl/xOL996hJG8UadFDpiduBrwrquQWlJ/Uc4SsapFLWmrb1GjIj2Mkw4X4/Hyj4PZlC9gKm+n9Hlp7Lc4bOP204U1vXcNMK9DC3dxfaKm5XhoDgaE5Wnbb9mr5zEKhdwS+xUFJSUl5eLvgiCklJyQkJiaEvw+LjE/LzC8rKynJycoOCgoHwQoDg2QSpwxtgYmoGFR2uqqysFOTy7r2BS/D0HddRnRbuJ2eTx195Qgdcg59Uz0ArIVAASpoeL+NuWXiJvVZutOCHZAcZC5gaPJ4stBDn770zc+eN+Xtvhyek5xeVwyOQ1MoqaX61ZI/mZZPa2gbBb0iBpqamwsLC3Nzc7Jyc/Pz8qqqq0tIywTkaoEIcnJygooN09fQNCAGzCWdB2GYWljGxsfBa4Mura+o2XTXtA4a9yNcRqKAOJhiYb2BmQ3qBgOXVEzLeTuFfhMb7uzUnRKt9WXeGyFLA1Hc8srg0v1i4m/31wxmbyyqq/7dgF6gsh4Ao1O6KVMgqfHiC+k5BgtzbCGcXV2BaWrrguxiEh7+SLGA2oWYbmZimpafX19fjyw2cg/stI3s3BZyses/GN+ttyeIDzV0fkzfW1Tf0nr9zgub5hIy8UauOtyRmc7gCzlwmkJmAUd8yUVCgkqaZx8vp269xDk5RNXZ9IWjMxBgvPeZsDYlNE2QtO1RUVAYGPrd79sz+mYObh2dQcHB0dAzoYTDBcAstJeGdcHFxBTMdZxsUnQIeF3ELwvxs/k5I/Dwq6YuFu/ARsWMVP8zBOXccshEw9cuvZBFpgmXx29GHKAEjSDA9FDWMXF6MVzvHJONQQSMwKhmcG5xzx4Hb5urqarClQdmCPQXU0dNnV1yQbpsEzNDCyrq8vALyh4bWP+KNWI0NVNLKfFsMXhPTAI9TPZtXVOYUGN1nCd2HQ3DsArr4HYUMBCy67jJU0jz48GluYRm2p/bcsR7w2wFwG0TUXQX1W1bejaJsKOlRUFAQG/s6IPC5o5OThZUVNLERERHQdtbVCZQqdoyhVQ4IDHz4WIcQWDsIevupnX1xMTLpofAPnvpRUzkjIpgD/zgYEpMK9yg4wtNOzylcBg70FFVdh0DRprUsZNxRAYtrdzlU4XuGxnmFxYMXBM4iGiQgEsirzdhxnXB72g14yjW1NVBlGxpasctqa2sjo6LBTcK1WfrGWJigFdw9PCsrqyDbvMKyObtvtsiymaCQ8b2jOBMV/qYrpum5RSDaCernULVmj2IxHD0DF7Xd6JCARdjMPD4KeRGqnXBv4Bftu2dDDNcAP5q1xdAlWJCjjADSFXySDhERUS5ublFR0UbGJoTk2kR4VyIio3CecFNE9I+ACuoeIXGoqZJHne0oEoinDZ6ClXf44BWHRHRqDh6PM2wf2i9gEf4uT3vQH4ecn8cgDcw9Be/siJXHSMGr8EetPfGuLSoZ/J+yMkn+LiA9PR2cV0MjY8arkR5gc3WkHjfTqLi4GHJraGgcs/4UkiX7rnn8mTuuK2y6PGbDKUjQCz8r8COUNZ/5Rw5aflBE49XnW1y8dqCdAkZ9VUQh6Jipq2YeILbPF+4S/fKyydPed9cW5wZiwx8ko6i4WO+Jfl1tLTSigkPiERYWbmFpBa0j6GHBIRYaaQi+cFFbU2tsQnZ9tJXwlgS/CMEZXjRyEbaWwfXfeN6gpQOAx1fZehUSP/WNkKOjzEj27o9zayvaK2Ahz/WTOdtexqYVlFaA5jFwClq0/x4UWmwPBk87OSsf8oGnHBb+ysDQ+HVcPM5ZHMCxgQfn4ekFb4OBkbHgqHhEREai9B5eIt8GqDqQIbSagu8s1NbWMXLqIE1MzbBxB/azpM4cHl8QTfD7QXiwvuGJosccP+xBF7BtaI+AxY0igC66YuYOvvxn83YgPTNh/aGHdkTnbRd6AkFlNapVqalp4Jw80tXNz8+XUCkLCwtNzMzheekbGMJXkDF8htcCn5UMCboBDOn7jx77BwQKvtOAg2B2YfHIhPoGRvHxCZBzeVWNXHOQEJtfLd6z5swTSDAEGmA4go0Y2jTpvWDnqSdOTEp47HQZ24Y2C1jECCDIcuIGuiMejdmdfOJYXVv/0ayttyy8PpnHbYzhVd1zGw/7BD4PAsvTw8tL2NbNzc2rqqyKi49PfJMUHRMLlgs8KVMzcxdXt5DQULgKPBMvbx9B6g4gJjYWcvPjyhgAPk9gECoeW1TtJqhrv4AAyBZe4hk7bhDKr9e87bEp2aPWnGAfhCfpHZYAf11fvOYcH7sQl1B6tE3AIkbveXyophVVaOzlkqk78g2UNM/oO5WUVeJoSHbK1af0IBncp6ubOwgJJEjn2oKo6Gg//4Cg4BfxCQnw4gcFB2PpgnHr4OAIDbCZuQXoZ5BuSUkJdj0JVFfXQA7hr6Sq34Do6GjdJwbOrm7Cdb2+rt7S2uaRji4UlS2wdhBkDG8n1lJrTusR/SGfzd/JflaD/jhYVFZp7x9509JrIChtVkrEAT/g4kmJNggYRd4QP6astfTQ/W/+OEhN2jBZ80JNbf0ZQ2doX1GABNGnA9I9jaQL9dXa5inccGFhEc4Wo6npXWJiIsgVngK0W/AGvAgJgScLKa1sbN3cPeAD87zgeFJyMtSw0tJSwfUswDsBCUJCXwq+v39f4+1cZWvRmJst+C4EV3cPHV293Lw8wXcuIqOioMF2dHYxt7RiytAOWlpZ405sjUvGSNuxnw+mitZ4jfOQ4JF9APjHfZbu1bhoRKYBfflBd7pcUqEtAhaKq5qoeb5lfsA07W//OpqSUyjs4EOCtWf0IYfGxiZjUzNoSgsKC3GeAJAo1J7nz4N8fHzh/uGzp6e3lbUNPBGorHbPHHx8/dmPCR+3tbMHATP9UwygcsOrAO+H4HszSo7szej7v5xxo6odrJtKRVT9rKxsMAi8vX2ErWvQFvDmmVta2tg+bV+PJkNQRbhJ4l82IVzeHnO2bbthAaemb7++756N3LJ90AZ3F+4UAqqgmVRSQloBC8dEfjhj8767NnDqkomboKyTN9r5RZBdGc11F2BobKJvaFxfX4e/giyhdjY2NMKdBwQ+L6NH9F6/jnsREgpCgoqYlZVVU1PDrruY8KDgL7hAOB82oGln0oNWrKlp8ZEKN/6VOWQAZvZPo6pdRVwOFhxc7uvn9/ZtfnZOTlJSEjtDmdDQyAQ3B2vPPGHqBmb/X/dNUDsHD7Pn3G3bb1oKjjebXRxKHZcplYBRPDPxA5g8/heLd9fW1sek5MDnkauOq543JBLgdhfqLkgX3AbGpIJmD+4WLGRnF1eQJdRgeJSgt6urq8F/hSNv3iSlpqZCZWU/HTbT0jNwVgQSEhKxfVReXg4fwO0RnADzbcIYRsaZ3/TPGjk4d4ZC7XNfwWkaGZmZNrZ2UNeCg19g7QIHofmQoZiNTEzxby3af5ewuVYcezxo+SGoPALZ8/gL9t6OTMwU0ZH5cW+ciWRIJ2CJU3XBw3MJiskrLjvy2J5dfcEjApsZLq9vaMBRE9a2T+FraloatJEg77KyMhCnq5tbSEgo1DZoaHNycgyNjQ2MTV7HxZmam0u2bthRNQQgW2gI8M8B7j/1nap96X8Ld3XnaaYM6NMiY5oZX/fJHvd9odaGxlzRbwwArK0OKmeC8EBwzspbrjBPDFFZC6TeG48nKmsFx6RcMQY9VMdJgzl1Lc5BMloXMJppQmQtzCmqOs8CiZcR/F3wiKASgB6GW4IaAPYtuEB29s+gMWOqMjRvsbEg0Pgn+gZQ4cCQgVPuHp7sxyGSdXUtVVMYKZlv/9p/eZLWBdRpgC0+Ff7wVceKoiIzB8sRMkYcLJfe57O8ObwK3QfQeghyoREa+hIETPx6x2luYYnt6u9WH+cEBfP4g5cf+v3oI0vPl5/SASFD/qQn2wlz4I90ASVBCgET84hAdQh1YyES0Wg8bdyb4eLmju8HGjb4Gv4q4qGObuKbN9DI0dmjLidgdnYOGJlQS+BIQ2Ojk7ML8yDEkQmrYCM5K/+2jc/IVcfQTCF2C6eiNZl/Eacpu3Exc1A/UsAMB/UDc6z4wM6CQD8jSytID02GbJthhk4urpB/YWklsW5E36V7H9r5Q7Xxe5W465YV0osK6uglELa9W5u62IqAhcd6F+y9M2PbNdEyZtjcExn4/Dl+NLjVsX1qByIEQYKxGhkZhYPZoH481tEFab3NBxTAESNj01YfKLTN+PXHeFtcbubxsv/SvaInPfD4k7UE0sV4u3Se6HrMYobcV5mTfqwN8A7299OTqX7GxPeI3bmopGzCsQSRL9x/t7Ck4ie1s+oXjKA2Q7Jdt1tmwAo4Zi59Q2IhScBo/i7XzOs+eyta1EJJ44/D9IQ7kVTh41GE1NQ03E0BTSk0rg0NjXBLQDc3j9raWlDIeW/fQjIjEzRCx/RMgeGK779VZmRkQhPgH/EGFJrYaFaaw1YcxpmzkTV6GCFRccwa2Of5hlUGerLp2GIIb7nNUztsTkJ5UJVlF1tR44Gt3xpsadMVJr+4fOz60yIqsUS3WKKAidnZylr3bHwnaZ6H375s7AZv3Kg1JxQ2X+akmaY9et0JuLaxqYmxSkDfQg3GowXBwcFgUjk6Ob+KiICKDSnB3IDqyDTJYGvZP3PEF4oj+BoePoFj1hwVETsgTBV+bR3ZGwqo8fXI6PcFIUsJzBg2MEFhvInOQxnWZtzHrqunX0MPYA9dcYQofK+523fcRM7xnrs2xKkWTvqTviHRECtgtLICN6PP5u9U2XYNTiVmvEWx6Tw+GPRa4LCz0nw0a8u7JqQ5Temio9I/0UcGFP3Zz88fTF84Arra3sExPT0D1CwoamJEr7S0VKT9DC8EYPG2s/9bsL2VNoKhokZOgYjeLoySQ3sIKbbKrMFyb8aPcTh1TMdUcIMyoYWVNZSnrr6R07/L40/hXywoqUBGVvP9dpuxqcecrS1pMMXPYxMvYDHrZnSbvunkE0dIcNHE7ayBM3e6tBqOzQCnFpcbaqeDk7Mu3djYPXOAU65u7v7+gcXFJaCTPb28c3Nz0Y9xkUb7UTgHTDNTkyOX7/205hAyNLithiTytD1C4wSZikRDfea3XxMilIbZX/d5M+FHzx2bH5tbssvZbkLL5eOD3HF7/0i2qwn89s8jgluerAoeVEp2QUpmPvkQxLtMogWM1rxhX09QWWvYX0dep+b+sA6tXMRwxg40Lb+4pASLBwqdnZMTHR2DFVFjYyNUXy8vb0jj4OQETgI0Pw8f6wh3DTK1H6osuLOqR670X7KLUpKuyjJU0Vp68L4gR/GoexksyaKWyKxB/dLGfOu5fbOesbFM9DaOzidbPRU+pagJB6OSsuCsxiVjcOiHgNTZaUDeYhbUFCNgYkUjFX4v1sAfavl4/P6/7uM0+PLq2QWoj5cJawIx5+W9BUMaBOzj6wd2MrTKJSWlzxydcAITUzPb5r4INqBJBlV884Hu8t3Q3mu1ocqy2Iee+CUN3i6ZQ0iubRwsl/Xt1677dxs8edIOMeMuIIbQZtXU1hO37BgQVVffcPiR/a8H7+OufqfAaDQ5nZWGmrhccD9ciBAwWo2MfeU07Wnbry3cf4eJOwE9eegBOZJ/ywpVzaho9mi5ETS19BQSsJffQn2NT0gAD5hRvy6ubvgX2SgpKbnzSG/82sPkeFSbqKgRGIlMU2nwrrYmc2h7FDWHgwdkDZFzObQPxMx6Aq0QlFxKaqrukxafMDI6Gop0XM8BVVzmdpS1FtHTI6Du+r9KxDfYcpahqJZYlICJteaUNM88cYLjpRU1o1bT49Ly6urnjTjVV0EDBavW1IBHy5QV6OPnDxdCDQ4IeA6GdH5BgSErbJHpkmXwtqgcha0w2baXK47rCHKUDiWnD7fqFktJMLYdTx19InVVhgcCLz1IGn+Ftx93D/Scw4qV4GlfM/MQ7eKzOUIJ3w4bogRMXEbzg5lbFuy7A2cLyyrNPELRckOss4FRyXAKB9MwRG1wdk5cfLy1ra2pObL1o1gxi/CB8X0B4fEZKKKlXdqY5FR1eNsE+UqNrDEjCFG1m2Bpp40e9vTCWV3pgnCJXm43dw8oj31AJNtT6DF7K1jUgufD43u+jM/OL+m9QDAFpoVC84xJAaNVQIlrGNK5Lzp475yBC1t/gtXe9O5dUVEx7tZgExqY13FxoKhfhoVB5omJiZDGytoGpAsMCkYmt3NQDApYEalz2kEe/5Y1aizaiorHdzK+JschOsLsQX3jFCZY3r6pZyh2QEwkH+vq5eejfsC+xJQWRY2Fe+9A0zte41x9bf2HMzejkDdilKnfSHw7DIQELHHgCFGFGyupwsezxOzsnxEFBYLBBa8nqB0wst4kJYWEhnp6euGBBGNj45v61mgmv3CAQAcIXhx2xNuBnIljCSF1nCDmkOW/PjFum4wdHFGbGPI6la3Shv55+NGzAPiw6oROaHw6PDdwSskJ1pNX4nthwBEw6ptkp56mPXXzpWk7rgOnbrokT/MXtbPQJDAJsLFaXl7OmE7CBGMKdLWOrh6YWpAYrJBzNx9+v/JAh8woMbTxlTYaSxgVj+/KthILCGb2ULlnJ4/piR/bJgiVODcvDyzqnuyh/qlqxs7BYPpYeoc/cXxOyasNXSFqlOnj/wnuhwZXwKOmsZOC2ZySU5j5tjg1t7Ckojq7oLSwtIIzT1JJE8/ftbKyJorIEPe10gr5RWpqWnFx0bxNJztDtIg8fn29iHD2ikppZ7Jk//AtKR4ZMWtgX8cTR9hPhjFHRNLByRnK4xOWwL7BzxftLiytTMrKJ8NV2RyhiO8Fgytg4bXVFdTB3+gybdOmK6bUFNWec7ay9fNXS/bAVY2NKOZGMq1s0PBDU1NTYGDgL+vEjG52mEYuL+j7IDGQt0bwqTWU37shK3NamB4HdzOOMrRcEZGREmQMCg/Nn2ts6kHE64DSlmyKcnu1WgSM9kUgkmKqaFl4hokYqFLha142gQvdmkd8hQnV19HJGf5mZGZCSvCXXsfGjlsrA0dImB/M3FxbL2JQwSs4kho+c99lXcF3yWhqyPiiFyEYWZEtYDzcaUOHQoijo7MLlGj3HSuOTywNWdE8LAF/O5VMx5DHv2vj+/vhBxzfd7JqbW09QNxr6Ovr9/x5EBiEeK5fVVVVQ0ODk7PzlI1HWzKRFXn8VSdFi3DkPDXq+3nUiFl+oagPoVWUnjhICEZWdDm874lBi0cEPoWr+LoBBBsVF4kIByApPCFx1HR8IYAlYGWOPYamn0xY39IfpqBxxcSdrRymbUcjS6lpaUSxMMHmAhUU/ioCZ44RHRMDxVZUE7M2RQcIjQheIo9AXX1D1zHzkYC/n9fzl6VVdJCJZDS8ScgY8BUhG5nQ/shBcP3BgCKelThCzYmNfQ1F+p7b599CqG+TNoxafWIIYW1NWYXvBSAQMDm2r6KlfcXUxjtc51mA2iWjr387AA0wxzJS1tR3RuaVidCoGYgWHNyU1BQLK2tcPoznwcFQYn1DQ54md5qGLDiUXt9XGDPW76dGz8UCBn4++Q/hUGphZI8bRchGJnx+/y5kHhEZJdm8YtPIxBQ0OVopmdVP0H3mli8W7V64/+69p354TskjIlhgGtrOAKNZwELTQdHAJGT685rfjzysrWsoK6/m9EVMUW1qbCorK9Phekem5hbJKSmQIRrkNzZJz8gAE8w/ILCiogLflZGJyZI93DjCjlNJ8/5TFPBFIL+olBEtwy7fz8/MRYFBElDtYk/IRgYcLFcaiAr58mUY+4lJJthiOPSME9rA48ORtNxCqGOTNC5Qv6y9Z+NDzl7sOwLdSYuAhfYS+3juNqUtV4pLK8GQM/d82X3WFnbk38J96GV8HRfHLo2ZhSXODV46sK1ehoUXFRXHvn4NpYT3AE9WAE9J48xjEc1GBwgFw79LYNR8DUK6Ag6d5hYQLkgkCk2lJZnf9CclBByM5NROM/ub/nUxkZB5cnKK9DUYGEkvGTB71032Ld+28mrpmubxF+6/QwbHT/idvhVGwOxz07Rn7roBB0vKqqbyLxKnEHl8O39UVgvWXB2wCECudGYIubm5TBQOfACj0dffH/ekq5+8y2kOOkx4EfEPseHiH8ZWzsIcPHNdXgGahy8S2RN/aJFNs1ALVi2rsjQqObirPUPIA/vVv0FzoMvLy909PEV2/IkkvA1w1eNnAewm8rS+0+fNazEBs/OLSQEroR1LAEjAaJdH9jlFja3XzG9b+eQXl18xdUcjwYoanE4TebXs/BIQ1aPmsSOQHHseWGNTE5599Pbt25qaGhA8kzIv763uM3LrhQ5RSfO2NTmVNDe/GMxmQqIiOXDamjsmKNSEAFTixpzsxrzcpsKCprLS983TbTByxrNmSEjHrEH9IpxRByQDLx9faaoypKmqroYGEc3RZe5aWTMx462uw3O3F7GV1bWvEjJaTmGqaOFfoQXc6yviNNL4ypqUouaI1cdWndL1Co1HRlbzWRyNncCazYG7XdiAGhwXH19SgkIAoAGGN8D2qR0Iubi4xDk4Vpb9z5M2NAjZz8NmbSAEKYkjZ1PfzRk6a73Smj1qR25ceGSpb+th4x5o4ex319jhyE2Dv3ZdUFy9+7v56t1/Xgztd12wf8aALwn5tcrsgX1N79+zp+OWGHh6eQmP0Agzk+5FQMt9sG685xy0Hdgda+8F++5w3FeG9N4BtIAH/USeA3tKXh0RJMHT/t+CnWyluu8e6pby9vFlSuAkJODa2lpbO3sTM/P09Iy6urqHj3XgA9wMHI9IzGx9aFNqwm0LfrIZMzcepEbNIaUoJUfNRfIeMZMaThPUwHezBap+9NxreujGs39haW+pmf11HyMdtCwXWCTPg4Iys7LwrKecnBzwLJgnKZJ4qYn9D2yJe0cdIFgXwocpqmi3IXbbRy+JSAtYaP9dM89QOA7wDI0XXqQvOhlNtGXHmqAll7kAA9vQ2ASqeGQUshGCgl/ExSdgA7ugpEL0ul/t4t77aIYjg8WbTyIJsWUmI4KLBfkX7drcvhiuHLkv9Y1aZAYqjQlGe/MmCb4yp4QJDRwkc3weLbppo+fg2/tHWnqGcTwdeskHWsDMISCPf/Dh09k7b1IT1n+5aPd5Q5eE1DyORlXRyi+pgIrINKvIlG+2pxjguScg4LBwZK9CM5yW3rIuKOpCYTLsCBU1nINjcJ6NjU3yf+1sf92VzO/mhEQmvqupzhw2kJCclMz+7htdE1P8xDCrqtCqaRiSp5aD5oMKk1dUJqlioD1+hBR1ly4U2hmdfUheXeMyZ/652kXD4StZnYtKmuA4JSUnsz3grCwU8MegobERzGZ8Ct5NfDAuriWCtedsoQmv7ePkjWX0SFFZRdXH45aQUpEdf1iE5lznKI4nxCY9X/OmEgEe+gaGoKXh1X8eFMw+LkyoJxkZqBmW3Ck9QGhXL6rbRxTa9559SFHjsX0ANbGlhqleMEIBlM1fR6w8Br/kHxDILkHoy5b1EkDzMNIFvmheLoqNcapnmAzbSRX+4OUHcVC7oZ0X0x/ZKRw2PSo+tSk/h5BZm1h+RsR4MLRioP+IgyIZTq8qNH/P7ZYnoKyJFs9Q0lTQvnRCzzEoKiktu4Bcf+mjnhT15RDOoWnav9C7Qbm8iD344Ol1Cy8zd04/2V56Vj8x+y8mJhYOYoBJxbQoj3X1Cml/KfY1JwB99Sk9JsO2EV7hyRt/O/wgIQPFDsQkpo+Yq0qNlMojajfH/74Vfitn6jhCZm1i8NnjeqyRBumJXRUXeh7iZVP3lkehoP48GoXCZeUVG7m9UL1otOWa2UfEXJ5PvqCoAT9wDgFVtEauPn7/qZ/Xq4Rjus8EO7Ri8vjgMkGmltacEX48awGjurqaETC001VVlXX00mKC0zQE24dKSbAspqh24Wn/duShpXdYOd376uofBl4NMnSF5CFjDp9p/MyrISMtc2A74+MxzW/fxM+kTQRdGBz8Ap6nMR2B6h3OGv9X0ULRNcjZUUM1UEULkTmLKTeaooZNYR9C2wXCAwVVDn/hYiGlX02viGDAVSx6dMT2u3dovKikpBS+Co7rGwTS01iICFk7FDIoqTlhCAaBvnNQEj0ZFRARl3zqrkl/pZXUtzNISXQOP/gRLU1VvHcrIbC20vjhQ/xM2kQnFzQkHBwSYkHPVI5JyeZYUuzPtMgEG3UxHKFEUaNnsA8tO/Lw1BNH0IFTtC/+uPH0N8sP9cVbjtH8YMbmuobG9+/eC495vXoVAa0v6GdXNw/iFBB8KiSfZiBXmG3Qi+E4tbM4fVxS5u/bziChDptOCKCzue3M/ffvGtI/70kIrG0c+rUhN2JcSjLdveGvXpWUlGQXlLKf20T1cz9sODVV+9KMnTdWntDZcsNiHruRBo5bShEr16meM3jqF5GQnldYVllRXQsG88+gB5rPdp+9FY4UFhUR/S9QU+HnS0tL3d1FL70A1gQuKEZpRbVUrrCS5p471sXlAndi+Y5zH0FpJfYwy5gjZvqERFW7ObV7/pKAQ7/WN2jDAIOpuQU80qDglgikwsKi9PQMkAjbjJq959bqk7qTtS70Wbxn3MYzYJFPI3ZPkF9PoY2qWYfYQ0ZorgoPLR3LHOk5d3tjU1NySgrhmEOFBgXtQi+cI5KEgAGUslQqGghFAs1h7iEw1PnHb3eWsyvMgWiuQNHOTaTA2sg4lcmS5zqAOL3oFb7w54iISKgv+H4ZvKYNVXafsUBYPL7WJRT7MewvcnoxIjV1Dfv7p3O3fy4cL9/MT+fvAEFGRUURAnZFK1LV4FmEmLp0aDvzFQfdsYE2xhLKXxJV0E6QZw1Qm5SbX9xfadXfUJV/WroJfi57jLRrAYjmYDmfLZpGQrszsWlkgipAQ319enp6Tk4OuB6Jb97gOSwM3rxBNjPZm6Gg/sTxORz/Eu3oieZwo8aYnYBS4mww8NDe/8sl9OafzEHW2G3vhbvAkgLVAcIDOjo5Yyla0/Jj+raAyckpZhYtc2fB20NlZMHAOZjJtg1U0vz69wPP6Zkyp++ZdrYVfeSm4fvq8vQOhuF90z8pIjwk9CX7jRdmZCQagcUoKS6BJwbp2b1dWVmoh3jAsgMtT0NFyyc8oay8Wu2C4YH7T+9Y+5x+4oisYyYBkFJhfefxIdF4zfOT+Rd/Vj3z3erjEzTOo42zmxP8b9Eu+A0fXz8sYMvmcGiwouLi49nV2soGDe+DjLEVjT6bW7AXPnqTJTSLWXoqauy5i6bEmzv7dVLPM6ar/8u6534Z/duw0oMIfjcE3zJbwwkTnqed/TOwqurr63EjCGTv54VXkR/L6iP6aNaW7Tctlp94PH/v7Un8C8P+PDJF6yIx65PifOHxHQKjsgpKCkrKS8ursMfJHmyQW7YfjrjRa8VC9U1KQhHtTPmYsjJ0dnH18w8wNDIGfw4MaTzYgIHsLJFd51KSxz+tj4ZXHX1DpRz6bTNHzw2LfVNpbtTR6Q4/f48DYKVZG8rdwzMnJxd3BcJDZmtpHLvDIxZOIyqJcJ3hfFHROnjflhq/TuA+y6t9MGPTZwt2MgmGLkfL1bi5e6C5Fbm5wjFZIEW2pPFn+AuShg/PHByhqaZLi9CDWG+4jTz6yA7nY+7khwb1CPF0nN/NeZ2cUf7gVodM6MFyqcsXVdN37entzTwZCWQ8FBCw8AYVKptZAlbW+nnD6Y/nbMNbIHebsQnaL7KDgfNFRcvWLwItWi1GeTIChp9/+BjNwWW3u1Ag0N7wlzlCEE6xAz/23xMa4GwLscGFsf7gVVI8HeeoObFJ6eUPbndEwFD7a/0FGwf4+fmL1HPiCInxwmFscAQ8cb3gaDPQBsZEBwPnC215t+wgweP/uO4Ue+rEAKyi3VG4Nvy8t08bonyBkJitc/JLKpic20G2gGvr6mVvcI2e+youudL4ScbAvoTY2sBvWzaNBUeIeCCSKWyZAnhsAStq/HbkQa/5O1S2Xu376z5wYrddNxcSMNvIYjhVdYLauSh6YJ/dBmMjy5sOJgJ9W1ZeDi45Lg3UTsaoBuro6UdHx0ARscKBRqWoqMjVzZ29YlJdA3fVoDby8APO+h4+IVEyd5w8gyJq/b07YmTlzeHh4oW+fMkeZJOGzGKqbPyiIbQlII+vtPUqGjJQUNe+ZCIkYK6bBO2u+kWj1Bw0BKRx2RisKuRaNZ8VuEkvkJv0MizsxYsQEBgjVKaDGrymInpBd7irt2/fxr5+XVAArl0RsQMGgDPS3EZqX+N0f4KD3v3nxYSEOshjt4ze11a2300a1K/09FFoleAth6eEl5OSfl3Tp/bPBPfGgvDOHiDahfvvDF1xGNTt6hM6pKPM6ejg8f0iEkvLq6dvu/bR7K1fCvV44I6OyEjU0fE6Lu7BI9QMOzSvmoMJdRpcI2ibTc0swPDDc/vhKkNjk6d29uwVugGozSAKJDWX7L8nyKUZey/pyLaT67v56pBtzsQ2x1BiZvTp3ZifA/4hPBYQsI+vr62dHWiygIBAoq9XmJCe6OjAIB8XWEtTVFG/r4I6OiX8MImuSki66MA977CEU3pOvx15CG8Hexsz3FWZkpIK5YuOiYFyQCHYofpQLLxSh76BYVRUy2QvqL84wb0HD/FcNAZgATL5t4ljN5wWZMGCjHsxBymVV9eVXT5DSE5KJk0a+8C4JUwHTBB49XEoVlJyMjwrIHOWIF6IVhjsrkoQ55KD93FQaUBkkuhFTqifFpOHgJBOQV15y1XQ1d9vaInWxIMNeDkOG1s7KHFUlNiZNunNQVjgvDOmNdTjggKOZfgDK/828QMe6kck0E/pL1JIHeGoOUbPvBrexLWnGR4sF7BxDfM0GD5zdAJ9BkXNyc2FuiHu6YE/gu+IjUruYMM4tTO+rxIHLz80ZPnhXXdQzw9p06DBhtEzOYeEyB5+AGeLHi58h41nsBqAL0JCMjIzQXLs8gETExOLi4ux4wu31NTU5OgM76UbsaeVrY+QZS8l6flRglyaMWaxFimkjvH7hSgaK3/FYlJ+rTFH7kuLu7eIZ4IJDw3vUwrAa7QSfKSjx8RcspFdUMJ+VttuWnAqNE/796PcVYB/XkIO+KO6C1SmR/snb+y/dN/33N3ma2pRf4oBvXKMiZl5Xl4eGNW4H4Mh1FcwJeDdDH4RApYzXi4XAMKOjIoiIvQAny/i7AEvLeXV3xaT/QALtY7L2Jb+doaD94uG9NQMob0AJPP1NHkdMQMMenQfH97ND9RhQGDgY26TDJoc3w4BtDcGq5U9oefAqRuTNy49eL/lKxAN+HNDdj6evRW8I8/QOJ1ngSceIyvu18MPWgTM40PzDAeZkB2QJVvJQD1OTk4pLCpydnZ99FgHpJuZmYU1kgSgfYRY75C0VNKMTiG3Qtp65h71nYwHEwfPQAHGZVfPEiKUwKxv+jsc46zIQRAeGjy6sub9UTMzM5lToB3f0ssoCcMHL3PXzN4LdlVV1z18FqB+wWj7TYu8wjJyhhIK2SGC7hTUJ2uch3eh6/RN1bV1W8Bx5nZe46A7RzHdqp70WqOAV5GRbJdXMkrKqziqRkrytN1CWuYfYxy4oif7bsuRs7aeReuaorg76aYWZg0d8KS1+QpAW9bOQKDe8EHQiPCVPbWawWWhWLZvlh+y8g6PS81xDo6Bz2Q9+eRLiurFDZsFqvDB962uqT9n5AIXgCHNnns6YuVR+CUibBYTLC9TM3NclLbiL3DgmAJIzaM6pKeoefxW+w1pqPrDZ6KooJGzu/24sNuYBWioCr7Sc1gi49FISdYPwwlZiqTbvp1SLkxqaGQCSg5yBlMUqjWOjCgpKcErSBOYv5cVkcPjIwdHBe0XiaYCibRjUNgsEfhOm8rVNXWP7PzBKeq/bP/ig/c4u37Qge9vkpIZwxgTlDZ4eIKCtB2x0LoQMb1ScCK9ERwbxJR+qThqTo+fl4Ae3n72gW9IdAN3IaampvcvIhPOPTCf+Me2BjB8aiqzRrUy/p81RK5NEViWVtZgUtXU1IaFvUpLQ66HuaUVno9EoCv79qeqpecUbr9hMWzl0S8W7+k2fZPwvtwo8B0uI47uvW9TVVMH3lVg5JsDD55+t/o4Cs9kEqhoFZRUgD5hDzMAhXup2oqVJ3VbfkVKTtwguLgZoxeKmfQthh+OXXjbSMQWaBilZ09UmujUx0e/B9E2717ZlJ+d0ac3IVQ2PfZsk34xUkyou0A/f7RJKTRz8Bk8KPxzDMCiRB0azfc+fdv19WeeuL2IbWo2cdQuGqIKzTwcYJeuIiafKW2+IlDl8FfUVPzXaTlwlQnLRIQC4QD3jiA7vwSZ7kI/J4nyapFv0JwOBn0U/iREKJYjZ2kcvSnSG8FozM/K+Por1OgCh34NFTdn/A/lD26UXTsnYYQ4ffg3+uK7LyRT39AIfEh4mNDYCfsaxOQz5L5OUT38yO7g/ac95277ZN6Okau5q9vIo7EmPH30Z86J1niI7uVnTx+FAmF/t4NAESdCPyeJxNKj795La0IPn3nXFG1MIAGl54+LWMhhUD8Jo4dZg/rZXzjDPJZ2EKQLf0UuhM+ZPsrj37FB095tfMK9Xsb3mLX1mM6zvr9yFy9tmT76aR/OidbYa+52uIo9ARwJWGqbWQKgdZcyIJ7hwv1otRCM47eNpLSwNI7cFFwjHtltn8YfrzBe+gUpJdC8ebUTNn7ccLrlxhU1zhu6DFlxhJqqCvYpnDX1CCX1c8sEcLC12CeECc41++KpajkFpZWVVbg/C2hkbCKTGgxAK5q3ZYmWrtMEHZbgbX8yfikhSNEcPrOwhOwhIdHUlDVyCCG/Vjh0gLHOY0ZIHSF7Mh9GI7z6k1hLOIA4GPcVPoOTSVjRPNYSDugf+xyb0AyraM3bc/uPY4/YB5/6oxXOEhMTdfUNiFkLHcd49XPod5mfk0x5Nd9wtJN4fUPjIq1j45ZtBnsYTSUdMUtcbe6r8Bf+IQloiI+R0uXFBOXsp76ekFP7CNWmVCgo+rEDZxGWrTfMkc0MR8RVBiU1fGGzgMfMJVJ8PBf1iShtujwKmm559U1XTdnvyOLmoTqQrrhul45AxI654gnmt+AyFgqKSo/dMpJTXvXxL3S1ZvlOf+4knSthFLSx8zlecfxjM0HsQwfpKLQeBmDWbs4ySid0HV68TvUIjRunehY9K2ExT0DrEQCaBfxZP85pBY3g6GT4MGzF4VFrUV/0ssMPOCbupI1g0QAqKyuDRc0A7iAsPMPQACfzcxI58I+DgstEobGpqbauXsfKdexSbTTRdNScOWoidrpj4111leh1ssQwV+5Ls/v3CDm1j8gfEdWdQM4LRUO/mmCv9F2yx9k/qqiskjMJFNi89HuzgIWWMtx4zgDa2k/mbHMMjM4pRF2mmpeNWxIoaxrQe2A1Nb2DYrXa29wOrDwpdd+Wgnpiuujt9wmAc19QXJbR2kp39aCfhaQojlmD5RyPHZLJvklAS2vOkiMYFp4v2epTbtl+PORTU1X3tqA0Ni3ntL4zcxYTXwgQCBhABGcN+O1ALi1XY7eQ2btvfrZgJ3ueP3A6vQ0W4GVYmPTdzm0CWiOT9YtiyePP3tW6VSw98lcsIqQogS//WCwTyxmzvFyE9cexn+kFlMZrnEM7649bi/QciuXgyE7EYqQAcJvYibrP3rr3rjU1pbmTk961mBMRIq9WXYNmKkD1DQkRrMojW6TnFkm54BK8f4JrOoymooL0rz4jpCiOKWNHEhLqCK2syRlcGB/MbFG/vebvuGvr+/26k58v3P34WQC5RCWm6OWEu3Yj09FanlHd0NSpXzRqOavCB8sLX2tn/6wztDTA82Uc23oUS2Utd6GRpfahysyQkKI4ZgwfpG/Yzk4rkSSCmTDQvqOsvoERK485B8eCVVFeUbPjlmVUYtYXi4VG00UuCA4QXtL/z+M6KFgef1XS9AlPYDfmfZu3j2tqQivP4s8yB1ryvPkXJbC3jCpx9lipNlCCptf22iVCQh2h8ARMAFiIH7KicFD3JHi9UOWmqo3dcNrrZTyawL2Ru6KNvJgl/QHU6OnspFD9zxg5t6hlJc3Mt8WcqB8lTSNX2ZvQwpikeaHV3o8u0zeVVnS0s6XG00Wa1cDB6/XcsZmQUEeo+0S/pBgt+0ggiPZlGI7ZcBr8GvaRIdBuEhqOu/8ZV8BCWtreLwLpB+AU1UMP7eoaGrvO4Cj9fsv24WvZC+10BqSJoJ69s6OmVv7y1t3frG/6B6it7bjZDEINDQ3F3b02TwXzrAhwqpMKf9Tq4/esfT6huyjEsufngotpcAQMIDbGAp0QkZj5Oi23rBJVDnK8AsjjB0WjkXDQ0tnZZACNDAFt/NC/jrAjAEVQUUM4Skt6NCTEZvT7nBAnycFyQWtW6Em3Z50E6hsaoRUvPL3osSP9N0kittIMT8hgDCBE+MzT7jlvu1tQ7Kes2QgcSt4YCyBiYVIlzRk7b8zcdbPLNLruTtq49MA91BI0J/h0/g7whuHaoqKi3Fyp/NH2oaqmDpw3yTLWbrb72oH8FUtJcQox7Nf5MnGKjExMG+rrDYyQGsBRHBjsVT/lfmVNYlDRQjs3jFujfsGImrBez/H5l0v2iHgU/b8TXNwMUsAA8hqGipq/H32YmJaXkl1A7KjmH/EGX5uWli4yHl8mgJeotKK6L9cdJzlxQ04h2ZErDRoL8ySM8iIOlouepdLWkXxxBAED8WeD5t1VAEwEqn1gJMcp5dF9F7SnEhidfP+pX3Z+yUezhOYMtLo5JYAaqcy5hscHa1l+06WQmJRlhx/U1jcMXyXUHCppgr2HL3d1c+ukfg8MqMe9WYsOCHPjebREeluRN0eFlCibg+VeK0+WYYcGm0709HBAVFQUswjCF9xQYuTLTNzwv/k7x244NW/3Lc1LRpdM3Mk9oqXdXvbjzziX0WOumpeMIbvJWhcqqmpRY6CiReww+6B5W4yampqCggIJkRIdR2Nj02dCixy3cPLGuNRcQVLp0FRckDlYfOfzYLkYnoKuUUfbXUw8VYlNvEocPDe8JyXglL4j2/cl+5nFUcoNogHU2AWcK3n83nSrDqdGrzkBqmP+3ttPnILYLTE1VTWP7toEayg1NS0rKzswCHVWdxKg1ZcT35E5hX9RkE4avHuX/eNIUqgMB8u9WjirrVvESqCzq+szB0f2ER9fFCdrbGom6Cx6945SYj3Yadr6zkGcNpGtuhlO+hNdKwQxAhZa5B/aAMXNl8sqqxfvvxv1JnOi5nm0ah7bxpumPWf3LcH19JKkHp5etmKsf5kAHgdv61XOS8ZQSfORPdp8XBrUhj4nhdpM8IiCVq+QrWY2MTOPi4uHD2FhaGLSY109UHh+/gFhYYKNYJS2XGE7/f2W7otMzASltfO2JQ66W3VSl4zOAUF89DG+nIBoAQPIjYQVNSy9wlKzCxYdvIc96w9nbl5/Vp89ykHRO9oKrqfR0NAA7TF7mqHMseOWpcj+6p50XFGroDfwFz2wn/11X59N6hI8IhAPETssDeEqU3q5nbj4ePjs4upWXl7OBE3Y+IQTFRTpZ3m1SVoXMt8WZxeULtp3x84ngp0Akdt7xYZ4Aff4lMgFBc6PXyf4qqjRe8FOee1LKBCAlebjOduEt5jDmxN0HnQdA0XImMdX3HRZkEI8yq6eI+SKmT2wr9veHSZW1jpP0NxtLJtHOihGqVmoBlHR0WnpaW2dt48JrhHYVlB9oQJA9WVmXH5AjPuydeRUNbULhmADsddcELDHp/hyYYgVMAC8Zk4u+MdQmAj/0VP/nnNQyMjGs/rduH1bP4qattvZeJPxFl44djEQeXzXF5L61xpSEkXO3s8YPsj28nk9elEjoIeXl66+AcgDLw0a/irC2cWV6XuXfsa+MLOysoqLi/FcFcDYDZxhwd4Ldo34q8VhQVvhqGgZOgktIDdxBb5cJCQKuGs3zhtEd2xZe4Z1n70VnqbmZZP5e+9Asqc+rzgdxcpal0zccA6dXXcJfLfmOFFgeAUl9G3lzVYmRAsmVcqPIw1YC4eCaC0srZKS0Np6wgA7oH01GBgSiiLrmI120H7t7JIraz62R3HwP6w7iW/qk7nbfcMSREziEtP6YkgSMEB4Q5alB+6Bg/ThjC0pWQXgkorcZbzL9E3ghsPlaalpAYHPvXx8a+lVpv8GHHlkT7Rh3WdtEVinXJRePiMclxM7TV6XO+fTyVn0THuM+vp6dmIpqadv6OWNwrlfvAjBQ4RRydnYsuGQx1fQvgT+AhoREDfWMmYeXRCxaEXAAGLbWfhV75doYutZA2fGP1PafJmYW951+ia8UF4UvdYOW6d1NrLelhDd8SpbrwrONaMxL5Pot8oa2M9nswbuqNLRe2JpZZ2Q8KaStVSkSICKghYUWmW4hC1CyWT8XdxbUFFVw/Z6EeFrc5wGmDW+rxIbm94demAn/BLgfCRACgF/M47ItNfc7Wi3LfrHvli0+zY9t8AxMJpYblxu2X5cc4JfvIDnBaZKRGRkp3aAMGhobDoMVXlqszZT1lK7wFlzKmfyT2zpZsp9YXP2NLhDoG8zMzNFDrxLBthKPr5+hCBFEt4G9pKOgG9ZDS2ivHpwTEpDQ2NCRt5PeKxXUeOkrmN/ofV1qIFjBVmIR+sCBlCT/iKzxoS3jMe/Zu454PcD1IT1FwxdiBmCM3egTS4BeKtruDewHsEleBUR2fG5TK0iLD592IojAo2toL7tpgU+Xqi5jlHOGQP7vl0ypzgnOz0zMy4+oSOdrHAtMSFPJIkw8unbr3Oqr7LWOQNnVHnoDawgwQC6P6fH7K24JW7h1DU4B8mQTsCffMHJmuag5Yf23bFBn5W1UNAQj2/j++pLYjEGFa01p/VwJiBa5iZBofn6+f09tfm0vhOyP+HpKGpsuWFR6+UKlpSg4g7qV3bpjCBdhwEtveQt24EgX/Yk29UndUmtO1VtxdFHAlkqa648qesZGkdYFQKy4nIkQCoBA6ghE4gf6LN073ULT+a1gkb3/TsUB0mOYSlpalxGw2HQXBlzt/4CL5C9HVqn4tdD98Fi+EpFLRsHbHzTP/vn0fVvOJv9dBxh4eHsGyRoYGhUVdWi/A8+eCpCclNUcwpKmacKZX4ZmyYi2bApglxag7QCBlCK3F0WePylB+8P/P0gmFefL9wFJhU0w6CiZ2671pXoHFfW4tMyBoCCIm7b0cm5oqICn+1UVJSVRw+k6+7QAUXb0No5skVKSqqEji0wQfCWuxhX2Dsg0eyJDUMVrefRKRl5xT1mbwNnpPfCXVNQuBJXOYPZS3URZNQa2iLg7r04P0NzosZ5vBDXNTMP1C0sr1ZZXXvHyoccAOFprzvzBOcjcp8+CytrL2+fInrN605C3vzptGbu35jDmVIsKxD6iWAma74vqrvsh0PvZuQdGjcOm1QqWpZeaPY3WM67bwsFHPK0qK7koK8EtEHAAOqroUK/hwrUbfomJN1p2vP23s4tLBN0UBOKhcdffABN9YS2ytmVs+wSph79mpuYmePdJ2SLoh3aGX16l105+64BzQmQOUAJibOw4KZyctCUeQzU7gqpXLTCr4oWWP4L9t1FT1JF69P5Oz6Zt510n4ADvhdkJB3aJmAAsQ0Ph5M25BeXH7hn+8exx1CVjzy0I+eQqWgxLmlo6EtxCg2OP7Wzl6EJVnLqSN4spYZU0b1RMkFdXR3eyoK4FziSm9syOI1sZq5V1XvBzjHrTnWFejJhPXDHTcuN5w2QM0KoZcyfFwsykhptFjBAOHwaEwyZpKx86pe1Fh6hj+wD9tyzGfan0EYvPO1Ra44XlqKwHrRvrp7YRgus7hSuv9g+VDtaVZobCr50MqChYd8CeNXMit4VVTXI3xWqkYsPoHmatfRco5LyquDYlHdN76C9EzG/UvyQkQS0S8DdPsAKmUMF9ejkbBOXF2Bqoe5T8VNOwMz+cObmqCQUgllTXY37QNjPBRMOvgwPz8jMzC8oYO/m8W9GULBgo1goPJgazKR41BMprGwxeaij7d5TP+qXdd/+deTXww/OGDrLLdsvIqBOVMBGq2iPgAHU5wPJn5+mjZxg6dczU9J8aCcYkxfXB4R1ODws8JuNjE1DX4aVFJeAsOvr68Hp+nvc6DYBWmIos76hEV4vBwONIgh1MRIcvfakL72KHTE018LecoLs2oh2ChiAlskjCtF2gg6vo9elKi0tY4tWSoJFlp3dYr/844B3z9nFlT228fMGaXdK/mrJ3qTMfNHLdvYZJsiu7Wi/gAHC3dTtILjR9v5oTyh4LpHR0cQ2Lq0S6jfu/rQQtXDJPwgbn3By9F4iP5i5uf8yURHBg8cLcmwXOiRgADHptJ1U1FDYfBlPaq6srMTb9hCClIYg679tXFIyFLdcEdH91A5+P1OQY3vRUQEDqB/mkMVqH3n843qC0e/8/HwHR6e2itnKxvZvDjEQBop4VdISO3zbJv44X5BpByADAQPIMNt2U4Xfc852+wDBLn65eXkOTs50IBQpS5GMio7BF/4jeBYYhaLVxVnLbeVPiwT5dgyyETCAGruQLGK7qaLVb+m+kNep2Fqprq52dHYBn1KkN8WmqblF502ckYDwhAw0j0gmOhlTFnUXQ2YCBhCbiXeUPKjN23zCEhqa1+2PiX1tZGIKTgghVzZBq4N6x+k7G41NTUHRySiURWSvU7s5uqPtLhuyFDAATD6yuJIpRVvVY862PfSOEwCo0+AER0ainUDEVWh4A3DiTsWeuzZElJJotlX2HbOZhSFjAQOoPt+ShRZJnvY41bOv03Knal9s/Smo8D+Ysfn7dSeZfcABVVVVGZmZ7h6ej3R0deidp4DZWdmgpfFGnZ0BS8+XP248jQIcpGhrp/IvZReUbjxrQBwXyw74u+IgewEDqN79yaILU6l5RLbpvYR+TZKKGh/O3DJ7983HzwLe0ZOSMcrKyjIyMsPDX7m4urm6ucs2jqCxsUnHIXDW7pvdZ20VDJRJQwV134hEsCJKK6vJUyLZ3r4qyegUAQOoD3tQ8s3TIESSx1+47050cvZvRx62x/JU0qQmbhiz/tT+B08dnke/LeKEbDbSEeodwdvicsegmP0PbFEw+qQNrfY1iiCPv/z446TMtyuOPyZPEZRf275+ZmnQWQLGaN20Fjcu1ibC05+8Ed6S+XtuXzZ19w5PiEnJBt1YUS1VBF1lTW12QUlMSo7vq8Qrph7z993uNm0TyrAdQiUIt9aqcmr7CGCb0LkCBqBte2RrZLZKMNzAYwFdCm/PFFX4/PWyAz+pneVtuaKyGZG3+covGucGLKMdG0gAMoDEMnRypCRPq62j9+1ApwsYQH3QXfQmtv8/U1mjTZE37cbfIWAM4bhMGXCy6g0LT3CXyeMdIRgEzaPd3WdvtfV+BTqcXGysgxw2RfqouQ7i7xMwgPq4NzV1LXm37aYK38ILeU3Efm4oQGzi+pYNSrDGJpoJECFoZiDbvpuqdtvGxz888dWbTOb4x7O3wU/svGXZkqwjnLpGynhmWeFvFTAGNfBH8rbbRd7Wa1uum5eUVx1+ZMc+PuTPw65BsWUV1Z/RU2nAZ918zeyKqfvwlccEaZQ09Ryf37L0dgyMWnWqeS8fJc3XKTkTNc6DzQwOehemB2byxrScwtC4NBlYElLMNJE5/gEBA9B+PkJrzLeJXaZpZ6C1aFVjkrPRfhTss8qad2x9yypqQDBYKmPWnkQxMc0ubFRS1lTtS2h9c0UUVSK4ahLagglEi46zDS5lrctm7gUlFW3wgIXZ2hzAzsM/I2AMZHwRC0VISZ52aFzqBM3zH87a4hQU4xuRyBGJooZLcKyyNpreP3f3LZDxkkP3zxgKlszuOn1TVU3dZRN31NEIepgRm4J6UhbqxI5IyFxy8B67G3LuHrT2yEesNX3bwIkrJM/f7Wz8kwLGQPH00DBLrwB5/Jk7bxx7/AyE5x7y+t279wkZeWgaHJNAXu1VQjr102r3EBRf3Wv+ju03LdAum80Jrpl64J8+qcfdpklR46alV31DI+RZX9/IxO5/vmg3JD54n4xWl0S4Hfm1ElZW+NvwzwsYA23tQ2w2L4Zyvx0oLq8SfOVpH9N1KKus4QT7TVGNTc4GlfsJvQ6LtXf4BWPXP7mbX/b9dS9eYvN1Wi7hAXeZvmn0upNwqiU8Sl4tPacot7CUSCmWoJb+0VrLxr9FwBioNo9QIp8Xmzz+sJVH5+++LVgFm8dfcxbNiEFmM5Nm0obEtDwkcp72LHr+anJG/rTt11oS4N4lJc3fjz5C1zZPedW+YkIpIk0A3hEcZ6Y7D/ztgIFz0Izt1/stlbiKIhAK32mdju3Dv0vAGCjuut9IavIq8vExBAVIq/Rec7f/eug+6NU1p/Razo5dhcwrLHIVPlhhkOcP608xCV7FpdMOktaPG05XVNcyXZKrTuk99Y/cdM3MJzxxBXefKNRUSxjZnLyS6v+d8DqR/wb8GwXMgPr4f9QIxdZdZ2XNloXgVLSWH30EJtX0rdfwS/DhzC2QFXtHETO3UDvfiGtmHq7BsSNWNftO4FDN2Mzbfk1l2zWwrvG1rRBaWaiy3PWZ/234VwuYAeohGTWdmiK+TguzWUJoisDEDRyBQXWE+g1km2bSE4oBhfl7+yvajf+GgNmg+o6gJvxOKakyHYqdTp4WpaRGTfiD2W3qP4T/noDZQGtLDFdoZeC53ZRfjzKn9/D87+K/LWAGVJcuaDtz8LVA5HKjUdM4bimSECEzkYRkPy9Bl8CFn3yJMoGsunQVZP2fxvv3/wez/NW0KStTvQAAAABJRU5ErkJggg==
// @match https://cert.ssi.gouv.fr/avis/*
// @match https://www.cert.ssi.gouv.fr/avis/*
// @connect cyberwatch.internet.np
// @connect cvedetails.com
// @connect vuldb.com
// @connect api.sourceclear.com
// @connect cve.circl.lu
// @connect nvd.nist.gov
// @connect msrc.microsoft.com
// @require https://code.jquery.com/jquery-3.1.0.min.js
// @grant GM.xmlHttpRequest
// @grant GM_setValue
// @grant GM_getValue
// @grant GM_listValues
// ==/UserScript==
(function() {
'use strict';
var scriptVersion = "3.07.01"; // doit être modifiée manuellement en cas de changement majeur du contenu ; si ce n'est que fonctionnel alors inutile de le changer
// "3.07.01" : ajout des métadonnées du site NVD (date de publication, date de modification NVD et source de la publication)
// https://greasyforks.org/scripts/372105-cert-fr/code/CERT-FR.user.js
// < PROBLEMES
// PROBLEMES />
// < FONCTIONS
// < FONCTIONS\CVSS
// < FONCTIONS\CVSS\officielles
var vectorKeysOrdered_v2 = ['AV','AC','Au','C','I','A','E','RL','RC'];
var vectorKeysOrdered_v3 = ['AV','AC','PR','UI','S','C','I','A','E','RL','RC'];
var CVSS31 = {};
garnir_CVSS31();
function garnir_CVSS31() {
CVSS31.CVSSVersionIdentifier = "CVSS:3.1";
CVSS31.exploitabilityCoefficient = 8.22;
CVSS31.scopeCoefficient = 1.08;
// A regular expression to validate that a CVSS 3.1 vector string is well formed. It checks metrics and metric
// values. It does not check that a metric is specified more than once and it does not check that all base
// metrics are present. These checks need to be performed separately.
CVSS31.vectorStringRegex_31 = /^CVSS:3\.1\/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])\/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$/;
// Associative arrays mapping each metric value to the constant defined in the CVSS scoring formula in the CVSS v3.1
// specification.
CVSS31.Weight = {
AV: { N: 0.85, A: 0.62, L: 0.55, P: 0.2},
AC: { H: 0.44, L: 0.77},
PR: { U: {N: 0.85, L: 0.62, H: 0.27}, // These values are used if Scope is Unchanged
C: {N: 0.85, L: 0.68, H: 0.5}}, // These values are used if Scope is Changed
UI: { N: 0.85, R: 0.62},
S: { U: 6.42, C: 7.52}, // Note: not defined as constants in specification
CIA: { N: 0, L: 0.22, H: 0.56}, // C, I and A have the same weights
E: { X: 1, U: 0.91, P: 0.94, F: 0.97, H: 1},
RL: { X: 1, O: 0.95, T: 0.96, W: 0.97, U: 1},
RC: { X: 1, U: 0.92, R: 0.96, C: 1},
CIAR: { X: 1, L: 0.5, M: 1, H: 1.5} // CR, IR and AR have the same weights
};
// Severity rating bands, as defined in the CVSS v3.1 specification.
CVSS31.severityRatings = [ { name: "None", bottom: 0.0, top: 0.0},
{ name: "Low", bottom: 0.1, top: 3.9},
{ name: "Medium", bottom: 4.0, top: 6.9},
{ name: "High", bottom: 7.0, top: 8.9},
{ name: "Critical", bottom: 9.0, top: 10.0} ];
/* ** CVSS31.roundUp1 **
*
* Rounds up its parameter to 1 decimal place and returns the result.
*
* Standard JavaScript errors thrown when arithmetic operations are performed on non-numbers will be returned if the
* given input is not a number.
*
* Implementation note: Tiny representation errors in floating point numbers makes rounding complex. For example,
* consider calculating Math.ceil((1-0.58)*100) by hand. It can be simplified to Math.ceil(0.42*100), then
* Math.ceil(42), and finally 42. Most JavaScript implementations give 43. The problem is that, on many systems,
* 1-0.58 = 0.42000000000000004, and the tiny error is enough to push ceil up to the next integer. The implementation
* below avoids such problems by performing the rounding using integers. The input is first multiplied by 100,000
* and rounded to the nearest integer to consider 6 decimal places of accuracy, so 0.000001 results in 0.0, but
* 0.000009 results in 0.1.
*
* A more elegant solution may be possible, but the following gives answers consistent with results from an arbitrary
* precision library.
*/
CVSS31.roundUp1 = function Roundup (input) {
var int_input = Math.round(input * 100000);
if (int_input % 10000 === 0) {
return int_input / 100000;
} else {
return (Math.floor(int_input / 10000) + 1) / 10;
}
};
/* ** CVSS31.severityRating **
*
* Given a CVSS score, returns the name of the severity rating as defined in the CVSS standard.
* The input needs to be a number between 0.0 to 10.0, to one decimal place of precision.
*
* The following error values may be returned instead of a severity rating name:
* NaN (JavaScript "Not a Number") - if the input is not a number.
* undefined - if the input is a number that is not within the range of any defined severity rating.
*/
CVSS31.severityRating = function (score) {
var severityRatingLength = CVSS31.severityRatings.length;
var validatedScore = Number(score);
if (isNaN(validatedScore)) {
return validatedScore;
}
for (var i = 0; i < severityRatingLength; i++) {
if (score >= CVSS31.severityRatings[i].bottom && score <= CVSS31.severityRatings[i].top) {
return CVSS31.severityRatings[i].name;
}
}
return undefined;
};
}
// FONCTIONS\CVSS\officielles />
// < FONCTIONS\CVSS\internes
let big_data_select_v2_v3=[
{select_id: "AccessVectorVar", short: "AV", mandatory: true, correspondances: {"L":"L", "A":"A", "N":"N", "P":"P"}},
{select_id: "AccessComplexityVar", short: "AC", mandatory: true, correspondances: {"H":"H", "M":"M", "L":"L"}},
{select_id: "AuthenticationVar", short: "Au", mandatory: true, correspondances: {"M":"M", "S":"S", "N":"N"}},
{select_id: "ConfImpactVar", short: "C", mandatory: true, correspondances: {"N":"N", "P":"P", "L":"P", "C":"C", "H":"C"}},
{select_id: "IntegImpactVar", short: "I", mandatory: true, correspondances: {"N":"N", "P":"P", "L":"P", "C":"C", "H":"C"}},
{select_id: "AvailImpactVar", short: "A", mandatory: true, correspondances: {"N":"N", "P":"P", "L":"P", "C":"C", "H":"C"}},
{select_id: "ExploitabilityVar", short: "E", mandatory: false, correspondances: {"ND":"ND", "X":"ND", "U":"U", "POC":"POC", "P":"POC", "F":"F", "H":"H"}},
{select_id: "RemediationLevelVar", short: "RL", mandatory: false, correspondances: {"ND":"ND", "X":"ND","OF":"OF", "O":"OF", "TF":"TF", "T":"T", "W":"W", "U":"U"}},
{select_id: "ReportConfidenceVar", short: "RC", mandatory: false, correspondances: {"ND":"ND", "X":"ND","UC":"UC", "U":"UC", "UR":"UR", "R":"UR", "C":"C"}},
{select_id: "PrivilegeRequiredVar", short: "PR", mandatory: true, correspondances: {"N":"N", "L":"L", "H":"H"}},
{select_id: "UserInteractionVar", short: "UI", mandatory: true, correspondances: {"N":"N", "R":"R"}},
{select_id: "ScopeVar", short: "S", mandatory: true, correspondances: {"U":"U", "C":"C"}}
];
function getScroreV2(dict_vecteur){
var key,i;
//console.log("update_v2 : lock_v2 = "+document.getElementById('lock_v2').checked);
var val_temp, accessvector, accesscomplexity, accessauthentication, confimpact, integimpact, availimpact, exploitability, remediationlevel, reportconfidence;
var impact, exploit, fimpact=0, basescore=undefined, temporalscore;
var vecteur = "";
var svg_id = "sous-titre-chart_v2";
var svg_img_id = "img_svg_v2";
var png_img_id = "img_png_v2";
var sous_tritre_val = 0;
switch(dict_vecteur["AV"]){
case "L":
val_temp = 0.395;
break;
case "A":
val_temp = 0.646;
break;
case "N":
val_temp = 1;
break;
default:
val_temp = -1;
break;
}
accessvector = val_temp;
switch(dict_vecteur["AC"]){
case "H":
val_temp = 0.35;
break;
case "M":
val_temp = 0.61;
break;
case "L":
val_temp = 0.71;
break;
default:
val_temp = -1;
break;
}
accesscomplexity = val_temp;
switch(dict_vecteur["Au"]){
case "M":
val_temp = 0.45;
break;
case "S":
val_temp = 0.56;
break;
case "N":
val_temp = 0.704;
break;
default:
val_temp = -1;
break;
}
accessauthentication = val_temp;
switch(dict_vecteur["C"]){
case "N":
val_temp = 0;
break;
case "P":
val_temp = 0.275;
break;
case "C":
val_temp = 0.66;
break;
default:
val_temp = -1;
break;
}
confimpact = val_temp;
switch(dict_vecteur["I"]){
case "N":
val_temp = 0;
break;
case "P":
val_temp = 0.275;
break;
case "C":
val_temp = 0.66;
break;
default:
val_temp = -1;
break;
}
integimpact = val_temp;
switch(dict_vecteur["A"]){
case "N":
val_temp = 0;
break;
case "P":
val_temp = 0.275;
break;
case "C":
val_temp = 0.66;
break;
default:
val_temp = -1;
break;
}
availimpact = val_temp;
switch(dict_vecteur["E"]){
case "U":
val_temp = 0.85;
break;
case "POC":
val_temp = 0.9;
break;
case "F":
val_temp = 0.95;
break;
case "H":
val_temp = 1;
break;
default:
val_temp = 1;
break;
}
exploitability = val_temp;
switch(dict_vecteur["RL"]){
case "OF":
val_temp = 0.87;
break;
case "TF":
val_temp = 0.9;
break;
case "W":
val_temp = 0.95;
break;
case "U":
val_temp = 1;
break;
default:
val_temp = 1;
break;
}
remediationlevel = val_temp;
switch(dict_vecteur["RC"]){
case "UC":
val_temp = 0.9;
break;
case "UR":
val_temp = 0.95;
break;
case "C":
val_temp = 1;
break;
default:
val_temp = 1;
break;
}
reportconfidence = val_temp;
// Calcul du score de base
if((confimpact != -1)&&(integimpact != -1)&&(availimpact != -1)&&
(accessvector != -1)&&(accesscomplexity != -1)&&(accessauthentication != -1)) {
impact = 10.41 * ( 1 - ( 1 - confimpact ) * ( 1 - integimpact ) * ( 1 - availimpact ));
exploit = 20 * accessvector * accesscomplexity * accessauthentication;
if (impact != 0) {
fimpact = 1.176;
}
basescore = ( ( ( 0.6 * impact ) + ( 0.4 * exploit ) - 1.5 ) * fimpact );
basescore = Math.round( basescore * 10 ) / 10;
// Calcul du score temporel
temporalscore = basescore * exploitability * remediationlevel * reportconfidence;
temporalscore = Math.round( temporalscore * 10 ) / 10;
}
if(!(typeof basescore === "undefined")){
//for (var key in dict_vecteur) { //ordre alphabetique
for (i=0;i<vectorKeysOrdered_v2.length;i++) {
key = vectorKeysOrdered_v2[i];
vecteur =vecteur + key+":"+dict_vecteur[key]+"/";
}
vecteur = vecteur.substring(-1);
if(basescore>=9) {
sous_tritre_val = 4;
}else if(basescore>=7) {
sous_tritre_val = 3;
}else if(basescore>=3) {
sous_tritre_val = 2;
}else if(basescore>=0) {
sous_tritre_val = 1;
}
//change_color(sous_tritre_val,svg_id);
set_img_png_src(sous_tritre_val,png_img_id);
//svg_to_img(svg_id, svg_img_id);
}else{
basescore = undefined;
temporalscore = undefined;
vecteur = undefined;
//change_color(0,svg_id);
set_img_png_src(0,png_img_id);
//svg_to_img(svg_id, svg_img_id); //creer l'image svg
}
return basescore;
}
function getScroreV3(dict_vecteur){
var key,i;
var vecteur = "";
var svg_id = "sous-titre-chart_v3";
var svg_img_id = "img_svg_v3";
var png_img_id = "img_png_v3";
var sous_tritre_val = 0;
var temporalScore = undefined, baseScore = undefined;
// variables contenant les valeurs
var AV = dict_vecteur["AV"] || "";
var AC = dict_vecteur["AC"] || "";
var PR = dict_vecteur["PR"] || "";
var UI = dict_vecteur["UI"] || "";
var S = dict_vecteur["S"] || "";
var C = dict_vecteur["C"] || "";
var I = dict_vecteur["I"] || "";
var A = dict_vecteur["A"] || "";
var E = dict_vecteur["E"] || "X";
var RL = dict_vecteur["RL"] || "X";
var RC = dict_vecteur["RC"] || "X";
//console.log("update_v3 1 ");
//console.log([AV,AC, PR, UI, S, C, I, A, E, RL, RC]);
// console.log(dict_vecteur);
// console.log(A+"/"+AC+"/"+AV+"/"+C+"/"+E+"/"+I+"/"+PR+"/"+RC+"/"+RL+"/"+S+"/"+UI);
if (!([AV,AC, PR, UI, S, C, I, A, E, RL, RC].includes('')) ) {
// GATHER WEIGHTS FOR ALL METRICS
var metricWeightAV = CVSS31.Weight.AV [AV];
var metricWeightAC = CVSS31.Weight.AC [AC];
var metricWeightPR = CVSS31.Weight.PR [S][PR]; // PR depends on the value of Scope (S).
var metricWeightUI = CVSS31.Weight.UI [UI];
var metricWeightS = CVSS31.Weight.S [S];
var metricWeightC = CVSS31.Weight.CIA [C];
var metricWeightI = CVSS31.Weight.CIA [I];
var metricWeightA = CVSS31.Weight.CIA [A];
var metricWeightE = CVSS31.Weight.E [E];
var metricWeightRL = CVSS31.Weight.RL [RL];
var metricWeightRC = CVSS31.Weight.RC [RC];
// CALCULATE THE CVSS BASE SCORE
var iss; /* Impact Sub-Score */
var impact;
var exploitability;
iss = (1 - ((1 - metricWeightC) * (1 - metricWeightI) * (1 - metricWeightA)));
if (S === 'U') {
impact = metricWeightS * iss;
} else {
impact = metricWeightS * (iss - 0.029) - 3.25 * Math.pow(iss - 0.02, 15);
}
exploitability = CVSS31.exploitabilityCoefficient * metricWeightAV * metricWeightAC * metricWeightPR * metricWeightUI;
if (impact <= 0) {
baseScore = 0;
} else {
if (S === 'U') {
baseScore = CVSS31.roundUp1(Math.min((exploitability + impact), 10));
} else {
baseScore = CVSS31.roundUp1(Math.min(CVSS31.scopeCoefficient * (exploitability + impact), 10));
}
}
// CALCULATE THE CVSS TEMPORAL SCORE
temporalScore = CVSS31.roundUp1(baseScore * metricWeightE * metricWeightRL * metricWeightRC);
}
if(!(typeof baseScore === "undefined")){
//for (var key in dict_vecteur) { //ordre alphabetique
for (i=0;i<vectorKeysOrdered_v3.length;i++) {
key = vectorKeysOrdered_v3[i];
vecteur =vecteur + key+":"+dict_vecteur[key]+"/";
}
vecteur = vecteur.substring(-1);
if(baseScore>=9) {
sous_tritre_val = 4;
}else if(baseScore>=7) {
sous_tritre_val = 3;
}else if(baseScore>=3) {
sous_tritre_val = 2;
}else if(baseScore>=0) {
sous_tritre_val = 1;
}
}else{
baseScore = undefined;
temporalScore = undefined;
vecteur = undefined;
}
return baseScore;
}
function update_v3(dict_vecteur){
var key,i;
if(document.getElementById('lock_v3').checked) {return 0;}
var vecteur = "";
var svg_id = "sous-titre-chart_v3";
var svg_img_id = "img_svg_v3";
var png_img_id = "img_png_v3";
var sous_tritre_val = 0;
var temporalScore = undefined, baseScore = undefined;
// variables contenant les valeurs
var AV = dict_vecteur["AV"] || "";
var AC = dict_vecteur["AC"] || "";
var PR = dict_vecteur["PR"] || "";
var UI = dict_vecteur["UI"] || "";
var S = dict_vecteur["S"] || "";
var C = dict_vecteur["C"] || "";
var I = dict_vecteur["I"] || "";
var A = dict_vecteur["A"] || "";
var E = dict_vecteur["E"] || "X";
var RL = dict_vecteur["RL"] || "X";
var RC = dict_vecteur["RC"] || "X";
//console.log("update_v3 1 ");
//console.log([AV,AC, PR, UI, S, C, I, A, E, RL, RC]);
if (!([AV,AC, PR, UI, S, C, I, A, E, RL, RC].includes(''))) {
// GATHER WEIGHTS FOR ALL METRICS
var metricWeightAV = CVSS31.Weight.AV [AV];
var metricWeightAC = CVSS31.Weight.AC [AC];
var metricWeightPR = CVSS31.Weight.PR [S][PR]; // PR depends on the value of Scope (S).
