nvd

package

v0.0.0-...-262f678 Latest Latest Go to latest Published: Jun 30, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/khulnasoft-lab/cve-db

Documentation ¶

Index ¶

type Cve
type CvssDataV20
type CvssDataV30
type CvssMetricV2
type CvssMetricV3
type LangString
type Metrics
type Reference
type VulnSrc
- func NewVulnSrc() VulnSrc
- func (vs VulnSrc) Name() types.SourceID
- func (vs VulnSrc) Update(dir string) error
type Weakness

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Cve ¶

type Cve struct {
	ID           string       `json:"id"`
	Published    string       `json:"published"`
	LastModified string       `json:"lastModified"`
	Descriptions []LangString `json:"descriptions"`
	Metrics      Metrics      `json:"metrics,omitempty"`
	Weaknesses   []Weakness   `json:"weaknesses,omitempty"`
	References   []Reference  `json:"references"`
}

Cve is based on https://csrc.nist.gov/schema/nvd/api/2.0/cve_api_json_2.0.schema (see `cve_item`)

type CvssDataV20 ¶

type CvssDataV20 struct {
	Version      string  `json:"version"`
	VectorString string  `json:"vectorString"`
	BaseScore    float64 `json:"baseScore"`
}

CvssDataV20 is based on https://csrc.nist.gov/schema/nvd/api/2.0/external/cvss-v2.0.json

type CvssDataV30 ¶

type CvssDataV30 struct {
	Version      string  `json:"version"`
	VectorString string  `json:"vectorString"`
	BaseScore    float64 `json:"baseScore"`
	BaseSeverity string  `json:"baseSeverity"`
}

CvssDataV30 is based on https://csrc.nist.gov/schema/nvd/api/2.0/external/cvss-v3.0.json v3.0 and v3.1 have only one difference: `patterns` for `vectorString`. So we can use version 3.0 for version 3.1.

type CvssMetricV2 ¶

type CvssMetricV2 struct {
	Source       string      `json:"source"`
	Type         string      `json:"type"`
	CvssData     CvssDataV20 `json:"cvssData"`
	BaseSeverity string      `json:"baseSeverity,omitempty"`
}

type CvssMetricV3 ¶

type CvssMetricV3 struct {
	Source   string      `json:"source"`
	Type     string      `json:"type"`
	CvssData CvssDataV30 `json:"cvssData"`
}

CvssMetricV3 is based on https://csrc.nist.gov/schema/nvd/api/2.0/cve_api_json_2.0.schema. v3.0 and v3.1 have only one difference: `cvssData`. But we can use `cvssData` v3.0 for v3.1 (see below). So we can use the same structure for v3.0 and v3.1.

type LangString ¶

type LangString struct {
	Lang  string `json:"lang"`
	Value string `json:"value"`
}

type Metrics ¶

type Metrics struct {
	CvssMetricV31 []CvssMetricV3 `json:"cvssMetricV31,omitempty"`
	CvssMetricV30 []CvssMetricV3 `json:"cvssMetricV30,omitempty"`
	CvssMetricV2  []CvssMetricV2 `json:"cvssMetricV2,omitempty"`
}

type Reference ¶

type Reference struct {
	URL    string   `json:"url"`
	Source string   `json:"source,omitempty"`
	Tags   []string `json:"tags,omitempty"`
}

type VulnSrc ¶

type VulnSrc struct {
	// contains filtered or unexported fields
}

func NewVulnSrc ¶

func NewVulnSrc() VulnSrc

func (VulnSrc) Name ¶

func (vs VulnSrc) Name() types.SourceID

func (VulnSrc) Update ¶

func (vs VulnSrc) Update(dir string) error

type Weakness ¶

type Weakness struct {
	Source      string       `json:"source"`
	Type        string       `json:"type"`
	Description []LangString `json:"description"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL