Documentation ¶
Index ¶
- Constants
- func NamespaceForFeedGroup(feed, group string) (string, error)
- func RecordSource(feed, group string) string
- type Cvss
- type ID
- type IDReader
- type IDWriter
- type Store
- type StoreReader
- type StoreWriter
- type Vulnerability
- type VulnerabilityMetadata
- type VulnerabilityMetadataStore
- type VulnerabilityMetadataStoreReader
- type VulnerabilityMetadataStoreWriter
- type VulnerabilityStore
- type VulnerabilityStoreReader
- type VulnerabilityStoreWriter
Constants ¶
View Source
const (
NVDNamespace = "nvd"
)
View Source
const SchemaVersion = 1
View Source
const VulnerabilityStoreFileName = "vulnerability.db"
Variables ¶
This section is empty.
Functions ¶
func NamespaceForFeedGroup ¶
func RecordSource ¶
Types ¶
type Cvss ¶
type Cvss struct { BaseScore float64 // Ranges from 0 - 10 and defines for qualities intrinsic to a vulnerability ExploitabilityScore float64 // Indicator of how easy it may be for an attacker to exploit a vulnerability ImpactScore float64 // Representation of the effects of an exploited vulnerability relative to compromise in confidentiality, integrity, and availability Vector string // A textual representation of the metric values used to determine the score }
Cvss contains select Common Vulnerability Scoring System fields for a vulnerability.
type ID ¶
type ID struct { // BuildTimestamp is the timestamp used to define the age of the DB, ideally including the age of the data // contained in the DB, not just when the DB file was created. BuildTimestamp time.Time SchemaVersion int }
ID represents identifying information for a DB and the data it contains.
type Store ¶ added in v0.35.0
type Store interface { StoreReader StoreWriter }
type StoreReader ¶ added in v0.35.0
type StoreReader interface { IDReader VulnerabilityStoreReader VulnerabilityMetadataStoreReader }
type StoreWriter ¶ added in v0.35.0
type StoreWriter interface { IDWriter VulnerabilityStoreWriter VulnerabilityMetadataStoreWriter }
type Vulnerability ¶
type Vulnerability struct { ID string // The identifier of the vulnerability or advisory RecordSource string // The source of the vulnerability information PackageName string // The name of the package that is vulnerable Namespace string // The ecosystem where the package resides VersionConstraint string // The version range which the given package is vulnerable VersionFormat string // The format which all version fields should be interpreted as CPEs []string // The CPEs which are considered vulnerable ProxyVulnerabilities []string // IDs of other Vulnerabilities that are related to this one (this is how advisories relate to CVEs) FixedInVersion string // The version which this particular vulnerability was fixed in }
Vulnerability represents the minimum data fields necessary to perform package-to-vulnerability matching. This can represent a CVE, 3rd party advisory, or any source that relates back to a CVE.
type VulnerabilityMetadata ¶
type VulnerabilityMetadata struct { ID string // The identifier of the vulnerability or advisory RecordSource string // The source of the vulnerability information Severity string // How severe the vulnerability is (valid values are defined by upstream sources currently) Links []string // URLs to get more information about the vulnerability or advisory Description string // Description of the vulnerability CvssV2 *Cvss // Common Vulnerability Scoring System V2 values CvssV3 *Cvss // Common Vulnerability Scoring System V3 values }
VulnerabilityMetadata represents all vulnerability data that is not necessary to perform package-to-vulnerability matching.
type VulnerabilityMetadataStore ¶
type VulnerabilityMetadataStore interface { VulnerabilityMetadataStoreReader VulnerabilityMetadataStoreWriter }
type VulnerabilityMetadataStoreReader ¶
type VulnerabilityMetadataStoreReader interface {
GetVulnerabilityMetadata(id, recordSource string) (*VulnerabilityMetadata, error)
}
type VulnerabilityMetadataStoreWriter ¶
type VulnerabilityMetadataStoreWriter interface {
AddVulnerabilityMetadata(metadata ...VulnerabilityMetadata) error
}
type VulnerabilityStore ¶
type VulnerabilityStore interface { VulnerabilityStoreReader VulnerabilityStoreWriter }
type VulnerabilityStoreReader ¶
type VulnerabilityStoreReader interface { // GetVulnerability retrieves vulnerabilities associated with a namespace and a package name GetVulnerability(namespace, name string) ([]Vulnerability, error) }
type VulnerabilityStoreWriter ¶
type VulnerabilityStoreWriter interface { // AddVulnerability inserts a new record of a vulnerability into the store AddVulnerability(vulnerabilities ...Vulnerability) error }
Source Files ¶
Click to show internal directories.
Click to hide internal directories.