Documentation ¶
Index ¶
- Variables
- func ColorizeSeverity(severity string) string
- func CompareSeverityString(sev1, sev2 string) int
- type Advisory
- type AdvisoryDetail
- type CVSS
- type CVSSVector
- type GetArgs
- type GetExpectation
- type GetReturns
- type LastUpdated
- type MockVulnSrc
- func (_m *MockVulnSrc) ApplyGetExpectation(e GetExpectation)
- func (_m *MockVulnSrc) ApplyGetExpectations(expectations []GetExpectation)
- func (_m *MockVulnSrc) ApplyUpdateExpectation(e UpdateExpectation)
- func (_m *MockVulnSrc) ApplyUpdateExpectations(expectations []UpdateExpectation)
- func (_m *MockVulnSrc) Get(release string, pkgName string) ([]Advisory, error)
- func (_m *MockVulnSrc) Update(dir string) error
- type Severity
- type UpdateArgs
- type UpdateExpectation
- type UpdateReturns
- type VendorCVSS
- type VendorSeverity
- type Vulnerability
- type VulnerabilityDetail
Constants ¶
This section is empty.
Variables ¶
View Source
var ( SeverityNames = []string{ "UNKNOWN", "LOW", "MEDIUM", "HIGH", "CRITICAL", } SeverityColor = []func(a ...interface{}) string{ color.New(color.FgCyan).SprintFunc(), color.New(color.FgBlue).SprintFunc(), color.New(color.FgYellow).SprintFunc(), color.New(color.FgHiRed).SprintFunc(), color.New(color.FgRed).SprintFunc(), } )
Functions ¶
func ColorizeSeverity ¶
func CompareSeverityString ¶
Types ¶
type Advisory ¶
type Advisory struct { VulnerabilityID string `json:",omitempty"` VendorIDs []string `json:",omitempty"` // e.g. RHSA-ID and DSA-ID // It is filled only when FixedVersion is empty since it is obvious the state is "Fixed" when FixedVersion is not empty. // e.g. Will not fix and Affected State string `json:",omitempty"` // Sizo DB has "vulnerability" bucket and severities are usually stored in the bucket per a vulnerability ID. // In some cases, the advisory may have multiple severities depending on the packages. // For example, CVE-2015-2328 in Debian has "unimportant" for mongodb and "low" for pcre3. // e.g. https://security-tracker.debian.org/tracker/CVE-2015-2328 Severity Severity `json:",omitempty"` // Versions for os package FixedVersion string `json:",omitempty"` AffectedVersion string `json:",omitempty"` // Only for Arch Linux // MajorVersion ranges for language-specific package // Some advisories provide VulnerableVersions only, others provide PatchedVersions and UnaffectedVersions VulnerableVersions []string `json:",omitempty"` PatchedVersions []string `json:",omitempty"` UnaffectedVersions []string `json:",omitempty"` // Custom is basically for extensibility and is not supposed to be used in OSS Custom interface{} `json:",omitempty"` }
type AdvisoryDetail ¶
type CVSSVector ¶
type GetExpectation ¶
type GetExpectation struct { Args GetArgs Returns GetReturns }
type GetReturns ¶
type LastUpdated ¶
type MockVulnSrc ¶
MockVulnSrc is an autogenerated mock type for the VulnSrc type
func (*MockVulnSrc) ApplyGetExpectation ¶
func (_m *MockVulnSrc) ApplyGetExpectation(e GetExpectation)
func (*MockVulnSrc) ApplyGetExpectations ¶
func (_m *MockVulnSrc) ApplyGetExpectations(expectations []GetExpectation)
func (*MockVulnSrc) ApplyUpdateExpectation ¶
func (_m *MockVulnSrc) ApplyUpdateExpectation(e UpdateExpectation)
func (*MockVulnSrc) ApplyUpdateExpectations ¶
func (_m *MockVulnSrc) ApplyUpdateExpectations(expectations []UpdateExpectation)
func (*MockVulnSrc) Get ¶
func (_m *MockVulnSrc) Get(release string, pkgName string) ([]Advisory, error)
Get provides a mock function with given fields: release, pkgName
func (*MockVulnSrc) Update ¶
func (_m *MockVulnSrc) Update(dir string) error
Update provides a mock function with given fields: dir
type UpdateArgs ¶
type UpdateExpectation ¶
type UpdateExpectation struct { Args UpdateArgs Returns UpdateReturns }
type UpdateReturns ¶
type UpdateReturns struct {
Err error
}
type VendorCVSS ¶
type VendorSeverity ¶
type Vulnerability ¶
type Vulnerability struct { Title string `json:",omitempty"` Description string `json:",omitempty"` Severity string `json:",omitempty"` // Selected from VendorSeverity, depending on a scan target CweIDs []string `json:",omitempty"` // e.g. CWE-78, CWE-89 VendorSeverity VendorSeverity `json:",omitempty"` CVSS VendorCVSS `json:",omitempty"` References []string `json:",omitempty"` PublishedDate *time.Time `json:",omitempty"` LastModifiedDate *time.Time `json:",omitempty"` // Custom is basically for extensibility and is not supposed to be used in OSS Custom interface{} `json:",omitempty"` }
type VulnerabilityDetail ¶
type VulnerabilityDetail struct { ID string `json:",omitempty"` // e.g. CVE-2019-8331, OSVDB-104365 CvssScore float64 `json:",omitempty"` CvssVector string `json:",omitempty"` CvssScoreV3 float64 `json:",omitempty"` CvssVectorV3 string `json:",omitempty"` Severity Severity `json:",omitempty"` SeverityV3 Severity `json:",omitempty"` CweIDs []string `json:",omitempty"` // e.g. CWE-78, CWE-89 References []string `json:",omitempty"` Title string `json:",omitempty"` Description string `json:",omitempty"` PublishedDate *time.Time `json:",omitempty"` LastModifiedDate *time.Time `json:",omitempty"` }
Click to show internal directories.
Click to hide internal directories.