var metricWeightUI = CVSS31.Weight.UI [UI];
var metricWeightS = CVSS31.Weight.S [S];
var metricWeightC = CVSS31.Weight.CIA [C];
var metricWeightI = CVSS31.Weight.CIA [I];
var metricWeightA = CVSS31.Weight.CIA [A];
var metricWeightE = CVSS31.Weight.E [E];
var metricWeightRL = CVSS31.Weight.RL [RL];
var metricWeightRC = CVSS31.Weight.RC [RC];
// CALCULATE THE CVSS BASE SCORE
var iss; /* Impact Sub-Score */
var impact;
var exploitability;
iss = (1 - ((1 - metricWeightC) * (1 - metricWeightI) * (1 - metricWeightA)));
if (S === 'U') {
impact = metricWeightS * iss;
} else {
impact = metricWeightS * (iss - 0.029) - 3.25 * Math.pow(iss - 0.02, 15);
}
exploitability = CVSS31.exploitabilityCoefficient * metricWeightAV * metricWeightAC * metricWeightPR * metricWeightUI;
if (impact <= 0) {
baseScore = 0;
} else {
if (S === 'U') {
baseScore = CVSS31.roundUp1(Math.min((exploitability + impact), 10));
} else {
baseScore = CVSS31.roundUp1(Math.min(CVSS31.scopeCoefficient * (exploitability + impact), 10));
}
}
// CALCULATE THE CVSS TEMPORAL SCORE
temporalScore = CVSS31.roundUp1(baseScore * metricWeightE * metricWeightRL * metricWeightRC);
}
if(!(typeof baseScore === "undefined")){
//for (var key in dict_vecteur) { //ordre alphabetique
for (i=0;i<vectorKeysOrdered_v3.length;i++) {
key = vectorKeysOrdered_v3[i];
vecteur =vecteur + key+":"+dict_vecteur[key]+"/";
}
vecteur = vecteur.substring(-1);
if(baseScore>=9) {
sous_tritre_val = 4;
}else if(baseScore>=7) {
sous_tritre_val = 3;
}else if(baseScore>=3) {
sous_tritre_val = 2;
}else if(baseScore>=0) {
sous_tritre_val = 1;
}
//change_color(sous_tritre_val,svg_id);
set_img_png_src(sous_tritre_val,png_img_id);
//svg_to_img(svg_id, svg_img_id);
}else{
baseScore = undefined;
temporalScore = undefined;
vecteur = undefined;
//change_color(0,svg_id);
set_img_png_src(0,png_img_id);
//svg_to_img(svg_id, svg_img_id); //creer l'image svg
}
document.getElementById("display_score_base_v3").innerText = baseScore;
document.getElementById("display_score_temp_v3").innerText = temporalScore;
document.getElementById("link_vecteur_v3").innerText = vecteur;
// modifier l'image png
}
function update_v2(dict_vecteur){
var key,i;
//console.log("update_v2 : lock_v2 = "+document.getElementById('lock_v2').checked);
if(document.getElementById('lock_v2').checked) {return 0;}
var val_temp, accessvector, accesscomplexity, accessauthentication, confimpact, integimpact, availimpact, exploitability, remediationlevel, reportconfidence;
var impact, exploit, fimpact=0, basescore=undefined, temporalscore;
var vecteur = "";
var svg_id = "sous-titre-chart_v2";
var svg_img_id = "img_svg_v2";
var png_img_id = "img_png_v2";
var sous_tritre_val = 0;
switch(dict_vecteur["AV"]){
case "L":
val_temp = 0.395;
break;
case "A":
val_temp = 0.646;
break;
case "N":
val_temp = 1;
break;
default:
val_temp = -1;
break;
}
accessvector = val_temp;
switch(dict_vecteur["AC"]){
case "H":
val_temp = 0.35;
break;
case "M":
val_temp = 0.61;
break;
case "L":
val_temp = 0.71;
break;
default:
val_temp = -1;
break;
}
accesscomplexity = val_temp;
switch(dict_vecteur["Au"]){
case "M":
val_temp = 0.45;
break;
case "S":
val_temp = 0.56;
break;
case "N":
val_temp = 0.704;
break;
default:
val_temp = -1;
break;
}
accessauthentication = val_temp;
switch(dict_vecteur["C"]){
case "N":
val_temp = 0;
break;
case "P":
val_temp = 0.275;
break;
case "C":
val_temp = 0.66;
break;
default:
val_temp = -1;
break;
}
confimpact = val_temp;
switch(dict_vecteur["I"]){
case "N":
val_temp = 0;
break;
case "P":
val_temp = 0.275;
break;
case "C":
val_temp = 0.66;
break;
default:
val_temp = -1;
break;
}
integimpact = val_temp;
switch(dict_vecteur["A"]){
case "N":
val_temp = 0;
break;
case "P":
val_temp = 0.275;
break;
case "C":
val_temp = 0.66;
break;
default:
val_temp = -1;
break;
}
availimpact = val_temp;
switch(dict_vecteur["E"]){
case "U":
val_temp = 0.85;
break;
case "POC":
val_temp = 0.9;
break;
case "F":
val_temp = 0.95;
break;
case "H":
val_temp = 1;
break;
default:
val_temp = 1;
break;
}
exploitability = val_temp;
switch(dict_vecteur["RL"]){
case "OF":
val_temp = 0.87;
break;
case "TF":
val_temp = 0.9;
break;
case "W":
val_temp = 0.95;
break;
case "U":
val_temp = 1;
break;
default:
val_temp = 1;
break;
}
remediationlevel = val_temp;
switch(dict_vecteur["RC"]){
case "UC":
val_temp = 0.9;
break;
case "UR":
val_temp = 0.95;
break;
case "C":
val_temp = 1;
break;
default:
val_temp = 1;
break;
}
reportconfidence = val_temp;
// Calcul du score de base
if((confimpact != -1)&&(integimpact != -1)&&(availimpact != -1)&&
(accessvector != -1)&&(accesscomplexity != -1)&&(accessauthentication != -1)) {
impact = 10.41 * ( 1 - ( 1 - confimpact ) * ( 1 - integimpact ) * ( 1 - availimpact ));
exploit = 20 * accessvector * accesscomplexity * accessauthentication;
if (impact != 0) {
fimpact = 1.176;
}
basescore = ( ( ( 0.6 * impact ) + ( 0.4 * exploit ) - 1.5 ) * fimpact );
basescore = Math.round( basescore * 10 ) / 10;
// Calcul du score temporel
temporalscore = basescore * exploitability * remediationlevel * reportconfidence;
temporalscore = Math.round( temporalscore * 10 ) / 10;
}
if(!(typeof basescore === "undefined")){
//for (var key in dict_vecteur) { //ordre alphabetique
for (i=0;i<vectorKeysOrdered_v2.length;i++) {
key = vectorKeysOrdered_v2[i];
vecteur =vecteur + key+":"+dict_vecteur[key]+"/";
}
vecteur = vecteur.substring(-1);
if(basescore>=9) {
sous_tritre_val = 4;
}else if(basescore>=7) {
sous_tritre_val = 3;
}else if(basescore>=3) {
sous_tritre_val = 2;
}else if(basescore>=0) {
sous_tritre_val = 1;
}
//change_color(sous_tritre_val,svg_id);
set_img_png_src(sous_tritre_val,png_img_id);
//svg_to_img(svg_id, svg_img_id);
}else{
basescore = undefined;
temporalscore = undefined;
vecteur = undefined;
//change_color(0,svg_id);
set_img_png_src(0,png_img_id);
//svg_to_img(svg_id, svg_img_id); //creer l'image svg
}
document.getElementById("display_score_base_v2").innerText = basescore;
document.getElementById("display_score_temp_v2").innerText = temporalscore;
document.getElementById("link_vecteur_v2").innerText = vecteur;
//console.log("update_v2 : "+vecteur);
// modifier l'image png
}
function vectorString_To_VectorList(str){
var vecteur = update_options(str, true);
// console.log("vectorV2String_To_VectorV2List => input : "+str);
// console.log(vecteur);
return vecteur;
}
function computeCVSS(){
//console.log("computeCVSS");
var vector_v2={}, vector_v3={}, value_v2_v3, value_splitted_v2_v3, value_split_short_val, value_short_val;
for(var i=0;i<big_data_select_v2_v3.length;i++){
value_v2_v3 = document.getElementById(big_data_select_v2_v3[i]["select_id"]).value; // ex v2=A:/v3=A:N
value_splitted_v2_v3 = value_v2_v3.split('/'); // ex v2=A: et v3=A:N
if(Array.isArray(value_splitted_v2_v3)) {
if(value_splitted_v2_v3.length>0) {
value_split_short_val = value_splitted_v2_v3[0].split("="); // v2 et A:
if(Array.isArray(value_split_short_val)) {
if(value_split_short_val.length>1) {
value_short_val = value_split_short_val[1].split(":"); // A et ""
if(Array.isArray(value_short_val)) {
if(value_short_val.length>1) {
vector_v2[value_short_val[0]] = value_short_val[1];
}
}
}
}
value_split_short_val = value_splitted_v2_v3[1].split("="); // v3 et A:N
if(Array.isArray(value_split_short_val)) {
if(value_split_short_val.length>1) {
value_short_val = value_split_short_val[1].split(":"); // A et N
if(Array.isArray(value_short_val)) {
if(value_short_val.length>1) {
vector_v3[value_short_val[0]] = value_short_val[1];
}
}
}
}
}
}
}
// console.log(vector_v2);
//console.log("v3");
//console.log(vector_v3);
update_v2(vector_v2);
update_v3(vector_v3);
}
function reset_cvss_options() {
var i, select_id;
//console.log("size array ("+(big_data_select_v2_v3.length)+")");
for(i=0 ; i<(big_data_select_v2_v3.length);i++) {
select_id = (big_data_select_v2_v3[i])['select_id'];
document.getElementById(select_id).getElementsByTagName('option')[0].selected='selected';
//console.log("reset ID ("+select_id+")");
}
computeCVSS();
}
let array_exclude_char=['(',')','[',']','{','}',/s/g,'>','-','_','<',' ']; // sera remplacé par le delimiteur";
function update_options(input="", getVecteur=false){
if (! (typeof input === 'string') || input === ''){
input = document.getElementById('input_text_cvss').value;
}
// console.log("update_options : "+input);
//console.log("update_options : "+document.getElementById('lock_v2').checked);
var delim = document.getElementById('input_text_cvss_delimiter').value;
var op = document.getElementById('input_text_cvss_operateur').value;
var i,j, key,val,entry, select_id, option, select_obj, options;
var vecteur = {};
if(! getVecteur) {reset_cvss_options();}
// nettoyage de l'input
//console.log ("input avant : "+input);
for(i=0;i<array_exclude_char.length;i++){
//if(delim !==array_exclude_char[i] && op !==array_exclude_char[i]) {input=input.replaceAll(array_exclude_char[i],delim);}
if(delim !==array_exclude_char[i] && op !==array_exclude_char[i]) {
// replaceAll !!! AV : A => AV/:/A
while(input != input.replace(array_exclude_char[i],delim)) {
input=input.replace(array_exclude_char[i],delim);
}
}
}
//console.log ("input apres : "+input);
const A1_cvss_entries = input.split(delim);
for (i=0;i<A1_cvss_entries.length;i++) {
//console.log ("test : "+A1_cvss_entries[i]);
entry = A1_cvss_entries[i];
if (entry.split(op).length == 2) {
key = entry.split(op)[0];
val = entry.split(op)[1];
// is the key OK then get option value
for(j=0 ; j<(big_data_select_v2_v3.length);j++) {
//console.log(key+" => "+val);
if((big_data_select_v2_v3[j])['short'] === key) {
// console.log("apres "+key+" trouvé val => "+val);
vecteur[key] = val;
if(! getVecteur) {
select_id = (big_data_select_v2_v3[j])['select_id'];
val = ((big_data_select_v2_v3[j])['correspondances'])[val];
select_obj = document.getElementById(select_id);
options = Array.from(select_obj.options);
option = options.find(item => item.text === val);
option.selected = true;
}
}
}
}
}
if(! getVecteur){
computeCVSS();
}else{
return vecteur;
}
}
function scoreString_to_float(str, defaultValue=-1){
var output=defaultValue;
try {
str=(str==""?defaultValue:str);
output = +(str);
if(!output && output!=0){
output=defaultValue;
}
}catch{
}
return output;
}
function getStorageScore_if_ActualScoreIsUnkown(cveID, actualScore, storageType="CVEv2") {
var maxScore = actualScore;
var avi, vecteurFromStorage, scoreFromStorage
if(actualScore<=0){ // pas de score V2 pour cette CVE (NA ou vide) ; on vérifie si il existe une version dans le stockage
avi = getCVSS_fromStorage(cveID, storageType);
if(avi) {
if(storageType=="CVEv3") {vecteurFromStorage = getVecteurV2fromStorageAVI(avi);}
else {vecteurFromStorage = getVecteurV3fromStorageAVI(avi);}
scoreFromStorage = getScroreV2(vectorString_To_VectorList(vecteurFromStorage));
maxScore = scoreFromStorage;
}
}
return maxScore;
}
// FONCTIONS\CVSS\internes />
// < FONCTIONS\CVSS\externes
// < TO DO
function getCyberwatchScore(cve_id) {
var url = "https://cyberwatch.internet.np/cve_announcements/"+cve_id;
return 0;
// a completer ou utiliser l'API
GM.xmlHttpRequest({
method: "GET",
url: url,
onload: function(response) {
console.log("getCyberwatchScore onload");
console.log(response.responseText);
}
});
}
// TO DO />
function get_MS_score(cve_id) {
var url = "https://msrc.microsoft.com/update-guide/vulnerability/"+cve_id+"";
// verifier les flux xhr
GM.XMLHttpRequest.responseXML({
method: "GET",
url: url,
onload: function(response) {
var el = document.createElement( 'html' );
el.innerHTML = response.responseText;
var score = el.getElementsByClassName('root-204');
//console.log(response.responseText);
}
});
}
function get_vuldb(id) {
GM.xmlHttpRequest({
method: "POST",
url: "https://vuldb.com/?search",
data: "search="+id,
headers: {
"Content-Type": "application/x-www-form-urlencoded"
},
onload: function(response) {
var vul_html = response.responseText;
var res = vul_html.match(/VulDB \[.{1,3}\]/m);
if (res != null) {
$('#'+id+'_vuldb').before('<span style="padding-left: 30px;">'+res+'(V3)</span>');
}
}
});
}
function get_sourceclear(id) {
var url_sourceclear = "https://api.sourceclear.com/catalog/search?q="+id+"%20type%3Avulnerability";
GM.xmlHttpRequest({
method: "GET",
url: url_sourceclear,
onload: function(response) {
var veracode = JSON.parse(response.responseText);
if (veracode['metadata']['hits'] == 0) {
document.getElementById(id+'_sourceclear').style.display = "none";
}
}
});
}
function get_circl(id) {
var url_circl = "https://cve.circl.lu/cve/"+id;
GM.xmlHttpRequest({
method: "GET",
url: url_circl,
onload: function(response) {
var circl = response.responseText;
// if (circl.includes("This CVE does not exist")) {
if (circl.indexOf('This CVE does not exist') !== -1) {
document.getElementById(id+'_circl').style.display = "none";
}
}
});
}
var compteurCVEloaded = 0;
var compteurCVEtoLoad = 0;
var compteur403 = 0;
var nombre403max = 50;
function get_NVD(id, intervalAnimation="") {
var url_NVD = "https://nvd.nist.gov/vuln/detail/"+id;
// declaration de variables NVD
var class_baseScores = 'severityDetail';
var class_NVD_vector_v3 = 'tooltipCvss3NistMetrics';
var class_NVD_vector_v2 = 'tooltipCvss2NistMetrics';
var class_CNA_vector_v3 = 'tooltipCvss3CnaMetrics';
var tempBS, tempBS_NVD, tempBS_CNA;
var nvd_return = new Map();
nvd_return.set("score",0);
nvd_return.set("cartouche","");
nvd_return.set("v2_BaseScore","");
nvd_return.set("v2_Vector","");
nvd_return.set("v3_BaseScore","");
nvd_return.set("v3_Vector","");
nvd_return.set("v3_CNA_BaseScore","");
nvd_return.set("v3_CNA_Vector","");
GM.xmlHttpRequest({
method: "GET",
url: url_NVD,
onload: function(response) {
//console.log(id+" : "+response.status);
if(response.status==403) {
// erreur de chargement, on relance
console.log("erreur 403 pour : "+id);
compteur403 = compteur403+1;
if(compteur403>=nombre403max){
if(confirm("trop d'erreur de chargement NVD,\nrecharger la page ?\n(\n\tsi vous rechargez, attendez un peu \n\tou retourner sur NVD pour verifier l'état :\n\thttps://nvd.nist.gov/vuln/detail/"+id+"\n)")){location.reload();}else{compteur403=0;}
}else{
get_NVD(id);
}
return false;
}
var elem = document.createElement( 'html' );
elem.innerHTML = response.responseText;
// récupération des infos de la publication NVD
var NVDpublishDate = "";
var NVDmodifiedDate = "";
var NVDsource = "";
// console.log(elem);
try {
var spanItem = elem.querySelectorAll('[data-testid]');
var NVDpublishDateDOM = getDOMitemFromitems_withASpecificAttribValue(spanItem, "data-testid", "vuln-published-on");
var NVDmodifiedDateDOM = getDOMitemFromitems_withASpecificAttribValue(spanItem, "data-testid", "vuln-last-modified-on");
var NVDsourceDOM = getDOMitemFromitems_withASpecificAttribValue(spanItem, "data-testid", "vuln-current-description-source");
if(NVDpublishDateDOM){NVDpublishDate = dateUStoFR(NVDpublishDateDOM.innerText);}
if(NVDmodifiedDateDOM){NVDmodifiedDate = dateUStoFR(NVDmodifiedDateDOM.innerText);}
if(NVDsourceDOM){NVDsource = NVDsourceDOM.innerText;}
} catch{
}
// récupération des scores
var nvd_DOM = elem.getElementsByClassName(class_baseScores);
var nvd=[];
for(var i=0;i<nvd_DOM.length;i++) {
tempBS = (nvd_DOM[i]).innerText.trim();
if(tempBS === 'N/A') {
nvd.push('N/A');
}else{
tempBS = tempBS.split(' ')[0];
tempBS = parseInt(tempBS.replace(/\./g, ''),10)/10;
nvd.push(tempBS);
}
}
// récupération des cartouches
var cartouche_v2 = elem.getElementsByClassName(class_NVD_vector_v2);
if (cartouche_v2.length==0) {cartouche_v2="";}else{cartouche_v2=(cartouche_v2[0]).innerText;}
var cartouche_v3 = elem.getElementsByClassName(class_NVD_vector_v3);
if (cartouche_v3.length==0) {cartouche_v3="";}else{cartouche_v3=(cartouche_v3[0]).innerText;}
var cartouche_v3_CNA = elem.getElementsByClassName(class_CNA_vector_v3);
if (cartouche_v3_CNA.length==0) {cartouche_v3_CNA="";}else{cartouche_v3_CNA=(cartouche_v3_CNA[0]).innerText;}
switch(nvd.length) {
case 1:
tempBS = nvd[0];
// récupération de l'élément
if(cartouche_v2){
nvd_return.set("v2_BaseScore",tempBS);
nvd_return.set("v2_Vector",cartouche_v2);
}else if(cartouche_v3){
nvd_return.set("v3_BaseScore",tempBS);
nvd_return.set("v3_Vector",cartouche_v3);
}else if(cartouche_v3_CNA){
nvd_return.set("v3_CNA_BaseScore",tempBS);
nvd_return.set("v3_CNA_Vector",cartouche_v3_CNA);
}else{// pas de cartouche mais NVD à 1
document.getElementById("tableCVEs_Td_"+id+"_CVE").innerText = document.getElementById("tableCVEs_Td_"+id+"_CVE").innerText + " (anomalie NVD)";
}
break;
case 2:
// récupération du score v2
tempBS = nvd[(nvd.length)-1];
nvd_return.set("v2_BaseScore",tempBS);
nvd_return.set("v2_Vector",cartouche_v2);
// récupération du score v3
tempBS = nvd[0];
if(cartouche_v3) {
nvd_return.set("v3_BaseScore",tempBS);
nvd_return.set("v3_Vector",cartouche_v3);
}else{
nvd_return.set("v3_CNA_BaseScore",tempBS);
nvd_return.set("v3_CNA_Vector",cartouche_v3_CNA);
}
break;
case 3:
// récupération du score v2
tempBS = nvd[2];
nvd_return.set("v2_BaseScore",tempBS);
nvd_return.set("v2_Vector",cartouche_v2);
// récupération du score v3
tempBS_NVD = nvd[0];
nvd_return.set("v3_BaseScore",tempBS_NVD);
nvd_return.set("v3_Vector",cartouche_v3);
tempBS_CNA = nvd[1];
nvd_return.set("v3_CNA_BaseScore",tempBS_CNA);
nvd_return.set("v3_CNA_Vector",cartouche_v3_CNA);
break;
}
if (nvd_DOM.length == 0) {
nvd_DOM = 'ØØ';
} else {
nvd_DOM = nvd_DOM.item(1).innerText.trim(); // item(0) == CVSS V3
nvd_DOM = nvd_DOM.split(' ')[0];
nvd_return.set("score",parseInt(nvd_DOM.replace(/\./g, ''),10)/10); // remplace le texte x.y en xy puis divise par 10 pour recuperer la version numérique
}
var score_NVD = '<a href=https://nvd.nist.gov/vuln/detail/'+id+' target="_blank">'+nvd_DOM+'</a>';
document.getElementById(id+"_NVD").innerHTML = score_NVD;
// remplissage du tableau
document.getElementById("tableCVEs_Td_"+id+"_v2_score").innerText = nvd_return.get("v2_BaseScore");
document.getElementById("tableCVEs_Td_"+id+"_v2_vector").value = nvd_return.get("v2_Vector");
document.getElementById("tableCVEs_Td_"+id+"_v3_score").innerText = nvd_return.get("v3_BaseScore");
document.getElementById("tableCVEs_Td_"+id+"_v3_vector").value = nvd_return.get("v3_Vector");
document.getElementById("tableCVEs_Td_"+id+"_v3_CNA_score").innerText = nvd_return.get("v3_CNA_BaseScore");
document.getElementById("tableCVEs_Td_"+id+"_v3_CNA_vector").value = nvd_return.get("v3_CNA_Vector");
document.getElementById("tableCVEs_Td_"+id+"_NVDpublishDate").value = NVDpublishDate;
document.getElementById("tableCVEs_Td_"+id+"_NVDmodifiedDate").value = NVDmodifiedDate;
document.getElementById("tableCVEs_Td_"+id+"_NVDsource").value = NVDsource;
// colorisation
document.getElementById("tableCVEs_Td_"+id+"_CVE").style.color = "black";
if(nvd_return.get("v2_BaseScore")=== "N/A" || nvd_return.get("v2_BaseScore") === ""){
// Highlight les CVE sans résultats
document.getElementById("tableCVEs_Td_"+id+"_CVE").style.color = "red";
document.getElementById("tableCVEs_Td_"+id+"_CVE").style.fontWeight = "bold";
}
// colorisation en orange de l'entete du tableau des que fini
compteurCVEloaded = compteurCVEloaded+1;
if(compteurCVEloaded>= compteurCVEtoLoad){
document.getElementById("tableCVEs_THs").style.color = "orange";
if(intervalAnimation){
getMaxScroreFromListCVE(intervalAnimation);
document.getElementById("pProcessMessage").innerText = "Chargement des scores terminé, Selection du plus elevé"
}
}
},
onerror: function(error) {
console.log("get_NVD("+id+")");
}
});
}
function get_score(id) {
var url_cveD = "https://www.cvedetails.com/cve-details.php?cve_id="+id;
GM.xmlHttpRequest({
method: "GET",
url: url_cveD,
onload: function(response) {
var el = document.createElement( 'html' );
el.innerHTML = response.responseText;
var score = el.getElementsByClassName('cvssbox');
if (score.length == 0) {
var score_item = 'ØØ';
var color = 'rgb(242, 242, 242)';
} else {
color = score.item(0).style.backgroundColor;
score_item = score.item(0).innerText;
}
//get_MS_score(id);
document.getElementById(id+'_cveDetails').innerText = score_item;
document.getElementById(id+'_cveDetails').style="background-color:"+color;
var list_cwe = el.getElementsByClassName('details');
$(list_cwe).find('a').each(function() {
if (this.href.indexOf("/cwe.html") > -1) {
var cwe = this.href.split("/");
if (CWEs.includes(cwe[4])) {
// négation !
