models

package

v0.8.0 Latest Latest Go to latest Published: Sep 13, 2021 License: Apache-2.0 Imports: 6 Imported by: 83

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kotakanbe/go-cve-dictionary

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetYearByURL(source, url string) (year string, err error)
type Cert
type CpeBase
type CpeDetail
type CpeWFN
type CveDetail
- func (c CveDetail) HasJvn() bool
- func (c CveDetail) HasNvd() bool
type Cvss2
type Cvss3
type FeedMeta
- func (f FeedMeta) FetchOption() (string, error)
- func (f FeedMeta) GetSourceByURL() string
- func (f FeedMeta) Newly() bool
- func (f FeedMeta) OutDated() bool
- func (f FeedMeta) StatusForStdout() string
- func (f FeedMeta) ToTableWriterRow() []string
- func (f FeedMeta) UpToDate() bool
type FetchMeta
- func (f FetchMeta) OutDated() bool
type Jvn
type JvnCert
type JvnCpe
type JvnCvss2
type JvnCvss3
type JvnReference
type Nvd
type NvdCert
type NvdCpe
type NvdCvss2Extra
type NvdCvss3
type NvdCwe
type NvdDescription
type NvdEnvCpe
type NvdReference
type Reference

Constants ¶

View Source

const (
	// NvdType :
	NvdType = "NVD"
	// JvnType :
	JvnType = "JVN"

	// NvdExactVersionMatch :
	NvdExactVersionMatch = "NvdExactVersionMatch"
	// NvdRoughVersionMatch :
	NvdRoughVersionMatch = "NvdRoughVersionMatch"
	// NvdVendorProductMatch :
	NvdVendorProductMatch = "NvdVendorProductMatch"
	// JvnVendorProductMatch :
	JvnVendorProductMatch = "JvnVendorProductMatch"
)

View Source

const LatestSchemaVersion = 2

LatestSchemaVersion manages the Schema version used in the latest go-cve-dictionary.

Variables ¶

This section is empty.

Functions ¶

func GetYearByURL ¶ added in v0.8.0

func GetYearByURL(source, url string) (year string, err error)

GetYearByURL returns year of the feed

Types ¶

type Cert ¶ added in v0.4.0

type Cert struct {
	Title string `gorm:"type:text"`
	Link  string `gorm:"type:text"`
}

Cert holds CERT alerts.

type CpeBase ¶ added in v0.2.0

type CpeBase struct {
	URI                   string `gorm:"index;type:varchar(255)"`
	FormattedString       string `gorm:"index;type:varchar(255)"`
	WellFormedName        string `gorm:"type:text"`
	CpeWFN                `gorm:"embedded"`
	VersionStartExcluding string `gorm:"type:varchar(255)"`
	VersionStartIncluding string `gorm:"type:varchar(255)"`
	VersionEndExcluding   string `gorm:"type:varchar(255)"`
	VersionEndIncluding   string `gorm:"type:varchar(255)"`
}

CpeBase has common args of Cpe and EnvCpe

type CpeDetail ¶ added in v0.7.0

type CpeDetail struct {
	Nvds []NvdCpe
	Jvns []JvnCpe
}

CpeDetail :

type CpeWFN ¶ added in v0.2.0

type CpeWFN struct {
	Part            string `gorm:"index;type:varchar(255)"`
	Vendor          string `gorm:"index;type:varchar(255)"`
	Product         string `gorm:"index;type:varchar(255)"`
	Version         string `gorm:"type:varchar(255)"`
	Update          string `gorm:"type:varchar(255)"`
	Edition         string `gorm:"type:varchar(255)"`
	Language        string `gorm:"type:varchar(255)"`
	SoftwareEdition string `gorm:"type:varchar(255)"`
	TargetSW        string `gorm:"type:varchar(255)"`
	TargetHW        string `gorm:"type:varchar(255)"`
	Other           string `gorm:"type:varchar(255)"`
}

CpeWFN has CPE Well Formed name information

type CveDetail ¶

type CveDetail struct {
	CveID string
	Nvds  []Nvd
	Jvns  []Jvn
}

CveDetail :

func (CveDetail) HasJvn ¶ added in v0.6.2

func (c CveDetail) HasJvn() bool

HasJvn returns true if JVN contents

func (CveDetail) HasNvd ¶ added in v0.6.2

func (c CveDetail) HasNvd() bool

HasNvd returns true if NVD contents

type Cvss2 ¶ added in v0.2.0

type Cvss2 struct {
	VectorString          string `gorm:"type:varchar(255)"`
	AccessVector          string `gorm:"type:varchar(255)"`
	AccessComplexity      string `gorm:"type:varchar(255)"`
	Authentication        string `gorm:"type:varchar(255)"`
	ConfidentialityImpact string `gorm:"type:varchar(255)"`
	IntegrityImpact       string `gorm:"type:varchar(255)"`
	AvailabilityImpact    string `gorm:"type:varchar(255)"`
	BaseScore             float64
	Severity              string `gorm:"type:varchar(255)"`
}

Cvss2 has CVSS Version 2 info

type Cvss3 ¶ added in v0.2.0

type Cvss3 struct {
	VectorString          string `gorm:"type:varchar(255)"`
	AttackVector          string `gorm:"type:varchar(255)"`
	AttackComplexity      string `gorm:"type:varchar(255)"`
	PrivilegesRequired    string `gorm:"type:varchar(255)"`
	UserInteraction       string `gorm:"type:varchar(255)"`
	Scope                 string `gorm:"type:varchar(255)"`
	ConfidentialityImpact string `gorm:"type:varchar(255)"`
	IntegrityImpact       string `gorm:"type:varchar(255)"`
	AvailabilityImpact    string `gorm:"type:varchar(255)"`
	BaseScore             float64
	BaseSeverity          string `gorm:"type:varchar(255)"`
	ExploitabilityScore   float64
	ImpactScore           float64
}

Cvss3 has CVSS Version 3 info

type FeedMeta ¶ added in v0.2.0

type FeedMeta struct {
	gorm.Model `json:"-"`

	Source           string
	Year             string
	URL              string
	Hash             string
	LastModifiedDate string

	LatestHash             string `json:"-" gorm:"-"`
	LatestLastModifiedDate string `json:"-" gorm:"-"`
}

FeedMeta has meta information about fetched feeds

func (FeedMeta) FetchOption ¶ added in v0.2.0

func (f FeedMeta) FetchOption() (string, error)

FetchOption returns a option of fetch subcommand for list subcommand

func (FeedMeta) GetSourceByURL ¶ added in v0.7.0

func (f FeedMeta) GetSourceByURL() string

GetSourceByURL : Determine Source from URL

func (FeedMeta) Newly ¶ added in v0.2.0

func (f FeedMeta) Newly() bool

Newly checks whether not fetched yet

func (FeedMeta) OutDated ¶ added in v0.2.0

func (f FeedMeta) OutDated() bool

OutDated checks whether last fetched feed is out dated

func (FeedMeta) StatusForStdout ¶ added in v0.2.0

func (f FeedMeta) StatusForStdout() string

StatusForStdout returns a status of fetched feed

func (FeedMeta) ToTableWriterRow ¶ added in v0.2.0

func (f FeedMeta) ToTableWriterRow() []string

ToTableWriterRow generate data for table writer

func (FeedMeta) UpToDate ¶ added in v0.2.0

func (f FeedMeta) UpToDate() bool

UpToDate checks whether last fetched feed is up to date

type FetchMeta ¶ added in v0.7.0

type FetchMeta struct {
	gorm.Model        `json:"-"`
	GoCVEDictRevision string
	SchemaVersion     uint
}

FetchMeta has meta information about fetched CVE data

func (FetchMeta) OutDated ¶ added in v0.7.0

func (f FetchMeta) OutDated() bool

OutDated checks whether last fetched feed is out dated

type Jvn ¶

type Jvn struct {
	ID               int64  `json:"-"`
	CveID            string `gorm:"index:idx_jvns_cveid;type:varchar(255)"`
	Title            string `gorm:"type:varchar(255)"`
	Summary          string `gorm:"type:text"`
	JvnLink          string `gorm:"type:varchar(255)"`
	JvnID            string `gorm:"type:varchar(255)"`
	Cvss2            JvnCvss2
	Cvss3            JvnCvss3
	Cpes             []JvnCpe
	References       []JvnReference
	Certs            []JvnCert
	PublishedDate    time.Time
	LastModifiedDate time.Time

	DetectionMethod string `gorm:"-"`
}

Jvn is a model of JVN

type JvnCert ¶ added in v0.7.0

type JvnCert struct {
	ID    int64 `json:"-"`
	JvnID uint  `json:"-" gorm:"index:idx_jvn_certs_jvn_id"`
	Cert  `gorm:"embedded"`
}

JvnCert is Child model of Jvn.

type JvnCpe ¶ added in v0.7.0

type JvnCpe struct {
	ID      int64 `json:"-"`
	JvnID   uint  `json:"-" gorm:"index:idx_jvn_cpes_jvn_id"`
	CpeBase `gorm:"embedded"`
}

JvnCpe is Child model of Jvn. see https://www.ipa.go.jp/security/vuln/CPE.html

type JvnCvss2 ¶ added in v0.7.0

type JvnCvss2 struct {
	ID    int64 `json:"-"`
	JvnID uint  `json:"-" gorm:"index:idx_jvn_cvss2_jvn_id"`
	Cvss2 `gorm:"embedded"`
}

JvnCvss2 has Jvn CVSS Version 2 info

type JvnCvss3 ¶ added in v0.7.0

type JvnCvss3 struct {
	ID    int64 `json:"-"`
	JVNID uint  `json:"-" gorm:"index:idx_jvn_cvss3_jvn_id"`
	Cvss3 `gorm:"embedded"`
}

JvnCvss3 has JVN CVSS3 info

type JvnReference ¶ added in v0.7.0

type JvnReference struct {
	ID        int64 `json:"-"`
	JvnID     uint  `json:"-" gorm:"index:idx_jvn_references_jvn_id"`
	Reference `gorm:"embedded"`
}

JvnReference is Child model of Jvn.

type Nvd ¶

type Nvd struct {
	ID               int64  `json:"-"`
	CveID            string `gorm:"index:idx_nvds_cveid;type:varchar(255)"`
	Descriptions     []NvdDescription
	Cvss2            NvdCvss2Extra
	Cvss3            NvdCvss3
	Cwes             []NvdCwe
	Cpes             []NvdCpe
	References       []NvdReference
	Certs            []NvdCert
	PublishedDate    time.Time
	LastModifiedDate time.Time

	DetectionMethod string `gorm:"-"`
}

Nvd is a struct of NVD JSON https://scap.nist.gov/schema/nvd/feed/0.1/nvd_cve_feed_json_0.1_beta.schema

type NvdCert ¶ added in v0.7.0

type NvdCert struct {
	ID    int64 `json:"-"`
	NvdID uint  `json:"-" gorm:"index:idx_nvd_certs_nvd_id"`
	Cert  `gorm:"embedded"`
}

NvdCert is Child model of Nvd.

type NvdCpe ¶ added in v0.7.0

type NvdCpe struct {
	ID      int64 `json:"-"`
	NvdID   uint  `json:"-" gorm:"index:idx_nvd_cpes_nvd_id"`
	CpeBase `gorm:"embedded"`
	EnvCpes []NvdEnvCpe
}

NvdCpe is Child model of Nvd. see https://www.ipa.go.jp/security/vuln/CPE.html In NVD, configurations>nodes>cpe>vulnerable: true

type NvdCvss2Extra ¶ added in v0.7.0

type NvdCvss2Extra struct {
	ID                      int64 `json:"-"`
	NvdID                   uint  `json:"-" gorm:"index:idx_nvd_cvss2_extra_nvd_id"`
	Cvss2                   `gorm:"embedded"`
	ExploitabilityScore     float64
	ImpactScore             float64
	ObtainAllPrivilege      bool
	ObtainUserPrivilege     bool
	ObtainOtherPrivilege    bool
	UserInteractionRequired bool
}

NvdCvss2Extra has Nvd extra CVSS V2 info

type NvdCvss3 ¶ added in v0.7.0

type NvdCvss3 struct {
	ID    int64 `json:"-"`
	NvdID uint  `json:"-" gorm:"index:idx_nvd_cvss3_nvd_id"`
	Cvss3 `gorm:"embedded"`
}

NvdCvss3 has Nvd CVSS3 info

type NvdCwe ¶ added in v0.7.0

type NvdCwe struct {
	ID    int64  `json:"-"`
	NvdID uint   `json:"-" index:"idx_nvd_cwes_nvd_id"`
	CweID string `gorm:"type:varchar(255)"`
}

NvdCwe has CweID

type NvdDescription ¶ added in v0.7.0

type NvdDescription struct {
	ID    int64  `json:"-"`
	NvdID uint   `json:"-" gorm:"index:idx_nvd_descriptions_nvd_id"`
	Lang  string `gorm:"type:varchar(255)"`
	Value string `gorm:"type:text"`
}

NvdDescription has description of the CVE

type NvdEnvCpe ¶ added in v0.7.0

type NvdEnvCpe struct {
	ID       int64 `json:"-"`
	NvdCpeID uint  `json:"-" gorm:"index:idx_nvd_env_cpes_nvd_cpe_id"`
	CpeBase  `gorm:"embedded"`
}

NvdEnvCpe is a Environmental CPE Only NVD has this information. configurations>nodes>cpe>vulnerable: false

type NvdReference ¶ added in v0.7.0

type NvdReference struct {
	ID        int64 `json:"-"`
	NvdID     uint  `json:"-" gorm:"index:idx_nvd_references_nvd_id"`
	Reference `gorm:"embedded"`
}

NvdReference holds reference information about the CVE.

type Reference ¶

type Reference struct {
	Link   string `gorm:"type:text"`
	Source string `gorm:"type:varchar(255)"`
	Tags   string `gorm:"type:varchar(255)"`
	Name   string `gorm:"type:text"`
}

Reference holds reference information about the CVE.

Source Files ¶

View all Source files

models.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL