cveclient

package
v0.0.0-...-210767f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 24, 2023 License: MIT Imports: 10 Imported by: 0

Documentation

Overview

Package cveclient implements a client for interacting with MITRE CVE Services API as described at https://cveawg.mitre.org/api-docs/openapi.json.

Index

Constants

View Source 
const (
	// ProdEndpoint is the production endpoint
	ProdEndpoint = "https://cveawg.mitre.org"
	// TestEndpoint is the test endpoint
	TestEndpoint = "https://cveawg-test.mitre.org"
	// DevEndpoint is the dev endpoint
	DevEndpoint = "https://cveawg-dev.mitre.org"

	// WebURL is the URL to view production CVE records on the web.
	WebURL = "https://www.cve.org"
	// TestWebURL is the URL to view test CVE records on the web.
	TestWebURL = "https://test.cve.org"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AssignedCVE 

type AssignedCVE struct {
	ID          string           `json:"cve_id"`
	Year        string           `json:"cve_year"`
	State       cveschema5.State `json:"state"`
	CNA         string           `json:"owning_cna"`
	Reserved    time.Time        `json:"reserved"`
	RequestedBy RequestedBy      `json:"requested_by"`
}

AssignedCVE contains information about an assigned CVE.

func (AssignedCVE) String 

func (c AssignedCVE) String() string

type AssignedCVEList 

type AssignedCVEList []AssignedCVE

AssignedCVEList is a list of AssignedCVEs.

func (AssignedCVEList) ShortString 

func (cs AssignedCVEList) ShortString() string

ShortString outputs a formatted string of newline-separated CVE IDs.

func (AssignedCVEList) String 

func (cs AssignedCVEList) String() string

String outputs a formatted string of newline-separated CVE data.

type Client 

type Client struct {
	Config
	// contains filtered or unexported fields
}

Client is a MITRE CVE Services API client.

func New 

func New(cfg Config) *Client

New returns an initialized client configured via cfg.

func (*Client) CreateRecord 

func (c *Client) CreateRecord(id string, record *cveschema5.Containers) (*cveschema5.CVERecord, error)

func (*Client) ListOrgCVEs 

func (c *Client) ListOrgCVEs(opts *ListOptions) (AssignedCVEList, error)

ListOrgCVEs requests information about the CVEs the organization has been assigned. This list can be filtered by setting the fields in opts.

func (*Client) ReserveIDs 

func (c *Client) ReserveIDs(opts ReserveOptions) (AssignedCVEList, error)

ReserveIDs sends a request to the CVE API to reserve a block of CVE IDs. Returns a list of the reserved CVE IDs and their associated data. There may be fewer IDs than requested if, for example, the organization's quota is reached.

func (*Client) RetrieveID 

func (c *Client) RetrieveID(id string) (cve *AssignedCVE, err error)

RetrieveID requests information about an assigned CVE ID.

func (*Client) RetrieveOrg 

func (c *Client) RetrieveOrg() (org *Org, err error)

RetrieveOrg requests information about an organization.

func (*Client) RetrieveQuota 

func (c *Client) RetrieveQuota() (q *Quota, err error)

RetrieveQuota queries the API for the organizations reservation quota.

func (*Client) RetrieveRecord 

func (c *Client) RetrieveRecord(id string) (cve *cveschema5.CVERecord, err error)

RetrieveRecord requests a CVE record.

func (*Client) UpdateRecord 

func (c *Client) UpdateRecord(id string, record *cveschema5.Containers) (*cveschema5.CVERecord, error)

func (*Client) WebURL 

func (c *Client) WebURL(cveID string) string

WebURL returns the URL that can be used to view a published CVE record on the web.

type Config 

type Config struct {
	// Endpoint is the endpoint to access when making API calls. Required.
	Endpoint string
	// Org is the shortname for the organization that is authenticated when
	// making API calls. Required.
	Org string
	// Key is the user's API key. Required.
	Key string
	// User is the username for the account that is making API calls. Required.
	User string
}

Config contains client configuration data.

type ListOptions 

type ListOptions struct {
	State          string
	Year           int
	ReservedBefore *time.Time
	ReservedAfter  *time.Time
	ModifiedBefore *time.Time
	ModifiedAfter  *time.Time
}

ListOptions contains filters to be used when requesting a list of assigned CVEs.

func (ListOptions) String 

func (o ListOptions) String() string

type Org 

type Org struct {
	Name      string `json:"name"`
	ShortName string `json:"short_name"`
	UUID      string `json:"UUID"`
}

type Quota 

type Quota struct {
	Quota     int `json:"id_quota"`
	Reserved  int `json:"total_reserved"`
	Available int `json:"available"`
}

Quota contains information about an organizations reservation quota.

type RequestType 

type RequestType string

RequestType is the type of CVE ID reserve request. 

const (
	// SequentialRequest requests CVE IDs be reserved in a sequential fashion.
	SequentialRequest RequestType = "sequential"
	// NonsequentialRequest requests CVE IDs be reserved in a nonsequential fashion.
	NonsequentialRequest RequestType = "nonsequential"
)

type RequestedBy 

type RequestedBy struct {
	CNA  string `json:"cna"`
	User string `json:"user"`
}

RequestedBy indicates the requesting user and organization for a CVE.

type ReserveOptions 

type ReserveOptions struct {
	// NumIDs is the number of CVE IDs to reserve. Required.
	NumIDs int
	// Year is the CVE ID year for new IDs, indicating the year the
	// vulnerability was discovered. Required.
	Year int
	// Mode indicates whether the block of CVEs should be in sequence.
	// Relevant only if NumIDs > 1.
	Mode RequestType
}

ReserveOptions contains the configuration options for reserving new CVE IDs.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.