} else {
CWEs.push(cwe[4]);
}
}
});
}
});
}
// FONCTIONS\CVSS\externes />
// FONCTIONS\CVSS />
// FONCTIONS\graphique + alteration de page
var chart_color_list_of_map;
initialisation_svg_variables();
function initialisation_svg_variables(){
var chart_contour_grey = "#9c9c9c";
var chart_inside_left_grey = "#efefef";
var chart_inside_center_grey = "#f6f6f6";
var chart_inside_right_grey = "#c9c9c9";
var chart_contour_green = "#007f00";
var chart_inside_left_green = "#b9eca3";
var chart_inside_center_green = "#55d337";
var chart_inside_right_green = "#00c000";
var chart_contour_yellow = "#b69f0f";
var chart_inside_left_yellow = "#fce700";
var chart_inside_center_yellow = "#dac800";
var chart_inside_right_yellow = "#c4b400";
var chart_contour_orange = "#b47700";
var chart_inside_left_orange = "#ffe6b4";
var chart_inside_center_orange = "#ffc656";
var chart_inside_right_orange = "#ffb012";
var chart_contour_red = "#9a0808";
var chart_inside_left_red = "#f7c5c5";
var chart_inside_center_red = "#ee7c7c";
var chart_inside_right_red = "#e94545";
chart_color_list_of_map = [new Map(),new Map(),new Map(),new Map(),new Map()];
// 0 : grey/undifened
chart_color_list_of_map[0].set("chart_contour",chart_contour_grey);
chart_color_list_of_map[0].set("chart_inside_left",chart_inside_left_grey);
chart_color_list_of_map[0].set("chart_inside_center",chart_inside_center_grey);
chart_color_list_of_map[0].set("chart_inside_right",chart_inside_right_grey);
// 1 : green
chart_color_list_of_map[1].set("chart_contour",chart_contour_green);
chart_color_list_of_map[1].set("chart_inside_left",chart_inside_left_green);
chart_color_list_of_map[1].set("chart_inside_center",chart_inside_center_green);
chart_color_list_of_map[1].set("chart_inside_right",chart_inside_right_green);
// 2 : yellow
chart_color_list_of_map[2].set("chart_contour",chart_contour_yellow);
chart_color_list_of_map[2].set("chart_inside_left",chart_inside_left_yellow);
chart_color_list_of_map[2].set("chart_inside_center",chart_inside_center_yellow);
chart_color_list_of_map[2].set("chart_inside_right",chart_inside_right_yellow);
// 3 : orange
chart_color_list_of_map[3].set("chart_contour",chart_contour_orange);
chart_color_list_of_map[3].set("chart_inside_left",chart_inside_left_orange);
chart_color_list_of_map[3].set("chart_inside_center",chart_inside_center_orange);
chart_color_list_of_map[3].set("chart_inside_right",chart_inside_right_orange);
// 4 : red
chart_color_list_of_map[4].set("chart_contour",chart_contour_red);
chart_color_list_of_map[4].set("chart_inside_left",chart_inside_left_red);
chart_color_list_of_map[4].set("chart_inside_center",chart_inside_center_red);
chart_color_list_of_map[4].set("chart_inside_right",chart_inside_right_red);
}
function set_img_png_src(index_color_set=0,img_id){ // dans à la source la valeur base64 de l'image cible
var liste_img = [
"iVBORw0KGgoAAAANSUhEUgAAABEAAAAOCAYAAADJ7fe0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAFVSURBVDhPnVPLisJAECzH5KBoIh78gJzFS07ehJCzCOsX+TNqELwJ+R4RokEhIj5i4m61iiS4rm5B09MznZqerk7h8gO8idPphNFohMPhAF3XwU+DIMDHJJPJBK1WC5ZlyR5jJatfcD6fEYYhlsulGNckms/n4lmNUup1JVEUYTweXxMLCmmaYL1eo9lsot1uo1KpXM9v+S/R6XTQ73+h1+uhVqvddh/IkLB83n633W6HOI6xWCxQLBZRKpXE55Eh2Ww28DwP0+lUbDabCVGSJLeM58iQsD2apsF1XXS7XTiOI837C4qa340dp6cS5XIZ1Wr1afl5qOFwKFrTfN8XkuPxKFW9C3kOu8/SbdsWOT+F2u/3cnuj0UC9Xv8fCWXdbrciJVXgM+gZ8ywfE2maSkwjCoPB4MIB4vRxk03l2jAMSeYPxvlgzCpXq5V40zRFuTAM8Q28m9+YaHoqhgAAAABJRU5ErkJggg=="
, "iVBORw0KGgoAAAANSUhEUgAAABEAAAAOCAYAAAG+6sciAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAC4cAAAuHAZNAh1MAAACxSURBVChTnVHRFYMwCGSrOkg7T/9cxC5Rv7qDazhDYiAcJqSp2nuPl3A5DkQyPCnuF0tGvlQMA4SQZWJkCfFQhBAiR5UIcV8GS4ToIjUQQdWIm3AUj7voC9mKeoBzD/P6yi4eTHK0ArWc10kF+dRXorcS/mws/SmV9KGm0hwuQ3eE+L0rADtDpCJMcN5EivJ3ocjnqiyQSAggwnJ6+alxj3Idd4qP5SZ/4D8TP8nloLgBBWq+PZle8HYAAAAASUVORK5CYII="
, "iVBORw0KGgoAAAANSUhEUgAAABEAAAAOCAYAAAG+6sciAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAC4cAAAuHAZNAh1MAAACySURBVChTlZIxDoMwDEV9g3JkbtKZHbFX6lD1CFVHJA7AWsnkW/lp0iQleZIBO/a3sSJkuV40fATnNg2aRgADFoydEIwxDaIec97P4Ku8HqIwYhkl0AAkjdAEFh/ynVSgZzGpBpW9m7Ovo6l494tFHVkCJXmQJXw20fsseYI9HdUEHlQTeuGOyN9dEf4gDUWcADSJlIpORRCMaRIpjYsF4q5giU0iLMIdZtGv3z1Jvw16ANc99saVhXigAAAAAElFTkSuQmCC"
, "iVBORw0KGgoAAAANSUhEUgAAABEAAAAOCAYAAAG+6sciAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAC4cAAAuHAZNAh1MAAACxSURBVChTlVLBDcIwDMwMDIfEJPyYiUffPMsmLIGQm3Nzlu2moT3plNi+nJ0ohZjuRWxjwetRNyEDMKFJH1jSQz0I+X0FXIP3TZRIyHwVIxU9oAEEoRGagFqsDkHkA/QLa3bKoHMLt5DP1B8YSWUW0FILz8tWEApeECy7gl7BC86Cb0QO34rgBUk1aRMcNrFD+CH1CodMVNQEFOkh/Ko9k91xc+fRJJbMnf7Fo0nOs8gCgczit7YoWnoAAAAASUVORK5CYII="
, "iVBORw0KGgoAAAANSUhEUgAAABEAAAAOCAYAAAG+6sciAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAC4cAAAuHAZNAh1MAAAC1SURBVChTlVHBDYQwDOPZxRgKCTEIz9uFYfhwz/sgAu7VoSRQwFJo47hxaCuiD0F0o8kHmwMDkIhkniiZI/YglnmWb9P8ianrhFFNbSt5RMUZYADBwQgmiLyoInxgHMnN62xNfTzYOaUev2GQsa69AJYIJ2BLFpzAFlRgWzrBVUEFb8G7YxTviuAPMnAIE+BFMMWjJnpoeyEesnmS7gBpx7XObpLLcQvObhIlC053uZvkfQRZAbjJlL0mcKqVAAAAAElFTkSuQmCC"
];
var liste_img_portail = [
"images/VULNERABILITES/gris.png"
,"images/VULNERABILITES/vert.png"
,"images/VULNERABILITES/jaune.png"
,"images/VULNERABILITES/orange.png"
,"images/VULNERABILITES/rouge.png"
];
var prefixe = "data:image/png;base64,";
var index = (index_color_set>=liste_img.length || index_color_set<0 ? 0 : index_color_set);
document.getElementById(img_id).src = prefixe+liste_img[index];
document.getElementById(img_id).setAttribute("src_portail",liste_img_portail[index]);
}
function change_color(index_color_set=0,svg_id) {
// declaration de variables
var items, index, item, max_strips_count = 0 ;
var color_set = chart_color_list_of_map[(index_color_set>=0 && index_color_set<chart_color_list_of_map.length ? index_color_set : 0 )];
//console.log(color_set);
color_set.forEach((color_value, class_name)=>{
items = document.getElementById(svg_id).getElementsByClassName(class_name);
//console.log(class_name+" : "+color_value + " ; "+index_color_set);
//console.log(contours);
max_strips_count = (index_color_set>=items.length || index_color_set<=0 ? items.length : index_color_set);
for (index = 0; index < max_strips_count; index++) {
item = items[index];
if((class_name.toLowerCase()).includes("contour")){
//console.log(item.getAttribute('stroke') + " couleur devient : "+color_value);
item.setAttribute('stroke', color_value);
}else{
//console.log(item.getAttribute('fill') + " couleur devient : "+color_value);
item.setAttribute('fill', color_value);
}
//console.log(item);
}
// blanchir le reste et continuer avec le contour
for (index = max_strips_count; index < items.length; index++) {
item = items[index];
if((class_name.toLowerCase()).includes("contour")){
item.setAttribute('stroke', color_value);
}else{
item.setAttribute('fill', "white");
}
//console.log(item);
}
},index_color_set)
}
function svg_to_img(svg_id, img_id){
//console.log("cration de l'image");
var svgElement = document.getElementById(svg_id);
// Create your own image
//var img = document.createElement('img');
var img = document.getElementById(img_id);
// Serialize the svg to string
var svgString = new XMLSerializer().serializeToString(svgElement);
//console.log("======================== av svgString");
//console.log(svgString);
// Remove any characters outside the Latin1 range
var decoded = unescape(encodeURIComponent(svgString));
//console.log("======================== av decoded");
//console.log(decoded);
// Now we can use btoa to convert the svg to base64
var base64 = btoa(decoded);
//console.log("taille base64 : "+base64.length);
//console.log(base64);
var imgSource = `data:image/svg+xml;base64,${btoa(decoded)}`;
img.setAttribute('src', imgSource);
//document.getElementById(svg_id).after(img);
}
function make_download_txt(){
var doc_title = window.location.href;
doc_title = doc_title.split("/");
doc_title = doc_title[4];
document.title = doc_title;
$("li.link-pdf").after('<li class="link-txt" id="link-txt-btn"><a id="txt_gen" title="Télécharger au format TXT"><i class="fa fa-fw fa-clipboard" aria-hidden="true"></i></a></li>');
}
function make_download_html(){
var doc_title = window.location.href;
doc_title = doc_title.split("/");
doc_title = doc_title[4];
document.title = doc_title;
$("li.link-txt").after('<li class="link-html" id="link-html-btn"><a id="html_gen" title="Télécharger au format html"><i class="fa fa-fw fa-clipboard" aria-hidden="true"></i></a></li>');
}
function make_html_from_list_of_dict(item_before=document.querySelector('body'), list_input, debug=false) {
var item,dict_item, value, key, parent_id, has_parent, i, j, classes;
// fonctions principales : parcourir le tableau d'objet à creer
for(i=0 ; i<list_input.length ; i++) {
dict_item = list_input[i];
item = document.createElement(dict_item["object"]);
has_parent = false;
for(key in dict_item){
value = dict_item[key];
//console.log (key + " : "+value);
switch(key){
case "strokewidth" :
key = "stroke-width";
case "x" :
case "y" :
case "stroke" :
case "fill" :
case "viewBox":
case "width":
case "height":
item.setAttribute(key,value);
break;
case "class" :
classes = value.split(" ");
for(j=0;j<classes.length;j++){
item.classList.add(classes[j]);
}
break;
case "parent_id":
parent_id = value;
has_parent = true;
//console.log("le parent : "+value);console.log(parent_id);
break;
case "object":
break;
case "appendChildText" :
item.appendChild(document.createTextNode(value));
break;
default :
item.setAttribute(key,value);
//item[key] = value;
break;
}
}
//console.log(item);
if(debug) {
console.log("object : "+dict_item["object"]+" ; parent : "+parent_id+" ; id : "+dict_item["id"]);
}
if(has_parent){
document.getElementById(parent_id).appendChild(item);
} else {
$(item_before).after(item);
}
item_before = item;
}
}
var cveMaxScoreV2 = "";
var cveMaxScoreV3 = "";
var cveMaxScoreV3_type = "";
var cveMaxScoreV3_NVD = "";
var cveMaxScoreV3_CNA = "";
var colorV2 = "rgb(250, 171, 239)";
var colorV3_NVD = "rgb(124, 124, 226)" ;
var colorV3_CNA = "rgb(103, 218, 232)" ;
var colorMixedV2V3_NVD = "rgb(187, 148, 233)" ;
var colorMixedV2V3_CNA = "rgb(177, 195, 236)" ;
function getMaxScroreFromListCVE(intervalAnimation){
// fonction qui récupère les scores v2 et v3 les plus elevés parmis le tableau des CVE
// les id des tds sont composés comme suit :
// CVE : tableCVEs_Td_<CVE id>_CVE
// v2 : tableCVEs_Td_<CVE id>_v2\tableCVEs_Td_<CVE id>_v2_score
// tableCVEs_Td_<CVE id>_v2\tableCVEs_Td_<CVE id>_v2_vecteur
// v3 : tableCVEs_Td_<CVE id>_v2\tableCVEs_Td_<CVE id>_v3_score
// tableCVEs_Td_<CVE id>_v2\tableCVEs_Td_<CVE id>_v3_vecteur
// v3 CNA : tableCVEs_Td_<CVE id>_v3\tableCVEs_Td_<CVE id>_v3_CNA_score
// tableCVEs_Td_<CVE id>_v3\tableCVEs_Td_<CVE id>_v3_CNA_vecteur
// initialisation de variables
var fctName = "getMaxScroreFromListCVE";
var td_prefixe = "tableCVEs_Td_";
var row, cveID, td_cve, td_v2, score_v2, td_v3, score_v3, td_v3_CNA, score_v3_CNA;
var cveMaxScoreV2_score, cveMaxScoreV3_score, cveMaxScoreV3_CNA_score;
var v2Source = "";
var v3Source = "";
var aviV2, aviV3, vecteurFromStorage, scoreFromStorage;
console.log("["+fctName+"]"+"\n########################\n");
console.log("["+fctName+"]"+" Parcours du tableau");
// Parcours du tableau
var table = document.getElementById("tableCVEs");
var trs = table.querySelectorAll("tr");
for(var i=1;i<trs.length;i++){
// console.log(trs[i]);
row=trs[i].id;
// console.log(row);
// TR example : tableCVEs_Tr_CVE-2022-31143
cveID = row.substring(13); //
// TD example : tableCVEs_Td_CVE-2022-31143_CVE
td_cve = document.getElementById(td_prefixe+cveID+"_CVE");
td_v2 = document.getElementById(td_prefixe+cveID+"_v2");
score_v2 = scoreString_to_float(td_v2.innerText) ;
td_v3 = document.getElementById(td_prefixe+cveID+"_v3");
score_v3 = scoreString_to_float(td_v3.innerText);
td_v3_CNA = document.getElementById(td_prefixe+cveID+"_v3_CNA");
score_v3_CNA = scoreString_to_float(td_v3_CNA.innerText);
console.log("["+fctName+"]"+" "+cveID);
console.log("["+fctName+"]"+" score_v2="+score_v2+" VS "+cveMaxScoreV2+" ("+cveMaxScoreV2_score+")");
console.log("["+fctName+"]"+" score_v3="+score_v3+" VS "+cveMaxScoreV3_NVD+" ("+cveMaxScoreV3_score+")");
console.log("["+fctName+"]"+" score_v3_CNA="+score_v3_CNA+" VS "+cveMaxScoreV3_CNA+" ("+cveMaxScoreV3_CNA_score+")");
// comparaison v2
if(!cveMaxScoreV2){
// c'est la premiere valeur
cveMaxScoreV2 = cveID;
cveMaxScoreV2_score = score_v2;
}else{
// cveMaxScoreV2_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV2+"_v2").innerText);
// cas particulier : La premiere CVE etait choisie automatiquement mais sans valeurs, mais les suivantes aussi hors leur scrore proviendrai du stockage
score_v2 = getStorageScore_if_ActualScoreIsUnkown(cveID, score_v2, "CVEv2");
cveMaxScoreV2_score = getStorageScore_if_ActualScoreIsUnkown(cveMaxScoreV2, cveMaxScoreV2_score, "CVEv2");
if(score_v2>cveMaxScoreV2_score){
cveMaxScoreV2 = cveID;
cveMaxScoreV2_score = score_v2;
}
}
// comparaison v3
if(!cveMaxScoreV3_NVD){
// c'est la premiere valeur
cveMaxScoreV3_NVD = cveID;
cveMaxScoreV3_score = score_v3;
}else{
// cveMaxScoreV3_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_NVD+"_v3").innerText);
// cas particulier : La premiere CVE etait choisie automatiquement mais sans valeurs, mais les suivantes aussi hors leur scrore proviendrai du stockage
score_v3 = getStorageScore_if_ActualScoreIsUnkown(cveID, score_v3, "CVEv3");
cveMaxScoreV3_score = getStorageScore_if_ActualScoreIsUnkown(cveMaxScoreV3_NVD, cveMaxScoreV3_score, "CVEv3");
if(score_v3>cveMaxScoreV3_score){
cveMaxScoreV3_NVD = cveID;
cveMaxScoreV3_score = score_v3;
}
}
// comparaison v3_CNA
if(!cveMaxScoreV3_CNA){
// c'est la premiere valeur
cveMaxScoreV3_CNA = cveID;
cveMaxScoreV3_CNA_score = score_v3_CNA;
}else{
// cveMaxScoreV3_CNA_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_CNA+"_v3_CNA").innerText);
// cas particulier : La premiere CVE etait choisie automatiquement mais sans valeurs, mais les suivantes aussi hors leur scrore proviendrai du stockage
score_v3_CNA = getStorageScore_if_ActualScoreIsUnkown(cveID, score_v3_CNA, "CVEv3");
cveMaxScoreV3_CNA_score = getStorageScore_if_ActualScoreIsUnkown(cveMaxScoreV3_NVD, cveMaxScoreV3_CNA_score, "CVEv3");
if(score_v3_CNA>cveMaxScoreV3_CNA_score){
cveMaxScoreV3_CNA = cveID;
cveMaxScoreV3_CNA_score = score_v3_CNA;
}
}
}
// unification v2, v3 et v3_CNA si possible
// console.log("avant unification : "+cveMaxScoreV2+" ; "+cveMaxScoreV3_NVD+" ; "+cveMaxScoreV3_CNA);
cveMaxScoreV2_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV2+"_v2").innerText);
cveMaxScoreV3_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_NVD+"_v3").innerText);
cveMaxScoreV3_CNA_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_CNA+"_v3_CNA").innerText);
console.log("["+fctName+"]"+"\n########################\n");
console.log("["+fctName+"]"+" Résultat AVANT unification");
console.log("["+fctName+"]"+" cveMaxScoreV2="+cveMaxScoreV2+" ("+cveMaxScoreV2_score+")");
console.log("["+fctName+"]"+" cveMaxScoreV3_NVD="+cveMaxScoreV3_NVD+" ("+cveMaxScoreV3_score+")");
console.log("["+fctName+"]"+" cveMaxScoreV3_CNA="+cveMaxScoreV3_CNA+" ("+cveMaxScoreV3_CNA_score+")");
// console.log("v2 = "+cveMaxScoreV2+"("+cveMaxScoreV2_score+") ; v3 = "+cveMaxScoreV3_NVD+"("+cveMaxScoreV3_score+") ; v3_CNA = "+cveMaxScoreV3_CNA+"("+cveMaxScoreV3_CNA_score+")");
if(cveMaxScoreV2 === cveMaxScoreV3_NVD && cveMaxScoreV3_NVD === cveMaxScoreV3_CNA) {
// deja le meme id
if(cveMaxScoreV3_CNA_score > cveMaxScoreV3_score) {
cveMaxScoreV3 = cveMaxScoreV3_CNA;
cveMaxScoreV3_type = "_CNA";
}else{
cveMaxScoreV3 = cveMaxScoreV3_NVD;
}
}else{
// comparaison du score v3 et v3_cna
if(cveMaxScoreV3_CNA_score > cveMaxScoreV3_score) {
// on garde le score v3_cna
cveMaxScoreV3 = cveMaxScoreV3_CNA;
cveMaxScoreV3_type = "_CNA";
// on compare le score v2
if(cveMaxScoreV2_score == scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_CNA+"_v2").innerText)) {
// score identique, on applique la cve v3 cna a v2
cveMaxScoreV2 = cveMaxScoreV3_CNA;
}
}else{
// on garde le score v3 nvd
cveMaxScoreV3 = cveMaxScoreV3_NVD;
cveMaxScoreV3_type = "";
// on compare le score v2
if(cveMaxScoreV2_score == scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_NVD+"_v2").innerText)) {
// score identique, on applique la cve v3 nvd a v2
cveMaxScoreV2 = cveMaxScoreV3_NVD;
}
}
}
console.log("["+fctName+"]"+"\n########################\n");
console.log("["+fctName+"]"+" Résultat APRES unification");
// pour le log uniquement
cveMaxScoreV2_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV2+"_v2").innerText);
cveMaxScoreV3_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_NVD+"_v3").innerText);
cveMaxScoreV3_CNA_score = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3_CNA+"_v3_CNA").innerText);
console.log("["+fctName+"]"+" cveMaxScoreV2="+cveMaxScoreV2+" ("+cveMaxScoreV2_score+")");
console.log("["+fctName+"]"+" cveMaxScoreV3_NVD="+cveMaxScoreV3_NVD+" ("+cveMaxScoreV3_score+")");
console.log("["+fctName+"]"+" cveMaxScoreV3_CNA="+cveMaxScoreV3_CNA+" ("+cveMaxScoreV3_CNA_score+")");
// console.log("après unification : "+cveMaxScoreV2+" ; "+cveMaxScoreV3_NVD+" ; "+cveMaxScoreV3_CNA+" (v3 choosed = "+cveMaxScoreV3+")");
// si il y a un champs N/A on utilise le stockage pour comparer :
var scoreV2_from_V3max = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV3+"_v2").innerText)
var scoreV3_NVD_from_V2max = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV2+"_v3").innerText)
var scoreV3_CNA_from_V2max = scoreString_to_float(document.getElementById(td_prefixe+cveMaxScoreV2+"_v3_CNA").innerText)
// console.log("v2 du v3 : "+scoreV2_from_V3max);
// console.log("v3 nvd du v2 : "+scoreV3_NVD_from_V2max);
// console.log("v3 cna du v2 : "+scoreV3_CNA_from_V2max);
// console.log("Avi cve V2 depuis V3 :"+getCVSS_fromStorage(cveMaxScoreV3, "CVEv2"));
// console.log("vecteur V2 depuis V3 :"+getVecteurV2fromStorageAVI(getCVSS_fromStorage(cveMaxScoreV3, "CVEv2")));
// console.log("score V2 depuis V3 :"+getScroreV2(vectorString_To_VectorList(getVecteurV2fromStorageAVI(getCVSS_fromStorage(cveMaxScoreV3, "CVEv2")))));
var aviV2_from_V3max = getCVSS_fromStorage(cveMaxScoreV3, "CVEv2");
var aviV3_from_V2max = getCVSS_fromStorage(cveMaxScoreV2, "CVEv3");
console.log("["+fctName+"]"+"\n########################\n");
console.log("["+fctName+"]"+" Valeurs Stockage");
console.log("["+fctName+"]"+"cveMaxScoreV3_v2 ="+cveMaxScoreV3+" ("+scoreV2_from_V3max+")");
console.log("["+fctName+"]"+"cveMaxScoreV2_v3 ="+cveMaxScoreV2+" ("+scoreV3_NVD_from_V2max+")");
console.log("["+fctName+"]"+"cveMaxScoreV2_v3_CNA ="+cveMaxScoreV2+" ("+scoreV3_CNA_from_V2max+")");
console.log("["+fctName+"]"+"aviV2_from_V3max ="+aviV2_from_V3max);
console.log("["+fctName+"]"+"aviV3_from_V2max ="+aviV3_from_V2max);
// console.log("les avis trouvés : v2/v3 : "+aviV2_from_V3max+"/"+aviV3_from_V2max);
if(aviV2_from_V3max) {
var VecteurStorageV2_from_V3max = getVecteurV2fromStorageAVI(aviV2_from_V3max);
var scoreStorageV2_from_V3max = getScroreV2(vectorString_To_VectorList(VecteurStorageV2_from_V3max));
if(scoreV2_from_V3max < scoreStorageV2_from_V3max) {
cveMaxScoreV2 = cveMaxScoreV3;
document.getElementById('tableCVEs_Td_'+cveMaxScoreV2+'_v2_vector').value = VecteurStorageV2_from_V3max;
v2Source = getSourceV2fromStorageAVI(aviV2_from_V3max);
}
}
if(aviV3_from_V2max) {
var VecteurStorageV3_from_V2max = getVecteurV3fromStorageAVI(aviV3_from_V2max);
// console.log("avant : "+aviV3_from_V2max+"...");
// console.log(vectorString_To_VectorList(VecteurStorageV3_from_V2max));
var scoreStorageV3_from_V2max = getScroreV3(vectorString_To_VectorList(VecteurStorageV3_from_V2max));
if(scoreV3_NVD_from_V2max < scoreStorageV3_from_V2max && scoreV3_CNA_from_V2max < scoreStorageV3_from_V2max){
cveMaxScoreV3 = cveMaxScoreV2;
document.getElementById('tableCVEs_Td_'+cveMaxScoreV3+'_v3_vector').value = VecteurStorageV3_from_V2max;
v3Source = getSourceV3fromStorageAVI(aviV3_from_V2max);
}
}
console.log("["+fctName+"]"+"\n########################\n");
console.log("["+fctName+"]"+" Apres vérif valeurs Stockage");
console.log("["+fctName+"]"+" cveMaxScoreV2="+cveMaxScoreV2);
console.log("["+fctName+"]"+" cveMaxScoreV3="+cveMaxScoreV3);
// colorisation de la CVE la plus critique
console.log("["+fctName+"]"+"");
document.getElementById("tableCVEs_Td_"+cveMaxScoreV2+"_v2").style.backgroundColor = colorV2;
document.getElementById("tableCVEs_Td_"+cveMaxScoreV2+"_CVE").style.backgroundColor = colorV2;
if(cveMaxScoreV3_type){
document.getElementById("tableCVEs_Td_"+cveMaxScoreV3+"_v3"+cveMaxScoreV3_type).style.backgroundColor = colorV3_CNA;
if(cveMaxScoreV2==cveMaxScoreV3){
document.getElementById("tableCVEs_Td_"+cveMaxScoreV2+"_CVE").style.backgroundColor = colorMixedV2V3_CNA;
}else{
document.getElementById("tableCVEs_Td_"+cveMaxScoreV3+"_CVE").style.backgroundColor = colorV3_CNA;
}
}else{
document.getElementById("tableCVEs_Td_"+cveMaxScoreV3+"_v3"+cveMaxScoreV3_type).style.backgroundColor = colorV3_NVD;
if(cveMaxScoreV2==cveMaxScoreV3){
document.getElementById("tableCVEs_Td_"+cveMaxScoreV2+"_CVE").style.backgroundColor = colorMixedV2V3_NVD;
}else{
document.getElementById("tableCVEs_Td_"+cveMaxScoreV3+"_CVE").style.backgroundColor = colorV3_NVD;
}
}
// application de la selection
console.log("["+fctName+"]"+"");
// on applique la modification du cartouche que si la case from stockage est désactivée
var IDcheckBoxVersion = 'v2boxFromGMstorage';
if(document.getElementById(IDcheckBoxVersion)){document.getElementById(IDcheckBoxVersion).checked = false;}
set_v2_cartouche(cveMaxScoreV2,v2Source);
IDcheckBoxVersion = 'v3boxFromGMstorage';
if(document.getElementById(IDcheckBoxVersion)){document.getElementById(IDcheckBoxVersion).checked = false;}
set_v3_cartouche(cveMaxScoreV3,cveMaxScoreV3_type,v3Source);
// colorisation en vert de l'entete du tableau des que fini
console.log("["+fctName+"]"+"");
document.getElementById("tableCVEs_THs").style.color = "green";
if(intervalAnimation){
console.log("arret de l'interval de chargement");
clearInterval(intervalAnimation);
}
document.getElementById("pProcessMessage").innerText = "Selection du plus elevé terminé"
}
function make_input_cartouche_out(item_before=document.querySelector('body')){
// variables graphiques
var font_size = "14px" ;
var border_size = "0" ;
var indentation_td = '25px';
// autres variables
var list_input = [
{object : "div", id :'div_input', style : "font-size :"+font_size},
{object : "label", parent_id : "div_input", appendChildText: "ENTREE Vecteur v2 ou v3 :"},
{object : "input", parent_id : "div_input", type : "text", id : 'input_text_cvss', size : 70 , value : ''},
{object : "label", parent_id : "div_input", appendChildText: "Delimiteur entre entrées"},
{object : "input", parent_id : "div_input", type : "text", id : 'input_text_cvss_delimiter', size : 3, value : '/'},
{object : "label", parent_id : "div_input", appendChildText: "Delimiteur entrée-valeur"},
{object : "input", parent_id : "div_input", type : "text", id : 'input_text_cvss_operateur', size : 3, value : ':'},
{object : "table", parent_id : "div_input", id : "cvss_table", border : border_size},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr1"},
{object : "td", parent_id : "cvss_table_tr1", colSpan:"7", appendChildText: "Métrique de base"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr2"},
{object : "td", parent_id : "cvss_table_tr2"},
{object : "td", parent_id : "cvss_table_tr2", colSpan :'7', appendChildText: "Exploitabilité"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr3"},
{object : "td", parent_id : "cvss_table_tr3", width: indentation_td},
{object : "td", parent_id : "cvss_table_tr3", width: indentation_td},
{object : "td", parent_id : "cvss_table_tr3", appendChildText: "Vecteur d'attaque (AV)"},
{object : "td", parent_id : "cvss_table_tr3", appendChildText: "Complexité d'attaque (AC)", style :"padding-right:10px"},
{object : "td", parent_id : "cvss_table_tr3", appendChildText: "Authentification (Au)"},
{object : "td", parent_id : "cvss_table_tr3", appendChildText: "Privilèges requis (PR)", style :"padding-right:10px"},
{object : "td", parent_id : "cvss_table_tr3", appendChildText: "Interaction utilisateur (UI)"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr4"},
{object : "td", parent_id : "cvss_table_tr4", width :'25px'},
{object : "td", parent_id : "cvss_table_tr4", width :'25px'},
{object : "td", parent_id : "cvss_table_tr4", id : "cvss_table_tr4_td1"},
{object : "select", parent_id : "cvss_table_tr4_td1", id : 'AccessVectorVar', width :'100%'},
{object : "option", parent_id : "AccessVectorVar", value :'v2=AV:/v3=AV:', selected:'selected', label:'?',appendChildText:"?"},
{object : "option", parent_id : "AccessVectorVar", value :'v2=AV:L/v3=AV:L', label:'Local',appendChildText:"L"},
{object : "option", parent_id : "AccessVectorVar", value :'v2=AV:A/v3=AV:A', label:'Réseau contigue',appendChildText:"A"},
{object : "option", parent_id : "AccessVectorVar", value :'v2=AV:N/v3=AV:N', label:'Réseau',appendChildText:"N"},
{object : "option", parent_id : "AccessVectorVar", value :'v2=AV:L/v3=AV:P', label:'Physique',appendChildText:"P"},
{object : "td", parent_id : "cvss_table_tr4", id : "cvss_table_tr4_td2"},
{object : "select", parent_id : "cvss_table_tr4_td2", id : 'AccessComplexityVar'},
{object : "option", parent_id : "AccessComplexityVar", value :'v2=AC:/v3=AC:', selected: 'selected', label: '?',appendChildText:"?"},
{object : "option", parent_id : "AccessComplexityVar", value :'v2=AC:H/v3=AC:H', label: 'Haute',appendChildText:"H"},
{object : "option", parent_id : "AccessComplexityVar", value :'v2=AC:M/v3=AC:H', label: 'Moyenne/haute',appendChildText:"M"},
{object : "option", parent_id : "AccessComplexityVar", value :'v2=AC:M/v3=AC:L', label: 'Moyenne/faible',appendChildText:"M"},
{object : "option", parent_id : "AccessComplexityVar", value :'v2=AC:L/v3=AC:L', label: 'Faible',appendChildText:"L"},
{object : "td", parent_id : "cvss_table_tr4", id : "cvss_table_tr4_td3"},
{object : "select", parent_id : "cvss_table_tr4_td3", id : 'AuthenticationVar'},
{object : "option", parent_id : "AuthenticationVar", value :'v2=Au:/v3: ', selected: 'selected', label: '?',appendChildText:"?"},
{object : "option", parent_id : "AuthenticationVar", value :'v2=Au:M/v3: ', label: 'Nécessite plusieurs instances',appendChildText:"M"},
{object : "option", parent_id : "AuthenticationVar", value :'v2=Au:S/v3: ', label: 'Nécessite une seule instance',appendChildText:"S"},
{object : "option", parent_id : "AuthenticationVar", value :'v2=Au:N/v3: ', label: 'Aucune',appendChildText:"N"},
{object : "td", parent_id : "cvss_table_tr4", id : "cvss_table_tr4_td4"},
{object : "select", parent_id : "cvss_table_tr4_td4", id : 'PrivilegeRequiredVar'},
{object : "option", parent_id : "PrivilegeRequiredVar", value :'v2=/v3=PR:', selected: 'selected', label: '?',appendChildText:"?"},
{object : "option", parent_id : "PrivilegeRequiredVar", value :'v2=/v3=PR:N', label: 'Aucun',appendChildText:"N"},
{object : "option", parent_id : "PrivilegeRequiredVar", value :'v2=/v3=PR:L', label: 'Bas',appendChildText:"L"},
{object : "option", parent_id : "PrivilegeRequiredVar", value :'v2=/v3=PR:H', label: 'Hauts',appendChildText:"H"},
{object : "td", parent_id : "cvss_table_tr4", id : "cvss_table_tr4_td5"},
{object : "select", parent_id : "cvss_table_tr4_td5", id : 'UserInteractionVar'},
{object : "option", parent_id : "UserInteractionVar", value :'v2=/v3=UI:', selected: 'selected', label: '?',appendChildText:"?"},
{object : "option", parent_id : "UserInteractionVar", value :'v2=/v3=UI:N', label: 'Aucune',appendChildText:"N"},
{object : "option", parent_id : "UserInteractionVar", value :'v2=/v3=UI:R', label: 'Requise',appendChildText:"R"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr5"},
{object : "td", parent_id : "cvss_table_tr5"},
{object : "td", parent_id : "cvss_table_tr5", colSpan :'7', appendChildText: "Impact"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr6"},
{object : "td", parent_id : "cvss_table_tr6"},
{object : "td", parent_id : "cvss_table_tr6"},
{object : "td", parent_id : "cvss_table_tr6", appendChildText: "Portée (S)"},
{object : "td", parent_id : "cvss_table_tr6", appendChildText: "Confidentialité (C)"},
{object : "td", parent_id : "cvss_table_tr6", appendChildText: "Intégrité (I)"},
{object : "td", parent_id : "cvss_table_tr6", appendChildText: "Disponibilité (A)"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr7"},
{object : "td", parent_id : "cvss_table_tr7"},
{object : "td", parent_id : "cvss_table_tr7"},
{object : "td", parent_id : "cvss_table_tr7", id : "cvss_table_tr7_td1"},
{object : "select", parent_id : "cvss_table_tr7_td1", id : 'ScopeVar'},
{object : "option", parent_id : "ScopeVar", value :'v2=/v3=S:', selected: 'selected', label: '?', appendChildText:"?"},
{object : "option", parent_id : "ScopeVar", value :'v2=/v3=S:U', label: 'Pas de débordement', appendChildText:"U"},
{object : "option", parent_id : "ScopeVar", value :'v2=/v3=S:C', label: 'Débordement', appendChildText:"C"},
{object : "td", parent_id : "cvss_table_tr7", id : "cvss_table_tr7_td2"},
{object : "select", parent_id : "cvss_table_tr7_td2", id : 'ConfImpactVar'},
{object : "option", parent_id : "ConfImpactVar", value :'v2=C:/v3=C:', selected: 'selected', label: '?', appendChildText:"ND"},
{object : "option", parent_id : "ConfImpactVar", value :'v2=C:N/v3=C:N', label: 'Aucun', appendChildText:"N"},
{object : "option", parent_id : "ConfImpactVar", value :'v2=C:P/v3=C:L', label: 'Partiel/bas', appendChildText:"P"},
{object : "option", parent_id : "ConfImpactVar", value :'v2=C:C/v3=C:H', label: 'Complet/haut', appendChildText:"C"},
{object : "td", parent_id : "cvss_table_tr7", id : "cvss_table_tr7_td3"},
{object : "select", parent_id : "cvss_table_tr7_td3", id : 'IntegImpactVar'},
{object : "option", parent_id : "IntegImpactVar", value :'v2=I:/v3=I:', selected: 'selected', label: '?', appendChildText:"ND"},
{object : "option", parent_id : "IntegImpactVar", value :'v2=I:N/v3=I:N', label: 'Aucun', appendChildText:"N"},
{object : "option", parent_id : "IntegImpactVar", value :'v2=I:P/v3=I:L', label: 'Partiel/bas', appendChildText:"P"},
{object : "option", parent_id : "IntegImpactVar", value :'v2=I:C/v3=I:H', label: 'Complet/haut', appendChildText:"C"},
{object : "td", parent_id : "cvss_table_tr7", id : "cvss_table_tr7_td4"},
{object : "select", parent_id : "cvss_table_tr7_td4", id : 'AvailImpactVar'},
{object : "option", parent_id : "AvailImpactVar", value :'v2=A:/v3=A:', selected: 'selected', label: '?', appendChildText:"?"},
{object : "option", parent_id : "AvailImpactVar", value :'v2=A:N/v3=A:N', label: 'Aucun', appendChildText:"N"},
{object : "option", parent_id : "AvailImpactVar", value :'v2=A:P/v3=A:L', label: 'Partiel/bas', appendChildText:"P"},
{object : "option", parent_id : "AvailImpactVar", value :'v2=A:C/v3=A:H', label: 'Complet/haut', appendChildText:"C"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr8"},
{object : "td", parent_id : "cvss_table_tr8", colSpan:"7", appendChildText: "Score Temporel"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr9"},
{object : "td", parent_id : "cvss_table_tr9"},
{object : "td", parent_id : "cvss_table_tr9"},
{object : "td", parent_id : "cvss_table_tr9", appendChildText: "Exploitabilité (E)"},
{object : "td", parent_id : "cvss_table_tr9", appendChildText: "Remediation (RL)"},
{object : "td", parent_id : "cvss_table_tr9", appendChildText: "Confiance (RC)"},
{object : "tr", parent_id : "cvss_table", id : "cvss_table_tr10"},
{object : "td", parent_id : "cvss_table_tr10"},
{object : "td", parent_id : "cvss_table_tr10"},
{object : "td", parent_id : "cvss_table_tr10", id : "cvss_table_tr10_td1"},
{object : "select", parent_id : "cvss_table_tr10_td1", id : 'ExploitabilityVar'},
{object : "option", parent_id : "ExploitabilityVar", value :'v2=E:ND/v3=E:X', selected: 'selected', label: 'Non défini', appendChildText:"ND"},
{object : "option", parent_id : "ExploitabilityVar", value :'v2=E:U/v3=E:U', label: 'Non prouvé', appendChildText:"U"},
{object : "option", parent_id : "ExploitabilityVar", value :'v2=E:POC/v3=E:P', label: 'Programme de démonstration (PoC)', appendChildText:"POC"},
{object : "option", parent_id : "ExploitabilityVar", value :'v2=E:F/v3=E:F', label: 'Fonctionnel', appendChildText:"F"},
{object : "option", parent_id : "ExploitabilityVar", value :'v2=E:H/v3=E:H', label: 'Haut', appendChildText:"H"},
{object : "td", parent_id : "cvss_table_tr10", id : "cvss_table_tr10_td2"},
{object : "select", parent_id : "cvss_table_tr10_td2", id : 'RemediationLevelVar'},
{object : "option", parent_id : "RemediationLevelVar", value :'v2=RL:ND/v3=RL:X', selected: 'selected', label: 'Non défini', appendChildText:"ND"},
{object : "option", parent_id : "RemediationLevelVar", value :'v2=RL:OF/v3=RL:O', label: 'Correctif officiel', appendChildText:"OF"},
{object : "option", parent_id : "RemediationLevelVar", value :'v2=RL:TF/v3=RL:T', label: 'Correctif provisoire', appendChildText:"TF"},
{object : "option", parent_id : "RemediationLevelVar", value :'v2=RL:W/v3=RL:W', label: 'Palliatif', appendChildText:"W"},
{object : "option", parent_id : "RemediationLevelVar", value :'v2=RL:U/v3=RL:U', label: 'Non disponible', appendChildText:"U"},
{object : "td", parent_id : "cvss_table_tr10", id : "cvss_table_tr10_td3"},
{object : "select", parent_id : "cvss_table_tr10_td3", id : 'ReportConfidenceVar'},
{object : "option", parent_id : "ReportConfidenceVar", value :'v2=RC:ND/v3=RC:X', label: 'Non défini', appendChildText:"ND"},
{object : "option", parent_id : "ReportConfidenceVar", value :'v2=RC:UC/v3=RC:U', label: 'Non confirmé', appendChildText:"UC"},
{object : "option", parent_id : "ReportConfidenceVar", value :'v2=RC:UR/v3=RC:R', label: 'Présumé', appendChildText:"UR"},
{object : "option", parent_id : "ReportConfidenceVar", value :'v2=RC:C/v3=RC:C', selected: 'selected', label: 'Confirmé', appendChildText:"C"},
//{object : "td", parent_id : "cvss_table_tr10", id : "cvss_table_tr10_td4"},
//{object : "input", parent_id : "cvss_table_tr10_td4", type : "button", id : 'btn_add_RLof_RCc', size : 3, value : 'Ajouter RL:OF + RC:C'},
{object : "br", parent_id : "div_input"},
{object : "input", type : "checkbox", parent_id : "div_input", id: "lock_v2"},
{object : "label", parent_id : "div_input", for : "lock_v2", appendChildText: "Verrouiller v2", id: "lock_v2_from_label", style :"padding-right:10px"},
{object : "input", type : "checkbox", parent_id : "div_input", id: "lock_v3"},
{object : "label", parent_id : "div_input", for : "lock_v3", appendChildText: "Verrouiller v3", id: "lock_v3_from_label", style :"padding-right:10px"},
{object : "input", type : "checkbox", parent_id : "div_input", id: "v2boxFromGMstorage"},
{object : "label", parent_id : "div_input", for : "v2boxFromGMstorage", appendChildText: "V2 from storage", id: "v2boxFromGMstorage_label", style :"padding-right:10px"},
{object : "input", type : "checkbox", parent_id : "div_input", id: "v3boxFromGMstorage"},
{object : "label", parent_id : "div_input", for : "v3boxFromGMstorage", appendChildText: "V3 from storage", id: "v3boxFromGMstorage_label", style :"padding-right:10px"}
];
make_html_from_list_of_dict(item_before, list_input);
}
function add_functions_onchange(){
var items = document.querySelectorAll('select');
for(var i=0;i<items.length;i++) {
//items[i].setAttribute("onchange", update_output); // inside the code
items[i].addEventListener('change', computeCVSS,false);
}
items = document.querySelectorAll('input');
for(i=0;i<items.length;i++) {
if(items[i].type==="text"){
items[i].addEventListener('change', update_options);
items[i].addEventListener('keyup', update_options);
//items[i].setAttribute("onchange", update_options());//update_options lancera update_output // inside the code
}
}
}
function add_functions_onclick(){
document.getElementById('link_vecteur_v2').setAttribute('onclick',"document.getElementById('input_text_cvss').value = this.innerText;document.getElementById('lock_v3').checked = true;document.getElementById('lock_v2').checked = false;");
document.getElementById('link_vecteur_v3').setAttribute('onclick',"document.getElementById('input_text_cvss').value = this.innerText;document.getElementById('lock_v2').checked = true;document.getElementById('lock_v3').checked = false;");
document.getElementById('link_vecteur_v2').addEventListener('click',update_options);
document.getElementById('link_vecteur_v3').addEventListener('click',update_options);
document.getElementById('btn_add_RLof_RCc').addEventListener('click',addDefaultTempo);
}
function selectOption(select_id, optionText){
var select_obj = document.getElementById(select_id);
var options = Array.from(select_obj.options);
var option = options.find(item => item.text === optionText);
option.selected = true;
}
function addDefaultTempo(){
addDefaultTempo_version('link_vecteur_v2');
addDefaultTempo_version('link_vecteur_v3');
}
function addDefaultTempo_version(idLink){
document.getElementById(idLink).click();
var idSelect = 'RemediationLevelVar';
var optionText = 'OF';
selectOption(idSelect, optionText);
idSelect = 'ReportConfidenceVar';
optionText = 'C';
selectOption(idSelect, optionText);
computeCVSS();
}
function set_v2_cartouche(cveID, source=""){
var TargetVersion="_v2";
// console.log("cliqued ("+cveID+") : " +document.getElementById('tableCVEs_Td_'+cveID+TargetVersion+'_vector').value );
document.getElementById('input_text_cvss').value = document.getElementById('tableCVEs_Td_'+cveID+TargetVersion+'_vector').value;
document.getElementById('refCVE_vecteur'+TargetVersion).value = cveID;
document.getElementById('refCVE_vecteur'+TargetVersion+'_source').value = (source ? source : "NVD auto");
document.getElementById('lock_v2').checked = false;
document.getElementById('lock_v3').checked = true;
var lstMetaNVD=["NVDpublishDate","NVDmodifiedDate","NVDsource"];
var metaValue, metaID;
for(var i=0 ; i<lstMetaNVD.length;i++) {
metaValue = "";
metaID = 'tableCVEs_Td_'+cveID+'_'+lstMetaNVD[i];
if(document.getElementById(metaID)) {
metaValue = document.getElementById(metaID).value;
}
document.getElementById('refCVE'+TargetVersion+'_'+lstMetaNVD[i]).value = metaValue;
console.log("application de '"+metaValue+"' a "+'refCVE'+TargetVersion+'_'+lstMetaNVD[i]);
}
update_options();
}
function set_v3_cartouche(cveID,CNA="", source=""){
var TargetVersion="_v3";
// console.log("cliqued ("+cveID+") : " +document.getElementById('tableCVEs_Td_'+cveID+TargetVersion+CNA+'_vector').value );
document.getElementById('input_text_cvss').value = document.getElementById('tableCVEs_Td_'+cveID+TargetVersion+CNA+'_vector').value;
document.getElementById('refCVE_vecteur'+TargetVersion).value = cveID;
document.getElementById('refCVE_vecteur'+TargetVersion+'_source').value = (source ? source : "NVD "+(CNA ? "(CNA) " : '')+"auto");
document.getElementById('lock_v2').checked = true;
document.getElementById('lock_v3').checked = false;
var lstMetaNVD=["NVDpublishDate","NVDmodifiedDate","NVDsource"];
var metaValue, metaID;
for(var i=0 ; i<lstMetaNVD.length;i++) {
metaValue = "";
metaID = 'tableCVEs_Td_'+cveID+'_'+lstMetaNVD[i];
if(document.getElementById(metaID)) {
metaValue = document.getElementById(metaID).value;
}
document.getElementById('refCVE'+TargetVersion+'_'+lstMetaNVD[i]).value = metaValue;
console.log("application de '"+metaValue+"' a "+'refCVE'+TargetVersion+'_'+lstMetaNVD[i]);
}
update_options();
}
function add_functions_onclick_arrayOfCVE(arrayOfCVE=[]){
var id = "";
for(var i=0;i<arrayOfCVE.length;i++){
id = arrayOfCVE[i];
// CVE updateClipboard
document.getElementById('tableCVEs_Td_'+id+'_CVE').addEventListener('click', function(){
const cveID = (/CVE-[0-9]+-[0-9]+/).exec(this.id);
updateClipboard(cveID);
},false);
//v2
document.getElementById('tableCVEs_Td_'+id+'_v2_score').addEventListener('click', function(){
const cveID = (/CVE-[0-9]+-[0-9]+/).exec(this.id);
var IDcheckBoxVersion = 'v2boxFromGMstorage';
if(document.getElementById(IDcheckBoxVersion)){document.getElementById(IDcheckBoxVersion).checked = false;}
set_v2_cartouche(cveID);
},false);
// v3
document.getElementById('tableCVEs_Td_'+id+'_v3_score').addEventListener('click', function(){
const cveID = (/CVE-[0-9]+-[0-9]+/).exec(this.id);
var IDcheckBoxVersion = 'v3boxFromGMstorage';
if(document.getElementById(IDcheckBoxVersion)){document.getElementById(IDcheckBoxVersion).checked = false;}
set_v3_cartouche(cveID);
},false);
// v3 CNA
document.getElementById('tableCVEs_Td_'+id+'_v3_CNA_score').addEventListener('click', function(){
const cveID = (/CVE-[0-9]+-[0-9]+/).exec(this.id);
var IDcheckBoxVersion = 'v3boxFromGMstorage';
if(document.getElementById(IDcheckBoxVersion)){document.getElementById(IDcheckBoxVersion).checked = false;}
set_v3_cartouche(cveID, "_CNA");
},false);
}
}
function updateCartoucheFromStorageOrAutoNVD() {
if(document.getElementById("v2boxFromGMstorage").checked){
document.getElementById('lock_v2').checked = false;
document.getElementById('lock_v3').checked = true;
stockageToFieldsV2();
}else{
set_v2_cartouche(cveMaxScoreV2);
}
if(document.getElementById("v3boxFromGMstorage").checked){
document.getElementById('lock_v2').checked = true;
document.getElementById('lock_v3').checked = false;
stockageToFieldsV3();
}else{
set_v3_cartouche(cveMaxScoreV3);
}
}
function make_display_cartouche_out(item_before){
// variables graphiques
var font_size = "20px" ;
var border_size = "0" ;
var indentation_td = '40px';
document.querySelector("html").setAttribute("xmlns","http://www.w3.org/1999/xhtml");
// autres variables
var list_input = [
{object : "div", id :'div_output', style : "font-size :"+font_size},
{object: "input", parent_id : "div_output", type:"hidden", id: "scriptVersionUsed", value: scriptVersion, class: "only_for_html_export"},
{object : "table", parent_id : "div_output" , id :'cartouche_table', class: "only_for_html_export", style:"display:block;", border: border_size},
{object: "tr", parent_id : "cartouche_table", id: "cartouche_table_tr1"},
{object: "td", parent_id : "cartouche_table_tr1", width: indentation_td, style :"padding-right:10px"},
//{object: "td", parent_id : "cartouche_table_tr1", appendChildText: "Gravité svg", style :"padding-right:10px"},
//{object: "td", parent_id : "cartouche_table_tr1", appendChildText: "Gravité img svg", style :"padding-right:10px"},
{object: "td", parent_id : "cartouche_table_tr1", appendChildText: "Gravité", style :"padding-right:10px"}, //Gravité img png
{object: "td", parent_id : "cartouche_table_tr1", appendChildText: "Score de base", style :"padding-right:10px"},
{object: "td", parent_id : "cartouche_table_tr1", appendChildText: "Score temporel", style :"padding-right:10px"},
{object: "td", parent_id : "cartouche_table_tr1", appendChildText: "Vecteur", style :"padding-right:10px", id : "cartouche_table_tr1_td5"},
{object : "input", parent_id : "cartouche_table_tr1_td5", type : "button", id : 'btn_add_RLof_RCc', size : 3, value : 'Ajouter RL:OF + RC:C', style :"margin-left:10px", class: "avoid_from_selection"},
{object: "tr", parent_id : "cartouche_table", id: "cartouche_table_tr2"},
{object: "td", parent_id : "cartouche_table_tr2", appendChildText: "v2"},
//{object: "td", parent_id : "cartouche_table_tr2", id: "cartouche_table_v2_pictogramme"},
//{object: "svg", parent_id: "cartouche_table_v2_pictogramme", width: "40", height: "40", id: "sous-titre-chart_v2", viewBox: "0 0 80 80"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "0", y: "60", width: "20", height: "20", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "20", y: "40", width: "20", height: "40", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "40", y: "20", width: "20", height: "60", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "60", y: "0", width: "20", height: "80", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "1", y: "67", width: "6", height: "12", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "21", y: "47", width: "6", height: "32", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "41", y: "27", width: "6", height: "52", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "61", y: "7", width: "6", height: "72", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "7", y: "67", width: "6", height: "12", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "27", y: "47", width: "6", height: "32", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "47", y: "27", width: "6", height: "52", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "67", y: "7", width: "6", height: "72", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "13", y: "67", width: "6", height: "12", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "33", y: "47", width: "6", height: "32", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "53", y: "27", width: "6", height: "52", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "rect", parent_id: "sous-titre-chart_v2", x: "73", y: "7", width: "6", height: "72", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "td", parent_id : "cartouche_table_tr2", id: "cartouche_table_v2_pictogramme_image_svg"},
//{object: "img", parent_id : "cartouche_table_v2_pictogramme_image_svg", id: "img_svg_v2", width: "40", height: "40"},
{object: "td", parent_id : "cartouche_table_tr2", id: "cartouche_table_v2_pictogramme_image_png"},
{object: "img", parent_id : "cartouche_table_v2_pictogramme_image_png", id: "img_png_v2", width: "40", height: "40"},
{object: "td", parent_id : "cartouche_table_tr2", id: "display_score_base_v2", appendChildText: "undefined"},
{object: "td", parent_id : "cartouche_table_tr2", id: "display_score_temp_v2", appendChildText: "undefined"},
{object: "td", parent_id : "cartouche_table_tr2", id: "display_vecteur_v2"},
{object: "a", parent_id : "display_vecteur_v2", id: "link_vecteur_v2", target: '_blank', appendChildText: "undefined"},
{object: "input", parent_id : "display_vecteur_v2", type:"text", id: "refCVE_vecteur_v2", class: "only_for_html_export inputTypeTextToHidden", placeholder:"CVE de référence pour ce vecteur", readonly:"readonly", size:"13", title:"La CVE qui correspond au score/vecteur"},
{object: "input", parent_id : "display_vecteur_v2", type:"text", id: "refCVE_vecteur_v2_source", class: "only_for_html_export inputTypeTextToHidden", placeholder:"origine du vecteur", title:"La source qui a fournit le vecteur"},
{object: "input", parent_id : "display_vecteur_v2", type:"text", id: "refCVE_v2_NVDpublishDate", class: "only_for_html_export inputTypeTextToHidden", readonly:"readonly", size:"8", title:"Date de publication sur le site NVD"},
{object: "input", parent_id : "display_vecteur_v2", type:"text", id: "refCVE_v2_NVDmodifiedDate", class: "only_for_html_export inputTypeTextToHidden", readonly:"readonly", size:"8", title:"Date de mise à jour sur le site NVD"},
{object: "input", parent_id : "display_vecteur_v2", type:"text", id: "refCVE_v2_NVDsource", class: "only_for_html_export inputTypeTextToHidden", readonly:"readonly", title:"L'éditeur responsable de la publication sur le site NVD"},
{object: "tr", parent_id : "cartouche_table", id: "cartouche_table_tr3"},
{object: "td", parent_id : "cartouche_table_tr3", appendChildText: "v3.1"},
//{object: "td", parent_id : "cartouche_table_tr3", id: "cartouche_table_v3_pictogramme"},
//{object: "svg", parent_id: "cartouche_table_v3_pictogramme", width: "40", height: "40", id: "sous-titre-chart_v3", viewBox: "0 0 80 80"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "0", y: "60", width: "20", height: "20", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "20", y: "40", width: "20", height: "40", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "40", y: "20", width: "20", height: "60", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "60", y: "0", width: "20", height: "80", stroke: "black", fill: "white", strokewidth: "2", class: "chart_contour"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "1", y: "67", width: "6", height: "12", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "21", y: "47", width: "6", height: "32", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "41", y: "27", width: "6", height: "52", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "61", y: "7", width: "6", height: "72", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_left"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "7", y: "67", width: "6", height: "12", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "27", y: "47", width: "6", height: "32", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "47", y: "27", width: "6", height: "52", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "67", y: "7", width: "6", height: "72", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_center"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "13", y: "67", width: "6", height: "12", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "33", y: "47", width: "6", height: "32", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "53", y: "27", width: "6", height: "52", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "rect", parent_id: "sous-titre-chart_v3", x: "73", y: "7", width: "6", height: "72", stroke: "black", fill: "black", strokewidth: "0", class: "chart_inside_right"},
//{object: "td", parent_id : "cartouche_table_tr3", id: "cartouche_table_v3_pictogramme_image_svg"},
//{object: "img", parent_id : "cartouche_table_v3_pictogramme_image_svg", id: "img_svg_v3", width: "40", height: "40"},
{object: "td", parent_id : "cartouche_table_tr3", id: "cartouche_table_v3_pictogramme_image_png"},
{object: "img", parent_id : "cartouche_table_v3_pictogramme_image_png", id: "img_png_v3", width: "40", height: "40"},
{object: "td", parent_id : "cartouche_table_tr3", id: "display_score_base_v3", appendChildText: "undefined"},
{object: "td", parent_id : "cartouche_table_tr3", id: "display_score_temp_v3", appendChildText: "undefined"},
{object: "td", parent_id : "cartouche_table_tr3", id: "display_vecteur_v3"},
{object: "a", parent_id : "display_vecteur_v3", id: "link_vecteur_v3", target: '_blank', appendChildText: "undefined"},
{object: "input", parent_id : "display_vecteur_v3", type:"text", id: "refCVE_vecteur_v3", class: "only_for_html_export inputTypeTextToHidden", placeholder:"CVE de référence pour ce vecteur", readonly:"readonly", size:"13", title:"La CVE qui correspond au score/vecteur"},
{object: "input", parent_id : "display_vecteur_v3", type:"text", id: "refCVE_vecteur_v3_source", class: "only_for_html_export inputTypeTextToHidden", placeholder:"origine du vecteur", title:"La source qui a fournit le vecteur"},
{object: "input", parent_id : "display_vecteur_v3", type:"text", id: "refCVE_v3_NVDpublishDate", class: "only_for_html_export inputTypeTextToHidden", readonly:"readonly", size:"8", title:"Date de publication sur le site NVD"},
{object: "input", parent_id : "display_vecteur_v3", type:"text", id: "refCVE_v3_NVDmodifiedDate", class: "only_for_html_export inputTypeTextToHidden", readonly:"readonly", size:"8", title:"Date de mise à jour sur le site NVD"},
{object: "input", parent_id : "display_vecteur_v3", type:"text", id: "refCVE_v3_NVDsource", class: "only_for_html_export inputTypeTextToHidden", readonly:"readonly", title:"L'éditeur responsable de la publication sur le site NVD"}
];
if (item_before) {
make_html_from_list_of_dict(item_before, list_input);
}
}
function make_div_Left_content(item_before, arrayOfCVEs = []){
// variables graphiques
var font_size = "20px" ;
var border_size = "1" ;
var indentation_td = '40px';
var id, mapGetNVD, v3_Vector, v2_Vector, v3_BaseScore, v2_BaseScore;
var articleContent = document.getElementsByClassName('content')[0];
articleContent.style = articleContent.style+";float: left;"
// autres variables
var list_input = [
{object : "div", id :'div_CVEs', class: "content", style : "float: left;font-size :"+font_size},
{object: "table", parent_id : "div_CVEs", appendChildText: "Cliquer sur le score pour l'utiliser"},
{object: "table", parent_id : "div_CVEs", appendChildText: "En-tete rouge = travail en cours, vert = fini", id : "pProcessMessage"},
{object: "table", parent_id : "div_CVEs", id: "tableCVEs", border : border_size},
/*{object: "tr", parent_id : "tableCVEs", id: "tableCVEs_Tr_test"},
{object: "td", parent_id : "tableCVEs_Tr_test", id: "tableCVEs_Td_test_CVE"},
{object: "input", type:"text", parent_id : "tableCVEs_Td_test_CVE", id : "tableCVEs_Td_test_CVE_ipt"},
{object: "td", parent_id : "tableCVEs_Tr_test", id: "tableCVEs_Td_test_v2"},
{object: "p", parent_id : ("tableCVEs_Td_test_v2"), id : ("tableCVEs_Td_test_v2_score")},
{object: "input", type:"hidden", parent_id : ("tableCVEs_Td_test_v2"), id : ("tableCVEs_Td_test_v2_vector")},
{object: "td", parent_id : "tableCVEs_Tr_test", id: "tableCVEs_Td_test_v3"},
{object: "p", parent_id : ("tableCVEs_Td_test_v3"), id : ("tableCVEs_Td_test_v3_score")},
{object: "input", type:"hidden", parent_id : ("tableCVEs_Td_test_v3"), id : ("tableCVEs_Td_test_v3_vector")},*/
{object: "tr", parent_id : "tableCVEs", id: "tableCVEs_THs", style : "color:red;"},
{object: "th", parent_id : "tableCVEs_THs", style :"padding-right:10px", appendChildText: "CVE"},
{object: "th", parent_id : "tableCVEs_THs", style :"padding-right:10px", appendChildText: "v2"},
{object: "th", parent_id : "tableCVEs_THs", style :"padding-right:10px", appendChildText: "v3"},
{object: "th", parent_id : "tableCVEs_THs", style :"padding-right:10px", appendChildText: "v3 CNA"},
{object: "th", parent_id : "tableCVEs_THs", style :"padding-right:10px", appendChildText: "Liens", colspan:2}
//{object: "th", parent_id : "tableCVEs_THs", style :"padding-right:10px", appendChildText: "vuldb"}
];
for(var i=0;i<arrayOfCVEs.length;i++){
id = arrayOfCVEs[i];
// récupération des valeurs NVD
list_input.push({object: "tr", parent_id : "tableCVEs", id: "tableCVEs_Tr_"+id});
list_input.push({object: "td", parent_id : "tableCVEs_Tr_"+id, id: "tableCVEs_Td_"+id+"_CVE", appendChildText: id, style : "color:red;"});
list_input.push({object: "input", type:"hidden", parent_id : ("tableCVEs_Td_"+id+"_CVE"), id : ("tableCVEs_Td_"+id+"_NVDpublishDate")});
list_input.push({object: "input", type:"hidden", parent_id : ("tableCVEs_Td_"+id+"_CVE"), id : ("tableCVEs_Td_"+id+"_NVDmodifiedDate")});
list_input.push({object: "input", type:"hidden", parent_id : ("tableCVEs_Td_"+id+"_CVE"), id : ("tableCVEs_Td_"+id+"_NVDsource")});
list_input.push({object: "td", parent_id : "tableCVEs_Tr_"+id, id: "tableCVEs_Td_"+id+"_v2"});
list_input.push({object: "p", parent_id : ("tableCVEs_Td_"+id+"_v2"), id : ("tableCVEs_Td_"+id+"_v2_score")});
list_input.push({object: "input", type:"hidden", parent_id : ("tableCVEs_Td_"+id+"_v2"), id : ("tableCVEs_Td_"+id+"_v2_vector")});
list_input.push({object: "td", parent_id : "tableCVEs_Tr_"+id, id: "tableCVEs_Td_"+id+"_v3"});
list_input.push({object: "p", parent_id : ("tableCVEs_Td_"+id+"_v3"), id : ("tableCVEs_Td_"+id+"_v3_score")});
list_input.push({object: "input", type:"hidden", parent_id : ("tableCVEs_Td_"+id+"_v3"), id : ("tableCVEs_Td_"+id+"_v3_vector")});
list_input.push({object: "td", parent_id : "tableCVEs_Tr_"+id, id: "tableCVEs_Td_"+id+"_v3_CNA"});
list_input.push({object: "p", parent_id : ("tableCVEs_Td_"+id+"_v3_CNA"), id : ("tableCVEs_Td_"+id+"_v3_CNA_score")});
list_input.push({object: "input", type:"hidden", parent_id : ("tableCVEs_Td_"+id+"_v3_CNA"), id : ("tableCVEs_Td_"+id+"_v3_CNA_vector")});
list_input.push({object: "td", parent_id : "tableCVEs_Tr_"+id, id: "tableCVEs_Td_"+id+"_nvd"});
list_input.push({object: "a", parent_id : ("tableCVEs_Td_"+id+"_nvd"), href : 'https://nvd.nist.gov/vuln/detail/'+id, target: "_blank", appendChildText : "NVD"});
//list_input.push({object: "td", parent_id : "tableCVEs_Tr_"+id, id: "tableCVEs_Td_"+id+"_vuldb"});
//list_input.push({object: "a", parent_id : "tableCVEs_Td_"+id+"_vuldb", click : "$('#search_vuldb_'+id).submit();", appendChildText : "vuldb"});
list_input.push({object: "td", parent_id : "tableCVEs_Tr_"+id, id: "tableCVEs_Td_"+id+"_google"});
list_input.push({object: "a", parent_id : "tableCVEs_Td_"+id+"_google", href : 'https://www.google.com/search?q=%22'+id+'%22', target: "_blank", appendChildText : "google"});
}
if (item_before) {
make_html_from_list_of_dict(item_before, list_input);
}
}
function set_visibility_class(classe,visibility){
const items = document.querySelectorAll(classe);
items.forEach(item => {
item.style.display = visibility;
});
}
function get_article_to_string(){
set_visibility_class(".avoid_from_selection","none");
set_visibility_class(".only_for_html_export","none");
set_visibility_class(".avoid_from_selection_but_for_html_export","none");
$('.article').selectText();
var text_article = "";
if (window.getSelection) {
text_article = window.getSelection().toString();
} else if (document.selection && document.selection.type != "Control") {
text_article = document.selection.createRange().text;
}
set_visibility_class(".avoid_from_selection_but_for_html_export","block");
set_visibility_class(".avoid_from_selection","block");
set_visibility_class(".only_for_html_export","block");
document.getSelection().removeAllRanges(); // supprime les selections
return text_article;
}
function get_indent(nb_indent){
var output="";
var indent_text="\t";
nb_indent = (nb_indent<0?0:nb_indent);
for(var i =0 ; i<nb_indent;i++){
output+=indent_text;
}
return output;
}
function get_text_and_child_from_innerHTML(innerHTML,children,indent=0) {
// découpe du texte entre le texte dans des balise et le reste
var regex_balise_html_complete = "<.*?>";
var regex_balise_html_type="(?<=<)(.*?)(?=[ >])",balise_html_type="";
var resultat_regex;
var texte_avant_balise="";
var output="";
var balise_begin=0,balise_end=0;
// parcours pour chaque enfant, rechercher le texte avant
for(var i=0;i<children.length;i++){
balise_html_type = children[i].nodeName.toLowerCase();
regex_balise_html_complete="<"+balise_html_type+".*?>";
//console.log("découpe de "+innerHTML);
resultat_regex = innerHTML.match(regex_balise_html_complete);
//console.log(i+"/"+children.length+" : "+balise_html_type+"\n=>");
//console.log(children);
//console.log(resultat_regex);
// get position start de la balise
balise_begin=resultat_regex.index;
// texte avant balise = substrin(balise_end,balise_begin)
//texte_avant_balise = get_indent(indent)+innerHTML.substring(0,balise_begin); // test de correction de placement de texte interne une balise
texte_avant_balise = innerHTML.substring(0,balise_begin);
// néttoyage si le avant balise est rempli de vide
if(/^\s*$/.test(texte_avant_balise)) { texte_avant_balise = "";}
// get position fin de la balise
balise_end= resultat_regex.index+resultat_regex[0].length+children[i].innerHTML.length; // avant une fermeture de balise eventuelle
//console.log("fin de balise avant fermante : "+balise_end);
innerHTML=innerHTML.substring(balise_end);// avant une fermeture de balise eventuelle
// rechercher une balise fermante
regex_balise_html_complete="</"+balise_html_type+">";
resultat_regex = innerHTML.match(regex_balise_html_complete);
//console.log("recherche "+regex_balise_html_complete+" dans \n"+innerHTML);
//console.log(resultat_regex);
if(resultat_regex){
balise_end=resultat_regex.index+resultat_regex[0].length;
//console.log("a trouver balise fermante: "+resultat_regex.index+" fin de la balise avant fermante : "+balise_end+" ; taille de la balise fermante : "+resultat_regex[0].length+" ==== > "+balise_end);
// reste du texte apres la balise fermante
innerHTML=innerHTML.substring(balise_end);
}
//console.log("texte avant balise : "+texte_avant_balise);
//console.log("texte apres balise fermante eventuelle : \n"+innerHTML);
output += texte_avant_balise;
output += recursive_get_html(children[i],(indent+1));
}
// pour le dernier enfant rechercher le texte après
output+=innerHTML;
return output;
}
function dom_object_attributes_to_string(obj,array_attrib_to_exclude=[]){
var str_obj="", attribut,attribut_name;
// Get object of all {name: value}
const attrs_names = obj.getAttributeNames();
for(var i=0;i<attrs_names.length;i++){
attribut_name = attrs_names[i];
//console.log("attrib: "+attribut_name+" ; val : "+obj.getAttribute(attribut_name));
if(array_attrib_to_exclude.includes(attribut_name)){
// attribut a eviter, on passe à la suite
continue ;
}
attribut = obj.getAttribute(attribut_name);
if(Array.isArray(attribut)) {
str_obj =str_obj + " "+attrs_names[i]+'="';
for(var j=0;j<attribut.length;j++){
str_obj =str_obj +attribut[j]+" "
}
str_obj +='" ';
}else{
str_obj =str_obj + " "+attribut_name+'="'+attribut+'" ';
}
}
// vérification des propriétés qui ne sont pas des attributs
if(obj.value && !(str_obj.includes("value="))){str_obj =str_obj + ' value="'+obj.value+'"';}
return str_obj;
}
function recursive_get_html(dom_object,indent=0) {
var a_exclure=false;
var output="";
var object_type = dom_object.nodeName.toLowerCase();
var tag_begin="";
var tag_end = "";
var indent_text = get_indent(indent);
var temp_value, has_changed;//utilisé pour une alteration le temps de la recuperation du code
var array_attrib_to_exclude=['class', 'style', 'onclick', 'placeholder'];
switch(object_type) {
case 'area':
case 'base':
case 'br':
case 'col':
case 'command':
case 'embed':
case 'hr':
case 'keygen':
case 'link':
case 'meta':
case 'param':
case 'source':
case 'track':
case 'wbr':
tag_begin = indent_text+"<"+object_type+" />\n";
tag_end="";
break;
case "input":
if(dom_object.classList.contains("inputTypeTextToHidden")){
//console.log(dom_object.id+" : "+dom_object.value);
tag_begin = indent_text+"<"+object_type+" "+ ((dom_object_attributes_to_string(dom_object, array_attrib_to_exclude)).replace('type="text"','type="hidden"'))+" />\n";
}else{
tag_begin = indent_text+"<"+object_type+" "+ dom_object_attributes_to_string(dom_object, array_attrib_to_exclude)+" />\n";
}
tag_end="";
break;
case "img":
// modification des sources d'images
has_changed = false;
if(dom_object.getAttribute("id") === "img_png_v2" || dom_object.getAttribute("id") === "img_png_v3") {
temp_value = dom_object.getAttribute("src");
dom_object.setAttribute("src", dom_object.getAttribute("src_portail"));
has_changed = true;
}
tag_begin = indent_text+"<"+object_type+" "+dom_object_attributes_to_string(dom_object)+" />\n";
tag_end="";
if(has_changed) {dom_object.setAttribute("src" ,temp_value);}
break;
case "a" :
// modification des liens pour le portail
has_changed = false;
if(dom_object.getAttribute("id") === "link_vecteur_v2"){
temp_value = dom_object.getAttribute("href");
//dom_object.setAttribute("href", "https://portail-calid.intradef.gouv.fr/index.php/publications/vulnerabilites/calculateur_cvss_v2");
has_changed = true;
}else if(dom_object.getAttribute("id") === "link_vecteur_v3") {
temp_value = dom_object.getAttribute("href");
//dom_object.setAttribute("href", "https://portail-calid.intradef.gouv.fr/index.php/publications/vulnerabilites/calculateur_cvss_v3");
has_changed = true;
}
tag_begin = indent_text+"<"+object_type+" "+dom_object_attributes_to_string(dom_object,array_attrib_to_exclude)+">";
tag_end="</"+object_type+">\n";
//if(has_changed) {dom_object.setAttribute("href" ,temp_value);}
break;
case "svg":
tag_begin = indent_text+"<"+object_type+" "+dom_object_attributes_to_string(dom_object,array_attrib_to_exclude)+">";
tag_end="</"+object_type+">\n";
break;
case "rect":
tag_begin = indent_text+"<"+object_type+" "+dom_object_attributes_to_string(dom_object,array_attrib_to_exclude)+"/>\n";
break;
case 'h1' : //passer les h1 en h3
case 'h2' : //passer les h2 en h3
object_type = 'h3';
// repris de default
tag_begin = indent_text+"<"+object_type+">";
tag_end="</"+object_type+">\n";
// avertissement si pas de break avant default
break;
case "td": // ajouter un espace apres les td
case 'table' : // conserver le style
// repris de default
tag_begin = indent_text+"<"+object_type+" "+dom_object_attributes_to_string(dom_object,['class'])+">";
tag_end="</"+object_type+">\n";//<td> </td>
// avertissement si pas de break avant default
break;
default:
tag_begin = indent_text+"<"+object_type+">";
tag_end="</"+object_type+">\n";
}
if(object_type=="li") {
//console.log(dom_object);
}
// objet a exclure via leur classe
for (var ne_doit_pas_avoir of ['avoid_from_selection','meta-logo','meta-certfr','meta-affaire','meta-pub-date']){ // ,''
a_exclure = a_exclure || dom_object.classList.contains(ne_doit_pas_avoir)
}
if(a_exclure){
// on ne prend pas la section de bas de page
// output devrait etre à "";
} else if (dom_object.classList.contains("post-type-title")){ // remlplacer le titre H2 par un titre H1
output += indent_text+"<h1>"+dom_object.innerText+"</h1>";
}else if(dom_object.children.length>0) {
// enfant, on descend dans l'arborescence html
output += tag_begin;
output += "\n";
//output +=
output += get_text_and_child_from_innerHTML(dom_object.innerHTML,dom_object.children,(indent+1));
output += indent_text;
output += tag_end;
}else{
//console.log(dom_object);
//console.log(dom_object.innerText);
// pas d'enfants, on recupere le innerText
output += tag_begin;
output += dom_object.innerText;
output += tag_end;
//console.log(output);
}
return output;
}
function get_article_to_html(){
set_visibility_class(".avoid_from_selection","none");
set_visibility_class(".only_for_html_export","block");
set_visibility_class(".avoid_from_selection_but_for_html_export","block");
var regexCVE = /^CVE-[0-9]{4}-([0-9]*)$/gi ;
document.getElementById("link_vecteur_v2").href = "/index.php/publications/vulnerabilites/14645-description-et-application-cvss";
document.getElementById("link_vecteur_v3").href = "/index.php/publications/vulnerabilites/14645-description-et-application-cvss";
if(regexCVE.test(document.getElementById("refCVE_vecteur_v2").value)){
document.getElementById("link_vecteur_v2").href = "https://calid-cyberwatch-veille.intradef.gouv.fr/cve_announcements/"+(document.getElementById("refCVE_vecteur_v2").value).toUpperCase();
}
regexCVE = /^CVE-[0-9]{4}-([0-9]*)$/gi ; // repete car bug sinon ????
if(regexCVE.test(document.getElementById("refCVE_vecteur_v3").value)){
document.getElementById("link_vecteur_v3").href = "https://calid-cyberwatch-veille.intradef.gouv.fr/cve_announcements/"+(document.getElementById("refCVE_vecteur_v3").value).toUpperCase();
}
var article = document.querySelector('article');
var code_article = "<!DOCTYPE html>\n" + recursive_get_html(article);
//console.log(article);
//console.log(code_article);
//set_visibility_class(".only_for_html_export","block");
set_visibility_class(".avoid_from_selection","block");
return code_article;
}
function stockageToFieldsV2(){
var referenceANSSI = document.title;
if(GM_getValue(referenceANSSI+".vecteurV2")) {
document.getElementById('lock_v2').checked = false;
update_options(GM_getValue(referenceANSSI+".vecteurV2"));
// lock v2
document.getElementById('lock_v2').checked = true;
}
if(GM_getValue(referenceANSSI+".CVEv2")) document.getElementById("refCVE_vecteur_v2").value = GM_getValue(referenceANSSI+".CVEv2");
if(GM_getValue(referenceANSSI+".vecteurV2Source")) document.getElementById("refCVE_vecteur_v2_source").value = GM_getValue(referenceANSSI+".vecteurV2Source");
if(GM_getValue(referenceANSSI+".refCVE_v2_NVDpublishDate")) document.getElementById("refCVE_v2_NVDpublishDate").value = GM_getValue(referenceANSSI+".refCVE_v2_NVDpublishDate");
if(GM_getValue(referenceANSSI+".refCVE_v2_NVDmodifiedDate")) document.getElementById("refCVE_v2_NVDmodifiedDate").value = GM_getValue(referenceANSSI+".refCVE_v2_NVDmodifiedDate");
if(GM_getValue(referenceANSSI+".refCVE_v2_NVDsource")) document.getElementById("refCVE_v2_NVDsource").value = GM_getValue(referenceANSSI+".refCVE_v2_NVDsource");
}
function stockageToFieldsV3(){
var referenceANSSI = document.title;
if(GM_getValue(referenceANSSI+".vecteurV3")) {
document.getElementById('lock_v3').checked = false;
update_options(GM_getValue(referenceANSSI+".vecteurV3"));
}
if(GM_getValue(referenceANSSI+".vecteurV2") || GM_getValue(referenceANSSI+".vecteurV3")) {
// unlock
//document.getElementById('lock_v2').checked = false;
//document.getElementById('lock_v3').checked = false;
}
if(GM_getValue(referenceANSSI+".CVEv3")) document.getElementById("refCVE_vecteur_v3").value = GM_getValue(referenceANSSI+".CVEv3");
if(GM_getValue(referenceANSSI+".vecteurV3Source")) document.getElementById("refCVE_vecteur_v3_source").value = GM_getValue(referenceANSSI+".vecteurV3Source");
if(GM_getValue(referenceANSSI+".refCVE_v3_NVDpublishDate")) document.getElementById("refCVE_v3_NVDpublishDate").value = GM_getValue(referenceANSSI+".refCVE_v3_NVDpublishDate");
if(GM_getValue(referenceANSSI+".refCVE_v3_NVDmodifiedDate")) document.getElementById("refCVE_v3_NVDmodifiedDate").value = GM_getValue(referenceANSSI+".refCVE_v3_NVDmodifiedDate");
if(GM_getValue(referenceANSSI+".refCVE_v3_NVDsource")) document.getElementById("refCVE_v3_NVDsource").value = GM_getValue(referenceANSSI+".refCVE_v3_NVDsource");
}
function stockageToFields(){
stockageToFieldsV2();
stockageToFieldsV3();
}
function fieldsToStockage(){
var referenceANSSI = document.title;
var titreText = $("h1").text();
titreText = titreText.substr(titreText.indexOf(" ") + 1);
//console.log("fieldsToStockage : CVE "+document.getElementById("refCVE_vecteur_v2").value);
//console.log(document.getElementById("refCVE_vecteur_v2"));
GM_setValue(referenceANSSI+".titre",titreText);
GM_setValue(referenceANSSI+".vecteurV2",document.getElementById("link_vecteur_v2").innerText);
GM_setValue(referenceANSSI+".vecteurV3",document.getElementById("link_vecteur_v3").innerText);
GM_setValue(referenceANSSI+".CVEv2",document.getElementById("refCVE_vecteur_v2").value);
GM_setValue(referenceANSSI+".CVEv3",document.getElementById("refCVE_vecteur_v3").value);
GM_setValue(referenceANSSI+".vecteurV2Source",document.getElementById("refCVE_vecteur_v2_source").value);
GM_setValue(referenceANSSI+".vecteurV3Source",document.getElementById("refCVE_vecteur_v3_source").value);
GM_setValue(referenceANSSI+".refCVE_v2_NVDpublishDate",document.getElementById("refCVE_v2_NVDpublishDate").value);
GM_setValue(referenceANSSI+".refCVE_v2_NVDmodifiedDate",document.getElementById("refCVE_v2_NVDmodifiedDate").value);
GM_setValue(referenceANSSI+".refCVE_v2_NVDsource",document.getElementById("refCVE_v2_NVDsource").value);
GM_setValue(referenceANSSI+".refCVE_v3_NVDpublishDate",document.getElementById("refCVE_v3_NVDpublishDate").value);
GM_setValue(referenceANSSI+".refCVE_v3_NVDmodifiedDate",document.getElementById("refCVE_v3_NVDmodifiedDate").value);
GM_setValue(referenceANSSI+".refCVE_v3_NVDsource",document.getElementById("refCVE_v3_NVDsource").value);
}
// fonction qui anime un message, retourne un interval ID
function waitingAnimation(messageId){
var compteur=0;
var compteurMax=3;
var returnedInterval = setInterval(function intervalAnimation(){
var message = "Chargement des Score NVD "
for(var i=0;i<compteur;i++){
message = message + ". ";
}
document.getElementById(messageId).innerText = message;
compteur+=1;
if(compteur>compteurMax){compteur=0;}
}, 250);
return returnedInterval
}
// FONCTIONS\graphique + alteration de page />
// < FONCTIONS\Click
// < FONCTION\Click\get TXT
$(document).delegate("#txt_gen","click",function(){
var text_article = get_article_to_string();
// remplacer cyberwatch np par cyberwatch dr
//text_article = text_article.replaceAll("cyberwatch.internet.np","calid-cyberwatch-veille.intradef.gouv.fr");
text_article = text_article.replace(/cyberwatch\.internet\.np/g,"calid-cyberwatch-veille.intradef.gouv.fr");
text_article=text_article+"\n\nversion du script d'export utilisée : "+scriptVersion;
text_article=text_article+"\nVecteur cvss V2 ("+document.getElementById("display_score_base_v2").innerText+") CVE : "+document.getElementById("refCVE_vecteur_v2").value+" from source : "+document.getElementById("refCVE_vecteur_v2_source").value+"\n";
text_article+=document.getElementById("link_vecteur_v2").innerText; // ajout du cartouche input
var lines = text_article.split('\n');
lines.splice(1,1);
var output = lines.join('\n');
var title = $("h1").text();
title = title.substr(title.indexOf(" ") + 1);
var filename = '['+document.title+'] - '+title+'.txt';
var a = window.document.createElement('a');
a.href = window.URL.createObjectURL(new Blob([output], {type: 'text/plain'}));
a.download = filename;
document.body.appendChild(a);
a.click();
document.body.removeChild(a);
fieldsToStockage();
});
// FONCTION\Click\get TXT />
// < FONCTION\Click\get HTML
$(document).delegate("#html_gen","click",function(){
//location.href = "javascript:void(update_cartouche_input());";// mise à jour de l'input box (pour eviter le cas d'un collage de code v3 avec l'attribut authentification déja changé
var text_article = get_article_to_html();
// remplacer cyberwatch np par cyberwatch dr
//text_article = text_article.replaceAll("cyberwatch.internet.np","calid-cyberwatch-veille.intradef.gouv.fr");
text_article = text_article.replace(/cyberwatch\.internet\.np/g,"calid-cyberwatch-veille.intradef.gouv.fr");
var lines = text_article.split('\n');
lines.splice(1,1);
var output = lines.join('\n');
var title = $("h1").text();
title = title.substr(title.indexOf(" ") + 1);
var filename = '['+document.title+'] - '+title+'.html';
var a = window.document.createElement('a');
a.href = window.URL.createObjectURL(new Blob([output], {type: 'text/plain'}));
a.download = filename;
document.body.appendChild(a);
a.click();
document.body.removeChild(a);
fieldsToStockage();
});
// FONCTION\Click\get HTML />
// < FONCTIONS\Selection de text
jQuery.fn.selectText = function(){
var doc = document
, element = this[0]
, range, selection
;
if (doc.body.createTextRange) {
range = document.body.createTextRange();
range.moveToElementText(element);
range.select();
} else if (window.getSelection) {
selection = window.getSelection();
range = document.createRange();
range.selectNodeContents(element);
selection.removeAllRanges();
selection.addRange(range);
}
};
// FONCTIONS\Selection de text />
// FONCTIONS\Divers
function dateUStoFR(USdateSTR){
return ((new Date(USdateSTR)).toLocaleDateString("fr"));
}
function getVecteurV2fromStorageAVI(avi){
var vecteur="";
if(GM_getValue(avi+".vecteurV2")) {vecteur=GM_getValue(avi+".vecteurV2");}
return vecteur ;
}
function getVecteurV3fromStorageAVI(avi){
var vecteur="";
if(GM_getValue(avi+".vecteurV3")) {vecteur=GM_getValue(avi+".vecteurV3");}
return vecteur ;
}
function getSourceV2fromStorageAVI(avi){
var vecteur="";
if(GM_getValue(avi+".vecteurV2Source")) {vecteur=GM_getValue(avi+".vecteurV2Source");}
return vecteur ;
}
function getSourceV3fromStorageAVI(avi){
var vecteur="";
if(GM_getValue(avi+".vecteurV3Source")) {vecteur=GM_getValue(avi+".vecteurV3Source");}
return vecteur ;
}
function getCVSS_fromStorage(cveID, field=""){
var avi = "";
var currentKey="";
var currentValue="";
//console.log("AVI : ###########################");
var allValues=GM_listValues();
//console.log(allValues);
for(var i=(allValues.length)-1;i>=0;i--){
currentKey=allValues[i];
if(currentKey.includes(field) && GM_getValue(currentKey)) {
currentValue = GM_getValue(currentKey);
//console.log(currentKey+" : "+GM_getValue(currentKey)+" vs "+cveID);
if(currentValue == cveID){
avi=currentKey.split(".")[0];
break;
}
}
}
//console.log("trouvé : "+avi);
return (avi);
}
function updateClipboard(newClip) {
navigator.clipboard.writeText(newClip).then(function() {
/* le presse-papier est correctement paramétré */
console.log ("clipboard ok");
}, function() {
/* l'écriture dans le presse-papier a échoué */
console.log ("clipboard NOK");
});
}
function getDOMitemFromitems_withASpecificAttribValue(items, attribute, value) {
var itemOut
for(var i=0;i<items.length;i++){
if((items[i]).getAttribute(attribute) == value) {
itemOut = items[i];
break;
}
}
return itemOut;
}
// FONCTIONS\Divers />
// FONCTIONS />
// < MAIN
// Initialisation
make_download_txt(); // crée le bouton de téléchargement au format txt
make_download_html(); // crée le bouton de téléchargement au format html
make_input_cartouche_out(document.getElementsByClassName("toolbox")[0]);
document.getElementById('lock_v2').addEventListener('change', computeCVSS,false);
document.getElementById('lock_v3').addEventListener('change', computeCVSS,false);
document.getElementById('v2boxFromGMstorage').addEventListener('change', updateCartoucheFromStorageOrAutoNVD,false);
document.getElementById('v3boxFromGMstorage').addEventListener('change', updateCartoucheFromStorageOrAutoNVD,false);
add_functions_onchange();
make_display_cartouche_out(document.getElementsByClassName("meta-title")[0]);
add_functions_onclick();
stockageToFields();
computeCVSS();
// récupération des CVE
var CWEs = [];
var CVEs=[];
var regex_CVE = /((CVE)\-([0-9]{4})\-[0-9]*)/g;
$('.article-content li').each(function(){
var find_cve = $(this).text();
if (find_cve.indexOf("Référence CVE") >= 0) {
$(this).css("position","relative");
$(this).find('a:first').css({
'position' : 'absolute',
'right' : '66%'
});
// récupération de l'ID CVE
find_cve = find_cve.replace("http"," http") ;
var cve="";
// renvoie null dans certains cas alors que cela ne devrait pas
// cve = regex_CVE.exec(find_cve);
// cve =(Array.isArray(cve)?cve[0]:0);
// remplacement par :
var a1_txt_cve_space_splitted = find_cve.split(" ");
if (Array.isArray(a1_txt_cve_space_splitted)) {
for (var i = 0; i < a1_txt_cve_space_splitted.length; i++) {
//console.log("test : "+a1_txt_cve_space_splitted[i]);
cve = regex_CVE.exec(a1_txt_cve_space_splitted[i]);
cve =(Array.isArray(cve)?cve[0]:0);
//console.log("temp cve : "+cve);
if(cve) {break;}
}
}
// ajout du lien cyberwatch
//var url_cyberwatch = "https://calid-cyberwatch-veille.intradef.gouv.fr/cve_announcements/"+cve;
var url_cyberwatch = "https://cyberwatch.internet.np/cve_announcements/"+cve;
$(this).append("<br class = 'avoid_from_selection_but_for_html_export' /><a href='"+url_cyberwatch+"' target='_blank' style=' right: 66%;' class='only_for_html_export'>"+url_cyberwatch+"</a>");
// création de la div avec les différents ajouts de score
$(this).append('<div id="' + cve + '" class = "avoid_from_selection"></div>'); // avoid from selection est utilisé dans get_article_to_string pour cacher les div et ainsi pas les enregistrer dans le fichier texte généré
$('#'+cve).css({
'display' : 'inline-flex',
'position' : 'relative',
'left' : '36%'
});
var score_cveD = '<a href="https://www.google.com/search?q=%22'+cve+'%22" target="_blank">Google:'+cve+'</a> '
score_cveD = score_cveD +'<a style="background-color:black" href=https://www.cvedetails.com/cve-details.php?cve_id='+cve+' target="_blank" id="'+cve+'_cveDetails">??</a>';
$('#'+cve).append(score_cveD);
$('#'+cve).append('<span id="'+cve+'_NVD" style="margin-left:20px;"> </span>');
$('#'+cve).append('<span id="'+cve+'_vuldb"><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAIAAAD8GO2jAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAALYSURBVEhL3VRJaFNRFD0qDqjgRhEUEVciKLoRwYULBRFRQRExY5sEimCaEkql4iKtocMmnUQoBAlOCwcCipIIgtJCS+mmi+66y77ddIbSenz3vd+X4f+FpF14OHz+O/e8d/4b/oNvi7HtAcFgsLm5ORaLSTMcDrMZiUTi8XhTU5OIDQ0NFPlsbGzkCz2i10RlQCgUWlhYmJyclGYul9vY2EilUktLS2NjYyL29/dT7OnpGRgY4Et3d7foNVFjiUZGRlZWVvh1fJ+enp6dnfX7/fUMyGQy7MYn12Rtba1QKFCsZwAXd3l5mfMYHh5m/46ODor1DCDGx8fn5+enpqbm5uYCgQAVbszExIRUBwcHOW5XV9e/BwwNDbEnUSwWRZmZmeFmtLS0cG9GR0fX19cTiYQEZLPZJwrJZFLMNmoHRKPR1dVVdu7s7BQlnU4vLi5S4dBEPp+nKAEOSqWSmG3UDiBaW1vb29t5fnTb5+PP0dvb29fXx3k4Cj0O2EV0G64B9QJObzGwTQgBj6oYBq4A+7VlE8eqnMIYcBs4oV3l+Az8dmFBJe3Sxr84X+Wx+QtIAju018AjQJiy+tgBHE7oKMJr2mvgBCSAC4qX1Lp9svrc0d6ygCPAXsUDwEXgi9Gfaq+BE3BPCxqHgDem9AHYqUQ7gAYb/D7ROeMyuAUQl02JlEPnEZA2+gMtGHgE7AF+mupNpdgBQeC+IkfkV4v4AtinnJvwCCA+mqpPNe2Aan5Tk66Ed8B7U32omnbAW+C14VdL58zK4BHAjf1uqteV4rYHdPqNzlXlAduER8A5UyJPKcVjk/k/Fk3pqtYU3AJ4wF+a0jvzr3kE7AZ+mJKcCA0n4DFwVpGj3AJeGZ28ob1lAYfVMRMeBdqs0hltV3AC3PjM5apwY6biOvII4GXHO0P+YYF3AO+l58BB7TWIAPFycq2i6s6qtALHq8xC3th3gZPa9Z8A+AMBzN5j3/tukQAAAABJRU5ErkJggg==" width="22" height="22" style="margin: 0 0 3px 20px"><form id="search_vuldb_'+cve+'" action="https://vuldb.com/?search#footerdetails" method="post" target="_blank"><input name="search" type="hidden" value="'+cve+'"></form></span>');
$('#'+cve).append('<span id="'+cve+'_sourceclear" style="margin-left:20px;"> <a href="https://www.sourceclear.com/vulnerability-database/search#query='+cve+' type:vulnerability" target="_blank"><img src="https://www.sourceclear.com/vulnerability-database/images/vcfavicon.ico" width="22" height="22"></a> </span>');
$('#'+cve).append('<span id="'+cve+'_circl" style="margin-left:20px;"> <a href="https://cve.circl.lu/cve/'+cve+'" target="_blank"><img src="https://cve.circl.lu/static/img/favicon.ico" width="22" height="22"></a> </span>');
$("#"+cve+"_vuldb").mousedown(function(event) {
switch (event.which) {
case 1: // Left
$('#'+cve+'_vuldb').children(":first").css({
'outline-style' : 'solid',
'outline-width' : '3px',
'outline-color' : '#2860ff'
});
$(document).delegate("#"+cve+"_vuldb","click",function(){
$('#search_vuldb_'+cve).submit();
});
break;
case 2: // Middle
$('#'+cve+'_vuldb').children(":first").removeAttr('style');
$('#'+cve+'_vuldb').children(":first").css("margin","0 0 3px 20px");
break;
case 3: // Right
$('#'+cve+'_vuldb').children(":first").css("filter","invert(1)");
break;
}
});
//getCyberwatchScore(cve);
get_score(cve);
CVEs.push(cve);
//get_vuldb(cve[2]);
}
});
// ajout du tableau des CVE à gauche du content
make_div_Left_content(document.getElementById('header'),CVEs);
compteurCVEtoLoad = CVEs.length;
compteurCVEloaded = 0;
var intervalAnimation = waitingAnimation("pProcessMessage"); // pour exemple d'animation, utiliser l'avis https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-615/ et commenter le test d'abscence de CVE
for(var j=0;j<CVEs.length;j++){ get_NVD(CVEs[j], intervalAnimation);}
add_functions_onclick_arrayOfCVE(CVEs);
if(CVEs.length<=0) {
clearInterval(intervalAnimation);
document.getElementById("pProcessMessage").innerText = "Pas de CVE"
document.getElementById("tableCVEs_THs").style.color = "green";
document.getElementById("refCVE_vecteur_v2_source").value = "Pas de CVE"
document.getElementById("refCVE_vecteur_v3_source").value = "Pas de CVE"
}
if(CVEs.length==1){
document.getElementById('refCVE_vecteur_v2').value = CVEs[0];
document.getElementById('refCVE_vecteur_v3').value = CVEs[0];
}
getCVSS_fromStorage("CVE-2022-1012", "CVEv2");
// MAIN />
})();
