vulnerability

package
v0.0.0-...-56579fc Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 23, 2024 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source
const NVDVulnDetailBaseURL = "https://nvd.nist.gov/vuln/detail/"

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthInfo

type AuthInfo struct {
	Key *string `json:"key,omitempty"`
}

type CVSS

type CVSS struct {
	V2Vector string  `json:"V2Vector,omitempty"`
	V3Vector string  `json:"V3Vector,omitempty"`
	V2Score  float64 `json:"V2Score,omitempty"`
	V3Score  float64 `json:"V3Score,omitempty"`
}

type Cleaner

type Cleaner struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityCleaner

func NewVulnerabilityCleaner(log *logp.Logger, provider SnapshotCleaner) Cleaner

func (Cleaner) CleanSnapshots

func (f Cleaner) CleanSnapshots(ctx context.Context)

func (Cleaner) GetChan

func (f Cleaner) GetChan() chan []ec2.EBSSnapshot

type CloudSection

type CloudSection struct {
	Service          Service           `json:"service,omitempty"`
	Machine          Machine           `json:"machine,omitempty"`
	Tags             map[string]string `json:"Tags,omitempty"`
	AvailabilityZone *string           `json:"availability_zone,omitempty"`
	Region           string            `json:"region,omitempty"`
	Instance         Instance          `json:"instance,omitempty"`
	Security         Security          `json:"Security,omitempty"`
}

We aren't using the cloud processor here because we want to assign information regarding the scanned resource and not the scanner

type DataSource

type DataSource struct {
	ID   dbTypes.SourceID `json:",omitempty"`
	Name string           `json:",omitempty"`
	URL  string           `json:",omitempty"`
}

type Enricher

type Enricher interface {
	EnrichEvent(event *beat.Event) error
}

type EventsCreator

type EventsCreator struct {
	// contains filtered or unexported fields
}

func (EventsCreator) CreateEvents

func (e EventsCreator) CreateEvents(ctx context.Context, scanResults chan []Result)

TODO: Replace sequence with more generic approach

func (EventsCreator) GetChan

func (e EventsCreator) GetChan() chan []beat.Event

type HostSection

type HostSection struct {
	Architecture string `json:"architecture,omitempty"`
	Os           Os     `json:"os,omitempty"`
	Name         string `json:"name,omitempty"`
}

We aren't using the cloud processor here because we want to assign information regarding the scanned resource and not the scanner

type Instance

type Instance struct {
	Id   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

type Machine

type Machine struct {
	Type           string     `json:"type,omitempty"`
	Authentication AuthInfo   `json:"Authentication,omitempty"`
	LaunchTime     *time.Time `json:"Launch_time,omitempty"`
	Image          *string    `json:"Image,omitempty"`
}

type MockEnricher

type MockEnricher struct {
	mock.Mock
}

MockEnricher is an autogenerated mock type for the Enricher type

func NewMockEnricher

func NewMockEnricher(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockEnricher

NewMockEnricher creates a new instance of MockEnricher. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockEnricher) EXPECT

func (_m *MockEnricher) EXPECT() *MockEnricher_Expecter

func (*MockEnricher) EnrichEvent

func (_m *MockEnricher) EnrichEvent(event *beat.Event) error

EnrichEvent provides a mock function with given fields: event

type MockEnricher_EnrichEvent_Call

type MockEnricher_EnrichEvent_Call struct {
	*mock.Call
}

MockEnricher_EnrichEvent_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'EnrichEvent'

func (*MockEnricher_EnrichEvent_Call) Return

func (*MockEnricher_EnrichEvent_Call) Run

func (*MockEnricher_EnrichEvent_Call) RunAndReturn

type MockEnricher_Expecter

type MockEnricher_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockEnricher_Expecter) EnrichEvent

func (_e *MockEnricher_Expecter) EnrichEvent(event interface{}) *MockEnricher_EnrichEvent_Call

EnrichEvent is a helper method to define mock.On call

  • event *beat.Event

type MockSnapshotCleaner

type MockSnapshotCleaner struct {
	mock.Mock
}

MockSnapshotCleaner is an autogenerated mock type for the SnapshotCleaner type

func NewMockSnapshotCleaner

func NewMockSnapshotCleaner(t interface {
	mock.TestingT
	Cleanup(func())
}) *MockSnapshotCleaner

NewMockSnapshotCleaner creates a new instance of MockSnapshotCleaner. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. The first argument is typically a *testing.T value.

func (*MockSnapshotCleaner) DeleteSnapshot

func (_m *MockSnapshotCleaner) DeleteSnapshot(ctx context.Context, snapshot ec2.EBSSnapshot) error

DeleteSnapshot provides a mock function with given fields: ctx, snapshot

func (*MockSnapshotCleaner) EXPECT

type MockSnapshotCleaner_DeleteSnapshot_Call

type MockSnapshotCleaner_DeleteSnapshot_Call struct {
	*mock.Call
}

MockSnapshotCleaner_DeleteSnapshot_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'DeleteSnapshot'

func (*MockSnapshotCleaner_DeleteSnapshot_Call) Return

func (*MockSnapshotCleaner_DeleteSnapshot_Call) Run

func (*MockSnapshotCleaner_DeleteSnapshot_Call) RunAndReturn

type MockSnapshotCleaner_Expecter

type MockSnapshotCleaner_Expecter struct {
	// contains filtered or unexported fields
}

func (*MockSnapshotCleaner_Expecter) DeleteSnapshot

func (_e *MockSnapshotCleaner_Expecter) DeleteSnapshot(ctx interface{}, snapshot interface{}) *MockSnapshotCleaner_DeleteSnapshot_Call

DeleteSnapshot is a helper method to define mock.On call

  • ctx context.Context
  • snapshot ec2.EBSSnapshot

type NetworkSection

type NetworkSection struct {
	PrivateIp    *string  `json:"Private_ip,omitempty"`
	PublicIp     *string  `json:"Public_ip,omitempty"`
	MacAddresses []string `json:"Mac_addresses,omitempty"`
}

type Os

type Os struct {
	Platform *string `json:"platform,omitempty"`
}

type Package

type Package struct {
	Version      string `json:"version,omitempty"`
	Name         string `json:"name,omitempty"`
	Type         string `json:"type,omitempty"`
	Path         string `json:"path,omitempty"`
	FixedVersion string `json:"fixed_version,omitempty"`
}

type Resource

type Resource struct {
	ID   string `json:"id"`
	Name string `json:"name,omitempty"`
}

Deprecated field Resource transferred to Cloud and Host sections

type Result

type Result struct {
	// contains filtered or unexported fields
}

type Scanner

type Scanner struct {
	Version string `json:"version,omitempty"`
	Vendor  string `json:"vendor,omitempty"`
}

type Score

type Score struct {
	Base    float64 `json:"base,omitempty"`
	Version string  `json:"version,omitempty"`
}

type Security

type Security struct {
	SecurityGroups []ec2.SecurityGroupInfo `json:"security_groups,omitempty"`
}

type Service

type Service struct {
	Name string `json:"name,omitempty"`
}

type SnapshotCleaner

type SnapshotCleaner interface {
	DeleteSnapshot(ctx context.Context, snapshot ec2.EBSSnapshot) error
}

type VendorCVSS

type VendorCVSS map[dbTypes.SourceID]CVSS

type Vulnerability

type Vulnerability struct {
	Cvss           VendorCVSS  `json:"cvss,omitempty"`
	DataSource     *DataSource `json:"data_source,omitempty"`
	Scanner        Scanner     `json:"scanner,omitempty"`
	Score          Score       `json:"score,omitempty"`
	Package        Package     `json:"package,omitempty"`
	Cwe            []string    `json:"cwe,omitempty"`
	ID             string      `json:"id,omitempty"`
	Title          string      `json:"title,omitempty"`
	Enumeration    string      `json:"enumeration,omitempty"`
	Reference      string      `json:"reference,omitempty"`
	Description    string      `json:"description,omitempty"`
	Severity       string      `json:"severity,omitempty"`
	Classification string      `json:"classification,omitempty"`
	PublishedDate  *time.Time  `json:"published_date,omitempty"`
	ReportId       int64       `json:"report_id,omitempty"`
	// Deprecated field Class renamed to Category
	Class    trivyTypes.ResultClass `json:"class,omitempty"`
	Category trivyTypes.ResultClass `json:"category,omitempty"`
}

type VulnerabilityFetcher

type VulnerabilityFetcher struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityFetcher

func NewVulnerabilityFetcher(log *logp.Logger, provider instancesProvider) VulnerabilityFetcher

func (VulnerabilityFetcher) FetchInstances

func (f VulnerabilityFetcher) FetchInstances(ctx context.Context) error

func (VulnerabilityFetcher) GetChan

func (f VulnerabilityFetcher) GetChan() chan *ec2.Ec2Instance

type VulnerabilityReplicator

type VulnerabilityReplicator struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityReplicator

func NewVulnerabilityReplicator(log *logp.Logger, provider replicatorProvider) VulnerabilityReplicator

func (VulnerabilityReplicator) GetChan

func (f VulnerabilityReplicator) GetChan() chan ec2.EBSSnapshot

func (VulnerabilityReplicator) SnapshotInstance

func (f VulnerabilityReplicator) SnapshotInstance(ctx context.Context, insCh chan *ec2.Ec2Instance) []ec2.EBSSnapshot

type VulnerabilityRunner

type VulnerabilityRunner struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityRunner

func NewVulnerabilityRunner(ctx context.Context, log *logp.Logger) (VulnerabilityRunner, error)

func (VulnerabilityRunner) GetRunner

func (f VulnerabilityRunner) GetRunner() artifact.Runner

type VulnerabilityScanner

type VulnerabilityScanner struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityScanner

func NewVulnerabilityScanner(log *logp.Logger, runner runnerInterface, c *cb_config.Config, seq time.Time) (VulnerabilityScanner, error)

TODO: Replace sequence with more generic approach

func (VulnerabilityScanner) GetChan

func (f VulnerabilityScanner) GetChan() chan []Result

func (VulnerabilityScanner) ScanSnapshot

func (f VulnerabilityScanner) ScanSnapshot(ctx context.Context, snapCh chan ec2.EBSSnapshot)

type VulnerabilityVerifier

type VulnerabilityVerifier struct {
	// contains filtered or unexported fields
}

func NewVulnerabilityVerifier

func NewVulnerabilityVerifier(log *logp.Logger, provider snapshotProvider) VulnerabilityVerifier

func (VulnerabilityVerifier) GetChan

func (f VulnerabilityVerifier) GetChan() chan ec2.EBSSnapshot

func (VulnerabilityVerifier) VerifySnapshot

func (f VulnerabilityVerifier) VerifySnapshot(ctx context.Context, snapCh chan ec2.EBSSnapshot)

TODO: Maybe verify more than one snapshot

type VulnerabilityWorker

type VulnerabilityWorker struct {
	// contains filtered or unexported fields
}

func (*VulnerabilityWorker) GetChan

func (f *VulnerabilityWorker) GetChan() chan []beat.Event

func (*VulnerabilityWorker) Run

func (f *VulnerabilityWorker) Run(ctx context.Context)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL