v1

package
v0.65.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 31, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source
const (
	NVDNamespace = "nvd"
)
View Source
const SchemaVersion = 1
View Source
const VulnerabilityStoreFileName = "vulnerability.db"

Variables

This section is empty.

Functions

func NamespaceForFeedGroup

func NamespaceForFeedGroup(feed, group string) (string, error)

func RecordSource

func RecordSource(feed, group string) string

Types

type Cvss

type Cvss struct {
	BaseScore           float64 // Ranges from 0 - 10 and defines for qualities intrinsic to a vulnerability
	ExploitabilityScore float64 // Indicator of how easy it may be for an attacker to exploit a vulnerability
	ImpactScore         float64 // Representation of the effects of an exploited vulnerability relative to compromise in confidentiality, integrity, and availability
	Vector              string  // A textual representation of the metric values used to determine the score
}

Cvss contains select Common Vulnerability Scoring System fields for a vulnerability.

type ID

type ID struct {
	// BuildTimestamp is the timestamp used to define the age of the DB, ideally including the age of the data
	// contained in the DB, not just when the DB file was created.
	BuildTimestamp time.Time
	SchemaVersion  int
}

ID represents identifying information for a DB and the data it contains.

func NewID

func NewID(age time.Time) ID

type IDReader

type IDReader interface {
	GetID() (*ID, error)
}

type IDWriter

type IDWriter interface {
	SetID(ID) error
}

type Store added in v0.35.0

type Store interface {
	StoreReader
	StoreWriter
}

type StoreReader added in v0.35.0

type StoreWriter added in v0.35.0

type StoreWriter interface {
	IDWriter
	VulnerabilityStoreWriter
	VulnerabilityMetadataStoreWriter
	Close()
}

type Vulnerability

type Vulnerability struct {
	ID                   string   // The identifier of the vulnerability or advisory
	RecordSource         string   // The source of the vulnerability information
	PackageName          string   // The name of the package that is vulnerable
	Namespace            string   // The ecosystem where the package resides
	VersionConstraint    string   // The version range which the given package is vulnerable
	VersionFormat        string   // The format which all version fields should be interpreted as
	CPEs                 []string // The CPEs which are considered vulnerable
	ProxyVulnerabilities []string // IDs of other Vulnerabilities that are related to this one (this is how advisories relate to CVEs)
	FixedInVersion       string   // The version which this particular vulnerability was fixed in
}

Vulnerability represents the minimum data fields necessary to perform package-to-vulnerability matching. This can represent a CVE, 3rd party advisory, or any source that relates back to a CVE.

type VulnerabilityMetadata

type VulnerabilityMetadata struct {
	ID           string   // The identifier of the vulnerability or advisory
	RecordSource string   // The source of the vulnerability information
	Severity     string   // How severe the vulnerability is (valid values are defined by upstream sources currently)
	Links        []string // URLs to get more information about the vulnerability or advisory
	Description  string   // Description of the vulnerability
	CvssV2       *Cvss    // Common Vulnerability Scoring System V2 values
	CvssV3       *Cvss    // Common Vulnerability Scoring System V3 values
}

VulnerabilityMetadata represents all vulnerability data that is not necessary to perform package-to-vulnerability matching.

type VulnerabilityMetadataStoreReader

type VulnerabilityMetadataStoreReader interface {
	GetVulnerabilityMetadata(id, recordSource string) (*VulnerabilityMetadata, error)
}

type VulnerabilityMetadataStoreWriter

type VulnerabilityMetadataStoreWriter interface {
	AddVulnerabilityMetadata(metadata ...VulnerabilityMetadata) error
}

type VulnerabilityStore

type VulnerabilityStore interface {
	VulnerabilityStoreReader
	VulnerabilityStoreWriter
}

type VulnerabilityStoreReader

type VulnerabilityStoreReader interface {
	// GetVulnerability retrieves vulnerabilities associated with a namespace and a package name
	GetVulnerability(namespace, name string) ([]Vulnerability, error)
}

type VulnerabilityStoreWriter

type VulnerabilityStoreWriter interface {
	// AddVulnerability inserts a new record of a vulnerability into the store
	AddVulnerability(vulnerabilities ...Vulnerability) error
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL