models

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 8, 2021 License: Apache-2.0 Imports: 5 Imported by: 83

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Affect added in v0.2.0

type Affect struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	Vendor  string
	Product string
	Version string
}

Affect has vendor/product/version info in NVD JSON

type Cert added in v0.4.0

type Cert struct {
	gorm.Model `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	Title string `sql:"type:text"`
	Link  string `sql:"type:text"`
}

Cert is Child model of Jvn/Nvd. It holds CERT alerts.

type Cpe

type Cpe struct {
	gorm.Model `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	CpeBase
	EnvCpes []EnvCpe
}

Cpe is Child model of Jvn/Nvd. see https://www.ipa.go.jp/security/vuln/CPE.html In NVD JSON, configurations>nodes>cpe>vulnerable: true

type CpeBase added in v0.2.0

type CpeBase struct {
	URI             string
	FormattedString string
	WellFormedName  string `sql:"type:text"`
	CpeWFN

	VersionStartExcluding string
	VersionStartIncluding string
	VersionEndExcluding   string
	VersionEndIncluding   string
}

CpeBase has common args of Cpe and EnvCpe

type CpeWFN added in v0.2.0

type CpeWFN struct {
	Part            string
	Vendor          string
	Product         string
	Version         string
	Update          string
	Edition         string
	Language        string
	SoftwareEdition string
	TargetSW        string
	TargetHW        string
	Other           string
}

CpeWFN has CPE Well Formed name information

type CveDetail

type CveDetail struct {
	gorm.Model `json:"-" xml:"-"`

	CveID   string
	NvdJSON *NvdJSON `json:",omitempty"`
	Jvn     *Jvn     `json:",omitempty"`
}

CveDetail is a parent of Jnv/Nvd model

func (CveDetail) IsJvn added in v0.6.0

func (c CveDetail) IsJvn() bool

IsJvn returns true if JVN contents

func (CveDetail) IsNvd added in v0.6.0

func (c CveDetail) IsNvd() bool

IsNvd returns true if NVD contents

type Cvss2 added in v0.2.0

type Cvss2 struct {
	gorm.Model `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`

	VectorString          string
	AccessVector          string
	AccessComplexity      string
	Authentication        string
	ConfidentialityImpact string
	IntegrityImpact       string
	AvailabilityImpact    string
	BaseScore             float64

	// NVD JSON and JVN has severity (Not in NVD XML)
	Severity string
}

Cvss2 has CVSS Version 2 info

type Cvss2Extra added in v0.2.0

type Cvss2Extra struct {
	NvdJSONID uint `json:"-" xml:"-"`

	Cvss2
	ExploitabilityScore     float64
	ImpactScore             float64
	ObtainAllPrivilege      bool
	ObtainUserPrivilege     bool
	ObtainOtherPrivilege    bool
	UserInteractionRequired bool
}

Cvss2Extra has extra CVSS V2 info

type Cvss3 added in v0.2.0

type Cvss3 struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`
	JVNID      uint `json:"-" xml:"-"`

	VectorString string

	AttackVector          string
	AttackComplexity      string
	PrivilegesRequired    string
	UserInteraction       string
	Scope                 string
	ConfidentialityImpact string
	IntegrityImpact       string
	AvailabilityImpact    string

	BaseScore           float64
	BaseSeverity        string
	ExploitabilityScore float64
	ImpactScore         float64
}

Cvss3 has CVSS Version 3 info NVD JSON and JVN has CVSS3 info

type Cwe added in v0.2.0

type Cwe struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`

	CweID string
}

Cwe has CweID

type Description added in v0.2.0

type Description struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	Lang  string
	Value string `sql:"type:text"`
}

Description has description of the CVE

type EnvCpe added in v0.2.0

type EnvCpe struct {
	gorm.Model `json:"-" xml:"-"`
	CpeID      uint `json:"-" xml:"-"`

	CpeBase
}

EnvCpe is a Environmental CPE Only NVD JSON has this information. configurations>nodes>cpe>vulnerable: false

type FeedMeta added in v0.2.0

type FeedMeta struct {
	gorm.Model `json:"-"`

	URL              string
	Hash             string
	LastModifiedDate string

	LatestHash             string `json:"-" gorm:"-"`
	LatestLastModifiedDate string `json:"-" gorm:"-"`
}

FeedMeta has meta information about fetched feeds

func (FeedMeta) FetchOption added in v0.2.0

func (f FeedMeta) FetchOption() string

FetchOption returns a option of fetch subcommand for list subcommand

func (FeedMeta) Newly added in v0.2.0

func (f FeedMeta) Newly() bool

Newly checks whether not fetched yet

func (FeedMeta) OutDated added in v0.2.0

func (f FeedMeta) OutDated() bool

OutDated checks whether last fetched feed is out dated

func (FeedMeta) StatusForStdout added in v0.2.0

func (f FeedMeta) StatusForStdout() string

StatusForStdout returns a status of fetched feed

func (FeedMeta) ToTableWriterRow added in v0.2.0

func (f FeedMeta) ToTableWriterRow() []string

ToTableWriterRow generate data for table writer

func (FeedMeta) UpToDate added in v0.2.0

func (f FeedMeta) UpToDate() bool

UpToDate checks whether last fetched feed is up to date

func (FeedMeta) Year added in v0.2.0

func (f FeedMeta) Year() (year string, xml bool, err error)

Year returns year, whether xml or not of the feed

type Jvn

type Jvn struct {
	gorm.Model  `json:"-" xml:"-"`
	CveDetailID uint `json:"-" xml:"-"`

	CveID   string
	Title   string
	Summary string `sql:"type:text"`
	JvnLink string
	JvnID   string

	Cvss2      Cvss2
	Cvss3      Cvss3
	Cpes       []Cpe `json:",omitempty"`
	References []Reference

	Certs            []Cert
	PublishedDate    time.Time
	LastModifiedDate time.Time
}

Jvn is a model of JVN

type NvdJSON added in v0.2.0

type NvdJSON struct {
	gorm.Model  `json:"-" xml:"-"`
	CveDetailID uint `json:"-" xml:"-"`

	CveID        string
	Descriptions []Description

	Cvss2      Cvss2Extra
	Cvss3      Cvss3
	Cwes       []Cwe
	Cpes       []Cpe
	Affects    []Affect
	References []Reference

	// Assigner         string
	Certs            []Cert
	PublishedDate    time.Time
	LastModifiedDate time.Time
}

NvdJSON is a struct of NVD JSON https://scap.nist.gov/schema/nvd/feed/0.1/nvd_cve_feed_json_0.1_beta.schema

type Reference

type Reference struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`

	Link   string `sql:"type:text"`
	Source string
	Tags   string
	Name   string `sql:"type:text"`
}

Reference is Child model of Jvn/Nvd. It holds reference information about the CVE.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL