CVSS 3.1 Vector Scorer
Pricing
Pay per usage
CVSS 3.1 Vector Scorer
Deterministic CVSS 3.1 base-score calculator. Parses one or many CVSS:3.1 vector strings and returns the base score and severity rating per the official CVSS 3.1 specification. Pure code, no AI, no external API.
Pricing
Pay per usage
Rating
0.0
(0)
Developer
Ahmed Moussa
Maintained by CommunityActor stats
0
Bookmarked
2
Total users
1
Monthly active users
11 days ago
Last modified
Categories
Share
Deterministic CVSS 3.1 base-score calculator as an Apify actor.
What it does
Give it one or many CVSS:3.1/... vector strings; it returns the base score (0.0-10.0) and the severity rating (None / Low / Medium / High / Critical) computed by the official CVSS 3.1 formula.
- Pure code — no AI, no external API, no database. Same input always yields the same output.
- Zero idle cost — the actor only runs (and only computes) when you invoke it.
Input
{"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","vectors": ["CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N"]}
| Field | Type | Description |
|---|---|---|
vector | string | A single CVSS 3.1 vector string. |
vectors | array | Optional list of additional vectors (scored in addition to vector). |
Output (one dataset item per vector)
{"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","valid": true,"base_score": 9.8,"severity": "Critical","metrics": { "attack_vector": "N", "...": "..." }}
Invalid vector strings return {"valid": false, "error": "..."} rather than failing the run.
Use cases
- Batch-score CVSS vectors from a vulnerability scanner or advisory feed.
- Add a deterministic, auditable CVSS base-score step to a security pipeline.
- Validate / normalize CVSS 3.1 vector strings and get their severity bucket.
How it works (deterministic, code-only)
The vector string is parsed into its base metrics (AV, AC, PR, UI, S, C, I, A) and the official CVSS 3.1 base-score equations are applied in pure code. There is no AI, no network call and no state — the same vector always returns the same score.
Limitations (honest)
- Computes the base score only (no Temporal or Environmental metrics).
- CVSS 3.1 vectors only; other versions return
{"valid": false}. - Invalid vectors are reported per-item, never crashing the whole run.
