models

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 8, 2019 License: GPL-3.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// CpeNameMatchStr is a String representation of CpeNameMatch
	CpeNameMatchStr = "CpeNameMatch"

	// YumUpdateSecurityMatchStr is a String representation of YumUpdateSecurityMatch
	YumUpdateSecurityMatchStr = "YumUpdateSecurityMatch"

	// PkgAuditMatchStr is a String representation of PkgAuditMatch
	PkgAuditMatchStr = "PkgAuditMatch"

	// OvalMatchStr is a String representation of OvalMatch
	OvalMatchStr = "OvalMatch"

	// RedHatAPIStr is a String representation of RedHatAPIMatch
	RedHatAPIStr = "RedHatAPIMatch"

	// DebianSecurityTrackerMatchStr is a String representation of DebianSecurityTrackerMatch
	DebianSecurityTrackerMatchStr = "DebianSecurityTrackerMatch"

	// ChangelogExactMatchStr is a String representation of ChangelogExactMatch
	ChangelogExactMatchStr = "ChangelogExactMatch"

	// ChangelogLenientMatchStr is a String representation of ChangelogLenientMatch
	ChangelogLenientMatchStr = "ChangelogLenientMatch"

	// GitHubMatchStr is a String representation of GitHubMatch
	GitHubMatchStr = "GitHubMatch"

	// WPVulnDBMatchStr is a String representation of WordPress VulnDB scanning
	WPVulnDBMatchStr = "WPVulnDBMatch"

	// FailedToGetChangelog is a String representation of FailedToGetChangelog
	FailedToGetChangelog = "FailedToGetChangelog"

	// FailedToFindVersionInChangelog is a String representation of FailedToFindVersionInChangelog
	FailedToFindVersionInChangelog = "FailedToFindVersionInChangelog"
)
View Source
const (
	// WPCore is a type `core` in WPPackage struct
	WPCore = "core"
	// WPPlugin is a type `plugin` in WPPackage struct
	WPPlugin = "plugin"
	// WPTheme is a type `theme` in WPPackage struct
	WPTheme = "theme"

	// Inactive is a inactive status in WPPackage struct
	Inactive = "inactive"
)
View Source
const JSONVersion = 4

JSONVersion is JSON Version

Variables

View Source
var (
	// CpeNameMatch is a ranking how confident the CVE-ID was deteted correctly
	CpeNameMatch = Confidence{100, CpeNameMatchStr, 1}

	// YumUpdateSecurityMatch is a ranking how confident the CVE-ID was deteted correctly
	YumUpdateSecurityMatch = Confidence{100, YumUpdateSecurityMatchStr, 2}

	// PkgAuditMatch is a ranking how confident the CVE-ID was deteted correctly
	PkgAuditMatch = Confidence{100, PkgAuditMatchStr, 2}

	// OvalMatch is a ranking how confident the CVE-ID was deteted correctly
	OvalMatch = Confidence{100, OvalMatchStr, 0}

	// RedHatAPIMatch ranking how confident the CVE-ID was deteted correctly
	RedHatAPIMatch = Confidence{100, RedHatAPIStr, 0}

	// DebianSecurityTrackerMatch ranking how confident the CVE-ID was deteted correctly
	DebianSecurityTrackerMatch = Confidence{100, DebianSecurityTrackerMatchStr, 0}

	// ChangelogExactMatch is a ranking how confident the CVE-ID was deteted correctly
	ChangelogExactMatch = Confidence{95, ChangelogExactMatchStr, 3}

	// ChangelogLenientMatch is a ranking how confident the CVE-ID was deteted correctly
	ChangelogLenientMatch = Confidence{50, ChangelogLenientMatchStr, 4}

	// GitHubMatch is a ranking how confident the CVE-ID was deteted correctly
	GitHubMatch = Confidence{97, GitHubMatchStr, 2}

	// WPVulnDBMatch is a ranking how confident the CVE-ID was deteted correctly
	WPVulnDBMatch = Confidence{100, WPVulnDBMatchStr, 0}
)

AllCveContetTypes has all of CveContentTypes

Functions

func GetAlertsByCveID added in v0.6.2

func GetAlertsByCveID(cveID string, lang string) (alerts []alert.Alert)

GetAlertsByCveID return alerts fetched by cveID

Types

type AffectedProcess added in v0.5.0

type AffectedProcess struct {
	PID  string `json:"pid"`
	Name string `json:"name"`
}

AffectedProcess keep a processes information affected by software update

type AlertDict added in v0.6.2

type AlertDict struct {
	Ja []alert.Alert `json:"ja"`
	En []alert.Alert `json:"en"`
}

AlertDict has target cve's JPCERT and USCERT alert data

func (AlertDict) FormatSource added in v0.6.2

func (a AlertDict) FormatSource() string

FormatSource returns which source has this alert

func (AlertDict) HasAlert added in v0.6.2

func (a AlertDict) HasAlert() bool

HasAlert returns whether or not it has En or Ja entries.

type Changelog added in v0.3.0

type Changelog struct {
	Contents string          `json:"contents"`
	Method   DetectionMethod `json:"method"`
}

Changelog has contents of changelog and how to get it. Method: models.detectionMethodStr

type Confidence added in v0.3.0

type Confidence struct {
	Score           int             `json:"score"`
	DetectionMethod DetectionMethod `json:"detectionMethod"`
	SortOrder       int             `json:"-"`
}

Confidence is a ranking how confident the CVE-ID was deteted correctly Score: 0 - 100

func (Confidence) String added in v0.3.0

func (c Confidence) String() string

type Confidences added in v0.5.0

type Confidences []Confidence

Confidences is a list of Confidence

func (*Confidences) AppendIfMissing added in v0.5.0

func (cs *Confidences) AppendIfMissing(confidence Confidence)

AppendIfMissing appends confidence to the list if missiong

func (Confidences) SortByConfident added in v0.5.0

func (cs Confidences) SortByConfident() Confidences

SortByConfident sorts Confidences

type Container added in v0.1.4

type Container struct {
	ContainerID string `json:"containerID"`
	Name        string `json:"name"`
	Image       string `json:"image"`
	Type        string `json:"type"`
	UUID        string `json:"uuid"`
}

Container has Container information

type Cpe added in v0.4.0

type Cpe struct {
	URI             string `json:"uri"`
	FormattedString string `json:"formattedString"`
}

Cpe is Common Platform Enumeration

type CveContent added in v0.4.0

type CveContent struct {
	Type          CveContentType    `json:"type"`
	CveID         string            `json:"cveID"`
	Title         string            `json:"title"`
	Summary       string            `json:"summary"`
	Cvss2Score    float64           `json:"cvss2Score"`
	Cvss2Vector   string            `json:"cvss2Vector"`
	Cvss2Severity string            `json:"cvss2Severity"`
	Cvss3Score    float64           `json:"cvss3Score"`
	Cvss3Vector   string            `json:"cvss3Vector"`
	Cvss3Severity string            `json:"cvss3Severity"`
	SourceLink    string            `json:"sourceLink"`
	Cpes          []Cpe             `json:"cpes,omitempty"`
	References    References        `json:"references,omitempty"`
	CweIDs        []string          `json:"cweIDs,omitempty"`
	Published     time.Time         `json:"published"`
	LastModified  time.Time         `json:"lastModified"`
	Mitigation    string            `json:"mitigation"` // RedHat API
	Optional      map[string]string `json:"optional,omitempty"`
}

CveContent has abstraction of various vulnerability information

func ConvertJvnToModel added in v0.4.0

func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent

ConvertJvnToModel convert JVN to CveContent

func ConvertNvdJSONToModel added in v0.5.0

func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent

ConvertNvdJSONToModel convert NVD to CveContent

func ConvertNvdXMLToModel added in v0.5.0

func ConvertNvdXMLToModel(cveID string, nvd *cvedict.NvdXML) *CveContent

ConvertNvdXMLToModel convert NVD to CveContent

func (CveContent) Empty added in v0.4.0

func (c CveContent) Empty() bool

Empty checks the content is empty

type CveContentCpes added in v0.4.0

type CveContentCpes struct {
	Type  CveContentType
	Value []Cpe
}

CveContentCpes has CveContentType and Value

type CveContentCvss added in v0.4.0

type CveContentCvss struct {
	Type  CveContentType `json:"type"`
	Value Cvss           `json:"value"`
}

CveContentCvss has CVSS information

type CveContentRefs added in v0.4.0

type CveContentRefs struct {
	Type  CveContentType
	Value []Reference
}

CveContentRefs has CveContentType and Cpes

type CveContentStr added in v0.4.0

type CveContentStr struct {
	Type  CveContentType
	Value string
}

CveContentStr has CveContentType and Value

type CveContentType added in v0.4.0

type CveContentType string

CveContentType is a source of CVE information

const (
	// NvdXML is NvdXML
	NvdXML CveContentType = "nvdxml"

	// Nvd is Nvd
	Nvd CveContentType = "nvd"

	// Jvn is Jvn
	Jvn CveContentType = "jvn"

	// RedHat is RedHat
	RedHat CveContentType = "redhat"

	// RedHatAPI is RedHat
	RedHatAPI CveContentType = "redhat_api"

	// DebianSecurityTracker is Debian Secury tracker
	DebianSecurityTracker CveContentType = "debian_security_tracker"

	// Debian is Debian
	Debian CveContentType = "debian"

	// Ubuntu is Ubuntu
	Ubuntu CveContentType = "ubuntu"

	// Oracle is Oracle Linux
	Oracle CveContentType = "oracle"

	// SUSE is SUSE Linux
	SUSE CveContentType = "suse"

	// Microsoft is Microsoft
	Microsoft CveContentType = "microsoft"

	// WPVulnDB is WordPress
	WPVulnDB CveContentType = "wpvulndb"

	// Unknown is Unknown
	Unknown CveContentType = "unknown"
)

func NewCveContentType added in v0.4.0

func NewCveContentType(name string) CveContentType

NewCveContentType create CveContentType

type CveContentTypes added in v0.4.0

type CveContentTypes []CveContentType

CveContentTypes has slide of CveContentType

func (CveContentTypes) Except added in v0.4.0

func (c CveContentTypes) Except(excepts ...CveContentType) (excepted CveContentTypes)

Except returns CveContentTypes except for given args

type CveContents added in v0.4.0

type CveContents map[CveContentType]CveContent

CveContents has CveContent

func NewCveContents added in v0.4.0

func NewCveContents(conts ...CveContent) CveContents

NewCveContents create CveContents

func (CveContents) Cpes added in v0.4.0

func (v CveContents) Cpes(myFamily string) (values []CveContentCpes)

Cpes returns affected CPEs of this Vulnerability

func (CveContents) CweIDs added in v0.4.0

func (v CveContents) CweIDs(myFamily string) (values []CveContentStr)

CweIDs returns related CweIDs of the vulnerability

func (CveContents) Except added in v0.4.0

func (v CveContents) Except(exceptCtypes ...CveContentType) (values CveContents)

Except returns CveContents except given keys for enumeration

func (CveContents) References added in v0.4.0

func (v CveContents) References(myFamily string) (values []CveContentRefs)

References returns References

func (v CveContents) SourceLinks(lang, myFamily, cveID string) (values []CveContentStr)

SourceLinks returns link of source

func (CveContents) UniqCweIDs added in v0.5.0

func (v CveContents) UniqCweIDs(myFamily string) (values []CveContentStr)

UniqCweIDs returns Uniq CweIDs

type Cvss added in v0.4.0

type Cvss struct {
	Type                 CvssType `json:"type"`
	Score                float64  `json:"score"`
	CalculatedBySeverity bool     `json:"calculatedBySeverity"`
	Vector               string   `json:"vector"`
	Severity             string   `json:"severity"`
}

Cvss has CVSS Score

func (Cvss) Format added in v0.4.0

func (c Cvss) Format() string

Format CVSS Score and Vector

type CvssType added in v0.4.0

type CvssType string

CvssType Represent the type of CVSS

const (
	// CVSS2 means CVSS vesion2
	CVSS2 CvssType = "2"

	// CVSS3 means CVSS vesion3
	CVSS3 CvssType = "3"
)

type CweDict added in v0.5.0

type CweDict map[string]CweDictEntry

CweDict is a dictionary for CWE

func (CweDict) Get added in v0.5.0

func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL string)

Get the name, url, top10URL for the specified cweID, lang

type CweDictEntry added in v0.5.0

type CweDictEntry struct {
	En              *cwe.Cwe `json:"en,omitempty"`
	Ja              *cwe.Cwe `json:"ja,omitempty"`
	OwaspTopTen2017 string   `json:"owaspTopTen2017"`
}

CweDictEntry is a entry of CWE

type DetectionMethod added in v0.4.0

type DetectionMethod string

DetectionMethod indicates - How to detect the CveID - How to get the changelog difference between installed and candidate version

type DistroAdvisory

type DistroAdvisory struct {
	AdvisoryID  string    `json:"advisoryID"`
	Severity    string    `json:"severity"`
	Issued      time.Time `json:"issued"`
	Updated     time.Time `json:"updated"`
	Description string    `json:"description"`
}

DistroAdvisory has Amazon Linux, RHEL, FreeBSD Security Advisory information.

func (DistroAdvisory) Format added in v0.4.0

func (p DistroAdvisory) Format() string

Format the distro advisory information

type Exploit added in v0.6.0

type Exploit struct {
	ExploitType  exploitmodels.ExploitType `json:"exploitType"`
	ID           string                    `json:"id"`
	URL          string                    `json:"url"`
	Description  string                    `json:"description"`
	DocumentURL  *string                   `json:"documentURL,omitempty"`
	ShellCodeURL *string                   `json:"shellCodeURL,omitempty"`
	BinaryURL    *string                   `json:"binaryURL,omitempty"`
}

Exploit :

type GitHubSecurityAlert added in v0.6.3

type GitHubSecurityAlert struct {
	PackageName   string    `json:"packageName"`
	FixedIn       string    `json:"fixedIn"`
	AffectedRange string    `json:"affectedRange"`
	Dismissed     bool      `json:"dismissed"`
	DismissedAt   time.Time `json:"dismissedAt"`
	DismissReason string    `json:"dismissReason"`
}

GitHubSecurityAlert has detected CVE-ID, PackageName, Status fetched via GitHub API

type GitHubSecurityAlerts added in v0.6.3

type GitHubSecurityAlerts []GitHubSecurityAlert

GitHubSecurityAlerts is a list of GitHubSecurityAlert

func (GitHubSecurityAlerts) Add added in v0.6.3

Add adds given arg to the slice and return the slice (immutable)

func (GitHubSecurityAlerts) Names added in v0.7.0

func (g GitHubSecurityAlerts) Names() (names []string)

Names return a slice of lib names

type Kernel added in v0.4.0

type Kernel struct {
	Release        string `json:"release"`
	Version        string `json:"version"`
	RebootRequired bool   `json:"rebootRequired"`
}

Kernel has the Release, version and whether need restart

type NeedRestartProcess added in v0.5.0

type NeedRestartProcess struct {
	PID         string `json:"pid"`
	Path        string `json:"path"`
	ServiceName string `json:"serviceName"`
	InitSystem  string `json:"initSystem"`
	HasInit     bool   `json:"-"`
}

NeedRestartProcess keep a processes information affected by software update

type Package added in v0.4.0

type Package struct {
	Name             string               `json:"name"`
	Version          string               `json:"version"`
	Release          string               `json:"release"`
	NewVersion       string               `json:"newVersion"`
	NewRelease       string               `json:"newRelease"`
	Arch             string               `json:"arch"`
	Repository       string               `json:"repository"`
	Changelog        Changelog            `json:"changelog"`
	AffectedProcs    []AffectedProcess    `json:",omitempty"`
	NeedRestartProcs []NeedRestartProcess `json:",omitempty"`
}

Package has installed binary packages.

func (Package) FQPN added in v0.5.0

func (p Package) FQPN() string

FQPN returns Fully-Qualified-Package-Name name-version-release.arch

func (Package) FormatChangelog added in v0.4.0

func (p Package) FormatChangelog() string

FormatChangelog formats the changelog

func (Package) FormatNewVer added in v0.4.0

func (p Package) FormatNewVer() string

FormatNewVer returns package version-release

func (Package) FormatVer added in v0.4.0

func (p Package) FormatVer() string

FormatVer returns package version-release

func (Package) FormatVersionFromTo added in v0.4.0

func (p Package) FormatVersionFromTo(notFixedYet bool, status string) string

FormatVersionFromTo formats installed and new package version

type PackageFixStatus added in v0.7.0

type PackageFixStatus struct {
	Name        string `json:"name"`
	NotFixedYet bool   `json:"notFixedYet"`
	FixState    string `json:"fixState"`
}

PackageFixStatus has name and other status abount the package

type PackageFixStatuses added in v0.7.0

type PackageFixStatuses []PackageFixStatus

PackageFixStatuses is a list of PackageStatus

func (PackageFixStatuses) Names added in v0.7.0

func (ps PackageFixStatuses) Names() (names []string)

Names return a slice of package names

func (PackageFixStatuses) Sort added in v0.7.0

func (ps PackageFixStatuses) Sort()

Sort by Name

func (PackageFixStatuses) Store added in v0.7.0

Store insert given pkg if missing, update pkg if exists

type Packages added in v0.4.0

type Packages map[string]Package

Packages is Map of Package { "package-name": Package }

func NewPackages added in v0.4.0

func NewPackages(packs ...Package) Packages

NewPackages create Packages

func (Packages) FindByFQPN added in v0.5.0

func (ps Packages) FindByFQPN(nameVerRelArc string) (*Package, error)

FindByFQPN search a package by Fully-Qualified-Package-Name

func (Packages) FindOne added in v0.4.0

func (ps Packages) FindOne(f func(Package) bool) (string, Package, bool)

FindOne search a element

func (Packages) Merge added in v0.4.0

func (ps Packages) Merge(other Packages) Packages

Merge returns merged map (immutable)

func (Packages) MergeNewVersion added in v0.4.0

func (ps Packages) MergeNewVersion(as Packages)

MergeNewVersion merges candidate version information to the receiver struct

type Platform added in v0.1.5

type Platform struct {
	Name       string `json:"name"` // aws or azure or gcp or other...
	InstanceID string `json:"instanceID"`
}

Platform has platform information

type Reference added in v0.4.0

type Reference struct {
	Source string `json:"source"`
	Link   string `json:"link"`
	RefID  string `json:"refID"`
}

Reference has a related link of the CVE

type References added in v0.4.0

type References []Reference

References is a slice of Reference

type ScanResult

type ScanResult struct {
	JSONVersion      int       `json:"jsonVersion"`
	Lang             string    `json:"lang"`
	ServerUUID       string    `json:"serverUUID"`
	ServerName       string    `json:"serverName"` // TOML Section key
	Family           string    `json:"family"`
	Release          string    `json:"release"`
	Container        Container `json:"container"`
	Platform         Platform  `json:"platform"`
	IPv4Addrs        []string  `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
	IPv6Addrs        []string  `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
	ScannedAt        time.Time `json:"scannedAt"`
	ScanMode         string    `json:"scanMode"`
	ScannedVersion   string    `json:"scannedVersion"`
	ScannedRevision  string    `json:"scannedRevision"`
	ScannedBy        string    `json:"scannedBy"`
	ScannedIPv4Addrs []string  `json:"scannedIpv4Addrs,omitempty"`
	ScannedIPv6Addrs []string  `json:"scannedIpv6Addrs,omitempty"`
	ReportedAt       time.Time `json:"reportedAt"`
	ReportedVersion  string    `json:"reportedVersion"`
	ReportedRevision string    `json:"reportedRevision"`
	ReportedBy       string    `json:"reportedBy"`
	Errors           []string  `json:"errors"`

	ScannedCves       VulnInfos              `json:"scannedCves"`
	RunningKernel     Kernel                 `json:"runningKernel"`
	Packages          Packages               `json:"packages"`
	SrcPackages       SrcPackages            `json:",omitempty"`
	WordPressPackages *WordPressPackages     `json:",omitempty"`
	CweDict           CweDict                `json:"cweDict,omitempty"`
	Optional          map[string]interface{} `json:",omitempty"`
	Config            struct {
		Scan   config.Config `json:"scan"`
		Report config.Config `json:"report"`
	} `json:"config"`
}

ScanResult has the result of scanned CVE information.

func (ScanResult) FilterByCvssOver added in v0.2.0

func (r ScanResult) FilterByCvssOver(over float64) ScanResult

FilterByCvssOver is filter function.

func (ScanResult) FilterIgnoreCves added in v0.4.0

func (r ScanResult) FilterIgnoreCves() ScanResult

FilterIgnoreCves is filter function.

func (ScanResult) FilterIgnorePkgs added in v0.5.0

func (r ScanResult) FilterIgnorePkgs() ScanResult

FilterIgnorePkgs is filter function.

func (ScanResult) FilterInactiveWordPressLibs added in v0.7.0

func (r ScanResult) FilterInactiveWordPressLibs() ScanResult

FilterInactiveWordPressLibs is filter function.

func (ScanResult) FilterUnfixed added in v0.4.1

func (r ScanResult) FilterUnfixed() ScanResult

FilterUnfixed is filter function.

func (ScanResult) FormatAlertSummary added in v0.6.2

func (r ScanResult) FormatAlertSummary() string

FormatAlertSummary returns a summary of XCERT alerts

func (ScanResult) FormatExploitCveSummary added in v0.6.0

func (r ScanResult) FormatExploitCveSummary() string

FormatExploitCveSummary returns a summary of exploit cve

func (ScanResult) FormatServerName added in v0.3.0

func (r ScanResult) FormatServerName() (name string)

FormatServerName returns server and container name

func (ScanResult) FormatTextReportHeadedr added in v0.4.0

func (r ScanResult) FormatTextReportHeadedr() string

FormatTextReportHeadedr returns header of text report

func (ScanResult) FormatUpdatablePacksSummary added in v0.5.0

func (r ScanResult) FormatUpdatablePacksSummary() string

FormatUpdatablePacksSummary returns a summary of updatable packages

func (ScanResult) IsContainer added in v0.5.0

func (r ScanResult) IsContainer() bool

IsContainer returns whether this ServerInfo is about container

func (ScanResult) IsDeepScanMode added in v0.5.0

func (r ScanResult) IsDeepScanMode() bool

IsDeepScanMode checks if the scan mode is deep scan mode.

func (ScanResult) ReportFileName added in v0.2.0

func (r ScanResult) ReportFileName() (name string)

ReportFileName returns the filename on localhost without extention

func (ScanResult) ReportKeyName added in v0.2.0

func (r ScanResult) ReportKeyName() (name string)

