Documentation
¶
Overview ¶
Package nvdxml provides a parser for the NVD XML feed format.
Index ¶
- func Parse(in io.Reader) ([]nvdcommon.CVEItem, error)
- func Reparse(xmlEntries []*Entry) []nvdcommon.CVEItem
- func ReparseLogicalTest(lt *LogicalTestType)
- func ReparsePlatformSpecification(ps *PlatformSpecificationType)
- func ReparsePlatformSpecifications(pss []*PlatformSpecificationType) []nvdcommon.LogicalTest
- type CWEType
- type Entry
- type FactRefType
- type LogicalTestType
- func (lt *LogicalTestType) CPEs() []*wfn.Attributes
- func (lt *LogicalTestType) InnerTests() []nvdcommon.LogicalTest
- func (lt *LogicalTestType) LogicalOperator() string
- func (lt *LogicalTestType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool
- func (lt *LogicalTestType) NegateIfNeeded(b bool) bool
- func (t *LogicalTestType) String() string
- type NVDFeed
- type NamePattern
- type OperatorString
- type PlatformBaseType
- func (pb *PlatformBaseType) CPEs() []*wfn.Attributes
- func (pb *PlatformBaseType) InnerTests() []nvdcommon.LogicalTest
- func (pb *PlatformBaseType) LogicalOperator() string
- func (pb *PlatformBaseType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool
- func (pb *PlatformBaseType) NegateIfNeeded(b bool) bool
- type PlatformSpecificationType
- func (ps *PlatformSpecificationType) CPEs() []*wfn.Attributes
- func (ps *PlatformSpecificationType) InnerTests() []nvdcommon.LogicalTest
- func (ps *PlatformSpecificationType) LogicalOperator() string
- func (ps *PlatformSpecificationType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool
- func (ps *PlatformSpecificationType) NegateIfNeeded(b bool) bool
- type TextType
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Reparse ¶
Reparse transforms set of structure parsed from XML vulnerability feed into compartible set of interfaces
func ReparseLogicalTest ¶
func ReparseLogicalTest(lt *LogicalTestType)
ReparseLogicalTest populates internal slice of LogicalTest interfaces with typecasted children LogicalTest fields.
func ReparsePlatformSpecification ¶
func ReparsePlatformSpecification(ps *PlatformSpecificationType)
ReparsePlatformSpecification ensures that children interface holders of the structure are populated with corresponding interfaces.
func ReparsePlatformSpecifications ¶
func ReparsePlatformSpecifications(pss []*PlatformSpecificationType) []nvdcommon.LogicalTest
ReparsePlatformSpecifications transfoms slice of *PlatformSpecificationType to slice of LogicalTest interfaces. Processes the fields of PlatformSpecificationType structure recursively, doing necessary transformations.
Types ¶
type Entry ¶
type Entry struct {
ID string `xml:"id,attr"`
Configuration []*PlatformSpecificationType `xml:"vulnerable-configuration"`
CVE string `xml:"cve-id"`
CWEs []*CWEType `xml:"cwe"`
CVSSscore float64 `xml:"cvss>base_metrics>score"`
// contains filtered or unexported fields
}
Entry represents a CVE entry
func (*Entry) CVSS20base ¶
CVSS20base returns CVSS 2.0 base score of vulnerability
func (*Entry) CVSS30base ¶
CVSS30base returns CVSS 3.0 base score of vulnerability
func (*Entry) Config ¶
func (e *Entry) Config() []nvdcommon.LogicalTest
Config returns a set of tests that identify vulnerable platform.
func (*Entry) ProblemTypes ¶
ProblemTypes returns weakness types associated with vulnerability (e.g. CWE)
type FactRefType ¶
type FactRefType struct {
Name NamePattern `xml:"name,attr"`
Description string `xml:"description,attr"`
}
FactRefType is a reference to a CPE Name that always evaluates to a Boolean result
type LogicalTestType ¶
type LogicalTestType struct {
Op OperatorString `xml:"operator,attr"`
Neg bool `xml:"negate,attr"`
LogicalTests []*LogicalTestType `xml:"logical-test"`
FactRefs []*FactRefType `xml:"fact-ref"`
// contains filtered or unexported fields
}
LogicalTestType defines test using logical operators (AND, OR, negate).
func (*LogicalTestType) CPEs ¶
func (lt *LogicalTestType) CPEs() []*wfn.Attributes
CPEs implements cvefeed.LogicalTest interface
func (*LogicalTestType) InnerTests ¶
func (lt *LogicalTestType) InnerTests() []nvdcommon.LogicalTest
InnerTests implements cvefeed.LogicalTest interface
func (*LogicalTestType) LogicalOperator ¶
func (lt *LogicalTestType) LogicalOperator() string
LogicalOperator implements part of cvefeed.LogicalTest interface
func (*LogicalTestType) MatchPlatform ¶
func (lt *LogicalTestType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool
MatchPlatform implements part of cvefeed.LogicalTest interface
func (*LogicalTestType) NegateIfNeeded ¶
func (lt *LogicalTestType) NegateIfNeeded(b bool) bool
NegateIfNeeded implements cvefeed.LogicalOperator interface
func (*LogicalTestType) String ¶
func (t *LogicalTestType) String() string
type NVDFeed ¶
type NVDFeed struct {
Entries []*Entry `xml:"entry"`
NVDXMLVersion string `xml:"nvd_xml_version,attr"`
PubDate string `xml:"pub_date,attr"`
}
NVDFeed represents the root element of NVD CVE feed
type NamePattern ¶
type NamePattern wfn.Attributes
NamePattern represents CPE name
func (NamePattern) String ¶
func (np NamePattern) String() string
func (*NamePattern) UnmarshalXMLAttr ¶
func (np *NamePattern) UnmarshalXMLAttr(attr xml.Attr) error
UnmarshalXMLAttr implements xml.UnmarshalerAttr interface
type OperatorString ¶
type OperatorString string
OperatorString defines acceptable operators
func (*OperatorString) String ¶
func (t *OperatorString) String() string
func (*OperatorString) UnmarshalXMLAttr ¶
func (t *OperatorString) UnmarshalXMLAttr(attr xml.Attr) error
UnmarshalXMLAttr -- load OperatorString from XML
type PlatformBaseType ¶
type PlatformBaseType struct {
Title TextType `xml:"title"`
Remark TextType `xml:"remark"`
LogicalTest *LogicalTestType `xml:"cpe-logical-test"`
}
PlatformBaseType represents the description or qualifications of a particular IT platform type. The platform is defined by the logical-test child element.
func (*PlatformBaseType) CPEs ¶
func (pb *PlatformBaseType) CPEs() []*wfn.Attributes
CPEs implements cvefeed.LogicalTest interface
func (*PlatformBaseType) InnerTests ¶
func (pb *PlatformBaseType) InnerTests() []nvdcommon.LogicalTest
InnerTests implements cvefeed.LogicalTest interface
func (*PlatformBaseType) LogicalOperator ¶
func (pb *PlatformBaseType) LogicalOperator() string
LogicalOperator implements part of cvefeed.LogicalTest interface
func (*PlatformBaseType) MatchPlatform ¶
func (pb *PlatformBaseType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool
MatchPlatform implements part of cvefeed.LogicalTest interface
func (*PlatformBaseType) NegateIfNeeded ¶
func (pb *PlatformBaseType) NegateIfNeeded(b bool) bool
NegateIfNeeded implements cvefeed.LogicalTest interface
type PlatformSpecificationType ¶
type PlatformSpecificationType struct {
PlatformConfiguration *PlatformBaseType `xml:"platform-configuration"`
LogicalTest *LogicalTestType `xml:"logical-test"`
FactRef *FactRefType `xml:"fact-ref"`
}
PlatformSpecificationType is the root element of a CPE Applicability Language XML document and therefore acts as a container for child platform definitions.
func (*PlatformSpecificationType) CPEs ¶
func (ps *PlatformSpecificationType) CPEs() []*wfn.Attributes
CPEs implements cvefeed.LogicalTest interface
func (*PlatformSpecificationType) InnerTests ¶
func (ps *PlatformSpecificationType) InnerTests() []nvdcommon.LogicalTest
InnerTests implements cvefeed.LogicalTest interface
func (*PlatformSpecificationType) LogicalOperator ¶
func (ps *PlatformSpecificationType) LogicalOperator() string
LogicalOperator implements part of cvefeed.LogicalTest interface
func (*PlatformSpecificationType) MatchPlatform ¶
func (ps *PlatformSpecificationType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool
MatchPlatform implements part of cvefeed.LogicalTest interface
func (*PlatformSpecificationType) NegateIfNeeded ¶
func (ps *PlatformSpecificationType) NegateIfNeeded(b bool) bool
NegateIfNeeded implements cvefeed.LogicalTest interface
Source Files