Skip to main content

Render CVSS vulnerability vectors as expressive SVG glyphs

Project description

vulnsig-py

Render CVSS vulnerability vectors as expressive SVG glyphs. Each glyph encodes all base metrics visually with shape, color, rings, and texture, so vulnerabilities are recognizable at a glance.

Supports CVSS 4.0, 3.1, 3.0, and 2.0.

Visit vulnsig.io to interactively explore CVSS glyph configurations and recent or well-known CVE vector glyphs.

Install

pip install vulnsig

Usage

from vulnsig import render_glyph

svg = render_glyph("CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H")

# override the score (e.g. if you already have it)
svg = render_glyph("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", score=10.0)

# control rendered size in pixels (default 120)
svg = render_glyph("CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", size=64)

render_glyph returns an SVG string ready to embed in HTML or write to a file.

Examples

CVSS 4.0

Glyph Name Vector Score
Log4Shell AV:N AC:L AT:N PR:N UI:N VC:H VI:H VA:H SC:H SI:H SA:H 10.0
EternalBlue AV:N AC:L AT:N PR:N UI:N VC:H VI:H VA:H SC:N SI:N SA:N 9.3
Heartbleed AV:N AC:L AT:N PR:N UI:N VC:H VI:N VA:N SC:L SI:N SA:N 8.7
Spectre AV:L AC:H AT:P PR:L UI:N VC:H VI:N VA:N SC:H SI:N SA:N 5.6
XSS Stored AV:N AC:L AT:N PR:L UI:P VC:L VI:L VA:N SC:N SI:N SA:N 5.1
USB Drop AV:P AC:L AT:N PR:N UI:N VC:H VI:H VA:H SC:N SI:N SA:N 7.3

CVSS 3.x

Glyph Name Vector Score
Log4Shell AV:N AC:L PR:N UI:N S:C C:H I:H A:H 10.0
XSS Reflected AV:N AC:L PR:N UI:R S:C C:L I:L A:N 6.1

Visual encoding

Each metric maps to a distinct visual channel:

Metric Channel
Score Hue — yellow (low) → orange → dark red (high)
AV Star points — N=8, A=6, L=4, P=3
AC Star pointiness — L=sharp, H=blunt
AT Ring segmentation — N=solid, P=cut pattern
PR Star outline — N=none, L=thin, H=thick
UI Perimeter — N=spikes, P=bumps, A=clean
VC/VI/VA Inner ring brightness per sector
SC/SI/SA Outer ring band (split when any > 0)

Requirements

Python 3.10+

What Is New in VulnSig

2.0.0

Support for CVSS 2.0.

1.3.0

Added rendering of Exploit Maturity.

Improved rendering of PR.

1.2.0

Improved glyph rendering over diverse backgrounds.

Extension to the public interface.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vulnsig-2.0.0.tar.gz (12.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vulnsig-2.0.0-py3-none-any.whl (10.4 kB view details)

Uploaded Python 3

File details

Details for the file vulnsig-2.0.0.tar.gz.

File metadata

  • Download URL: vulnsig-2.0.0.tar.gz
  • Upload date:
  • Size: 12.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vulnsig-2.0.0.tar.gz
Algorithm Hash digest
SHA256 e4ec3513292f2596f32a9048284776d6d9db95acd6870ff6c0144341d391431a
MD5 33d5351901ec562c34872de02d954232
BLAKE2b-256 0be5a00086c770ba718c460371655f16e75b97cef810a0a9b5a3bbe43d6a6bb4

See more details on using hashes here.

File details

Details for the file vulnsig-2.0.0-py3-none-any.whl.

File metadata

  • Download URL: vulnsig-2.0.0-py3-none-any.whl
  • Upload date:
  • Size: 10.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for vulnsig-2.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 690396048da1b020c01be0dd1158e45986ae9716fc3ef2227246f9b896a81131
MD5 c5a6fd14285950477a500c904711d6a0
BLAKE2b-256 0edad9e04edca2ee340a2e89792f2132cf188b1a1ca10be403b283662ea7bb55

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page