ReportKeyName returns the name of key on S3, Azure-Blob without extention

func (ScanResult) ServerInfo added in v0.1.4

func (r ScanResult) ServerInfo() string

ServerInfo returns server name one line

func (ScanResult) ServerInfoTui added in v0.1.4

func (r ScanResult) ServerInfoTui() string

ServerInfoTui returns server information for TUI sidebar

type ScanResults

type ScanResults []ScanResult

ScanResults is a slide of ScanResult

type SrcPackage added in v0.4.1

type SrcPackage struct {
	Name        string   `json:"name"`
	Version     string   `json:"version"`
	BinaryNames []string `json:"binaryNames"`
}

SrcPackage has installed source package information. Debian based Linux has both of package and source information in dpkg. OVAL database often includes a source version (Not a binary version), so it is also needed to capture source version for OVAL version comparison. https://github.com/future-architect/vuls/issues/504

func (*SrcPackage) AddBinaryName added in v0.4.1

func (s *SrcPackage) AddBinaryName(name string)

AddBinaryName add the name if not exists

type SrcPackages added in v0.4.1

type SrcPackages map[string]SrcPackage

SrcPackages is Map of SrcPackage { "package-name": SrcPackage }

func (SrcPackages) FindByBinName added in v0.5.0

func (s SrcPackages) FindByBinName(name string) (*SrcPackage, bool)

FindByBinName finds by bin-package-name

type VulnInfo added in v0.2.0

type VulnInfo struct {
	CveID                string               `json:"cveID,omitempty"`
	Confidences          Confidences          `json:"confidences,omitempty"`
	AffectedPackages     PackageFixStatuses   `json:"affectedPackages,omitempty"`
	DistroAdvisories     []DistroAdvisory     `json:"distroAdvisories,omitempty"` // for Aamazon, RHEL, FreeBSD
	CveContents          CveContents          `json:"cveContents,omitempty"`
	Exploits             []Exploit            `json:"exploits,omitempty"`
	AlertDict            AlertDict            `json:"alertDict,omitempty"`
	CpeURIs              []string             `json:"cpeURIs,omitempty"` // CpeURIs related to this CVE defined in config.toml
	GitHubSecurityAlerts GitHubSecurityAlerts `json:"gitHubSecurityAlerts,omitempty"`
	WpPackageFixStats    WpPackageFixStats    `json:"wpPackageFixStats,omitempty"`

	VulnType string `json:"vulnType,omitempty"`
}

VulnInfo has a vulnerability information and unsecure packages

func (VulnInfo) AttackVector added in v0.5.0

func (v VulnInfo) AttackVector() string

AttackVector returns attack vector string

func (VulnInfo) Cvss2CalcURL added in v0.4.0

func (v VulnInfo) Cvss2CalcURL() string

Cvss2CalcURL returns CVSS v2 caluclator's URL

func (VulnInfo) Cvss2Scores added in v0.4.0

func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss)

Cvss2Scores returns CVSS V2 Scores

func (VulnInfo) Cvss3CalcURL added in v0.4.0

func (v VulnInfo) Cvss3CalcURL() string

Cvss3CalcURL returns CVSS v3 caluclator's URL

func (VulnInfo) Cvss3Scores added in v0.4.0

func (v VulnInfo) Cvss3Scores() (values []CveContentCvss)

Cvss3Scores returns CVSS V3 Score

func (VulnInfo) FormatMaxCvssScore added in v0.4.0

func (v VulnInfo) FormatMaxCvssScore() string

FormatMaxCvssScore returns Max CVSS Score

func (VulnInfo) MaxCvss2Score added in v0.4.0

func (v VulnInfo) MaxCvss2Score() CveContentCvss

MaxCvss2Score returns Max CVSS V2 Score

func (VulnInfo) MaxCvss3Score added in v0.4.0

func (v VulnInfo) MaxCvss3Score() CveContentCvss

MaxCvss3Score returns Max CVSS V3 Score

func (VulnInfo) MaxCvssScore added in v0.4.0

func (v VulnInfo) MaxCvssScore() CveContentCvss

MaxCvssScore returns max CVSS Score If there is no CVSS Score, return Severity as a numerical value.

func (VulnInfo) Mitigations added in v0.5.0

func (v VulnInfo) Mitigations(myFamily string) (values []CveContentStr)

Mitigations returns mitigations

func (VulnInfo) PatchStatus added in v0.5.0

func (v VulnInfo) PatchStatus(packs Packages) string

PatchStatus returns attack vector string

func (VulnInfo) Summaries added in v0.4.0

func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr)

Summaries returns summaries

func (VulnInfo) Titles added in v0.4.0

func (v VulnInfo) Titles(lang, myFamily string) (values []CveContentStr)

Titles returns tilte (TUI)

func (v VulnInfo) VendorLinks(family string) map[string]string

VendorLinks returns links of vendor support's URL

type VulnInfos added in v0.2.0

type VulnInfos map[string]VulnInfo

VulnInfos has a map of VulnInfo Key: CveID

func (VulnInfos) CountGroupBySeverity added in v0.4.0

func (v VulnInfos) CountGroupBySeverity() map[string]int

CountGroupBySeverity summarize the number of CVEs group by CVSSv2 Severity

func (VulnInfos) Find added in v0.4.0

func (v VulnInfos) Find(f func(VulnInfo) bool) VulnInfos

Find elements that matches the function passed in argument

func (VulnInfos) FindScoredVulns added in v0.4.0

func (v VulnInfos) FindScoredVulns() VulnInfos

FindScoredVulns return scored vulnerabilities

func (VulnInfos) FormatCveSummary added in v0.4.0

func (v VulnInfos) FormatCveSummary() string

FormatCveSummary summarize the number of CVEs group by CVSSv2 Severity

func (VulnInfos) FormatFixedStatus added in v0.5.0

func (v VulnInfos) FormatFixedStatus(packs Packages) string

FormatFixedStatus summarize the number of cves are fixed.

func (VulnInfos) ToSortedSlice added in v0.4.0

func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo)

ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID

type WordPressPackages added in v0.7.0

type WordPressPackages []WpPackage

WordPressPackages has Core version, plugins and themes.

func (WordPressPackages) CoreVersion added in v0.7.0

func (w WordPressPackages) CoreVersion() string

CoreVersion returns the core version of the installed WordPress

func (WordPressPackages) Find added in v0.7.0

func (w WordPressPackages) Find(name string) (ps *WpPackage, found bool)

Find searches by specified name

func (WordPressPackages) Plugins added in v0.7.0

func (w WordPressPackages) Plugins() (ps []WpPackage)

Plugins returns a slice of plugins of the installed WordPress

func (WordPressPackages) Themes added in v0.7.0

func (w WordPressPackages) Themes() (ps []WpPackage)

Themes returns a slice of themes of the installed WordPress

type WpPackage added in v0.7.0

type WpPackage struct {
	Name    string `json:"name,omitempty"`
	Status  string `json:"status,omitempty"` // active, inactive or must-use
	Update  string `json:"update,omitempty"` // available or none
	Version string `json:"version,omitempty"`
	Type    string `json:"type,omitempty"` // core, plugin, theme
}

WpPackage has a details of plugin and theme

type WpPackageFixStats added in v0.7.0

type WpPackageFixStats []WpPackageFixStatus

WpPackageFixStats is a list of WpPackageFixStatus

func (WpPackageFixStats) Names added in v0.7.0

func (ws WpPackageFixStats) Names() (names []string)

Names return a slice of names

type WpPackageFixStatus added in v0.7.0

type WpPackageFixStatus struct {
	Name    string `json:"name,omitempty"`
	FixedIn string `json:"fixedIn,omitempty"`
}

WpPackageFixStatus is used in Vulninfo.WordPress

type WpPackages added in v0.7.0

type WpPackages []WpPackage

WpPackages has a list of WpPackage

func (WpPackages) Add added in v0.7.0

func (g WpPackages) Add(pkg WpPackage) WpPackages

Add adds given arg to the slice and return the slice (immutable)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL