cve20

package
v0.9.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2025 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	FormatNVDCVE          = "NVD_CVE"
	FormatNVDCVEVersion20 = "2.0"
)
View Source 
const (
	BaseSeverityCritical = "CRITICAL"
	BaseSeverityHigh     = "HIGH"
	BaseSeverityMedium   = "MEDIUM"
	BaseSeverityLow      = "LOW"
	BaseSeverityNone     = "NONE"

	// https://nvd.nist.gov/vuln/vulnerability-status
	VulnStatusAnalyzed = "Analyzed"
	VulnStatusModified = "Modified"

	TypePrimary       = "Primary"
	TypeSecondary     = "Secondary"
	CVSSDataVersion31 = "3.1"
	OperatorOr        = "OR"
)

Variables

This section is empty.

Functions

func CVSSMetricDefinitions 

func CVSSMetricDefinitions() map[string]CVSSMetricDefinition

Types

type CPEMatch 

type CPEMatch struct {
	Vulnerable          *bool  `json:"vulnerable"`
	VersionEndExcluding string `json:"versionEndExcluding,omitempty"`
}

type CVE 

type CVE struct {
	ID               string          `json:"id,omitempty"`
	SourceIdentifier string          `json:"sourceIdentifier,omitempty"`
	VulnStatus       string          `json:"vulnStatus,omitempty"`
	Published        *iso8601.Time   `json:"published,omitempty"`
	LastModified     *iso8601.Time   `json:"lastModified,omitempty"`
	Metrics          Metrics         `json:"metrics,omitempty"`
	Descriptions     []Description   `json:"descriptions,omitempty"`
	Weaknesses       []Weakness      `json:"weaknesses,omitempty"`
	CVETags          []string        `json:"cveTags,omitempty"`
	Configurations   []Configuration `json:"configurations,omitempty"`
}

func (*CVE) AddConfiguration 

func (c *CVE) AddConfiguration(versionEndExcluding string)

func (*CVE) AddDescription 

func (c *CVE) AddDescription(title, desc, lang, app, versionEndExcluding string)

func (*CVE) AddMetric31 

func (c *CVE) AddMetric31(source, cveType, baseSeverity string)

type CVEAPIResponse 

type CVEAPIResponse struct {
	ResultsPerPage  int             `json:"resultsPerPage"`
	StartIndex      int             `json:"startIndex"`
	TotalResults    int             `json:"totalResults"`
	Format          string          `json:"format"`
	Version         string          `json:"version"`
	Vulnerabilities Vulnerabilities `json:"vulnerabilities"`
}

func ParseCVEAPIResponseFile 

func ParseCVEAPIResponseFile(filename string) (*CVEAPIResponse, []byte, error)

func ParseCVEAPIResponseReader 

func ParseCVEAPIResponseReader(r io.Reader) (*CVEAPIResponse, []byte, error)

func (*CVEAPIResponse) Inflate 

func (r *CVEAPIResponse) Inflate()

func (CVEAPIResponse) WriteFileJSON 

func (r CVEAPIResponse) WriteFileJSON(filename, indent, prefix string, perm os.FileMode) error

type CVSSDataV3 

type CVSSDataV3 struct {
	Version               string `json:"version"`
	VectorString          string `json:"vectorString,omitempty"`
	AttackVector          string `json:"attackVector,omitempty"`
	AttackComplexity      string `json:"attackComplexity,omitempty"`
	PrivilegesRequired    string `json:"privilegesRequired,omitempty"`
	UserInteraction       string `json:"userInteraction,omitempty"`
	Scope                 string `json:"scope,omitempty"`
	ConfidentialityImpact string `json:"confidentialityImpact,omitempty"`
	IntegrityImpact       string `json:"integrityImpact,omitempty"`
	AvailabilityImpact    string `json:"availabilityImpact,omitempty"`
	BaseScore             string `json:"baseScore,omitempty"`
	BaseSeverity          string `json:"baseSeverity,omitempty"`
}

func (*CVSSDataV3) SetVectorString 

func (cvss *CVSSDataV3) SetVectorString(v string)

type CVSSMetricDefinition 

type CVSSMetricDefinition struct {
	Abbr    string
	Display string
	Values  map[string]string
}

type CVSSMetricV2 

type CVSSMetricV2 struct {
	Source string `json:"source"`
	Type   string `json:"type"`
}

type CVSSMetricV3 

type CVSSMetricV3 struct {
	Source   string     `json:"source"`
	Type     string     `json:"type"`
	CVSSData CVSSDataV3 `json:"cvssData"`
}

type Configuration 

type Configuration struct {
	Nodes []Node `json:"nodes,omitempty"`
}

type Description 

type Description struct {
	Lang  string `json:"lang,omitempty"`
	Title string `json:"subject,omitempty"`
	Value string `json:"value,omitempty"`
}

type Metrics 

type Metrics struct {
	// CvssMetricV40 []CvssMetricV40 `json:"cvssMetricV40,omitempty"`
	// ref: https://pkg.go.dev/github.com/aquasecurity/trivy-db/pkg/vulnsrc/nvd#CvssDataV30
	CVSSMetricV31 []CVSSMetricV3 `json:"cvssMetricV31,omitempty"`
	CVSSMetricV30 []CVSSMetricV3 `json:"cvssMetricV30,omitempty"`
	CVSSMetricV2  []CVSSMetricV2 `json:"cvssMetricV2,omitempty"`
}

func NewMetrics 

func NewMetrics() Metrics

func (*Metrics) AppendCVSSMetricV3 

func (m *Metrics) AppendCVSSMetricV3(more CVSSMetricV3)

func (*Metrics) AppendMetrics 

func (m *Metrics) AppendMetrics(more Metrics)

type Node 

type Node struct {
	Operator string     `json:"operator,omitempty"`
	Negate   *bool      `json:"negate"`
	CPEMatch []CPEMatch `json:"cpeMatch,omitempty"`
}

type Vulnerabilities 

type Vulnerabilities []Vulnerability

type Vulnerability 

type Vulnerability struct {
	CVE *CVE `json:"cve,omitempty"`
	SVE *CVE `json:"sve,omitempty"`
}

type Weakness 

type Weakness struct {
	Source      string        `json:"source,omitempty"`
	Type        string        `json:"type,omitempty"`
	Description []Description `json:"descriptions,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.