vulnerability

package
v0.0.0-...-9de8873 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Name  = "vulnerability"
	Usage = "Execute vulnerability related tools and operations"
	Alias = "vuln"

	EpssCmdName      = "epss"
	EpssCmdNameUsage = "Get EPPS information for the target vulnerabilities"
)
View Source
const (
	EpssOrderRecordsScoreDesc      = "score-desc"
	EpssOrderRecordsScoreAsc       = "score-asc"
	EpssOrderRecordsPercentileDesc = "percentile-desc"
	EpssOrderRecordsPercentileAsc  = "percentile-asc"
)
View Source
const (
	// Shared Flags
	FlagCVE      = "cve"
	FlagCVEUsage = "Target vulnerability CVE ID"

	// EPSS Flags
	FlagDate      = "date"
	FlagDateUsage = "Date for the EPSS information (YYYY-MM-DD format)"

	FlagOp      = "op"
	FlagOpUsage = "EPSS operation ('lookup' | 'list')"

	FlagWithHistory      = "with-history"
	FlagWithHistoryUsage = "Return EPSS results with historical data"

	FlagLimit      = "limit"
	FlagLimitUsage = "Limit the number of returned records"

	FlagOffset      = "offset"
	FlagOffsetUsage = "Offset where to start returning records"

	FlagFilterCveIDPattern      = "filter-cve-id-pattern"
	FlagFilterCveIDPatternUsage = "'CVE ID pattern' ESPP list operation filter"

	FlagFilterDaysSinceAdded      = "filter-days-since-added"
	FlagFilterDaysSinceAddedUsage = "'days since added' ESPP list operation filter"

	FlagFilterScoreGt      = "filter-score-gt"
	FlagFilterScoreGtUsage = "'score is greater than' ESPP list operation filter"

	FlagFilterScoreLt      = "filter-score-lt"
	FlagFilterScoreLtUsage = "'score is less than' ESPP list operation filter"

	FlagFilterPercentileGt      = "filter-percentile-gt"
	FlagFilterPercentileGtUsage = "'percentile is greater than' ESPP list operation filter"

	FlagFilterPercentileLt      = "filter-percentile-lt"
	FlagFilterPercentileLtUsage = "'percentile is less than' ESPP list operation filter"

	FlagFilterOrderRecords      = "filter-order-records"
	FlagFilterOrderRecordsUsage = "'order returned records' ESPP list operation filter ('score-desc' | 'score-asc' | 'percentile-desc' | 'percentile-asc')"
)

Vulnerability command flags

View Source
const (
	EpssOpLookup = "lookup"
	EpssOpList   = "list"
)

Variables

View Source
var CLI = &cli.Command{
	Name:    Name,
	Aliases: []string{Alias},
	Usage:   Usage,
	Flags: []cli.Flag{
		cflag(FlagCVE),
	},
	Subcommands: []*cli.Command{
		{
			Name:  EpssCmdName,
			Usage: EpssCmdNameUsage,
			Flags: []cli.Flag{
				cflag(FlagDate),
				cflag(FlagOp),
				cflag(FlagWithHistory),
				cflag(FlagLimit),
				cflag(FlagOffset),
				cflag(FlagFilterCveIDPattern),
				cflag(FlagFilterDaysSinceAdded),
				cflag(FlagFilterScoreGt),
				cflag(FlagFilterScoreLt),
				cflag(FlagFilterPercentileGt),
				cflag(FlagFilterPercentileLt),
				cflag(FlagFilterOrderRecords),
			},
			Action: func(ctx *cli.Context) error {
				gcvalues, ok := command.CLIContextGet(ctx.Context, command.GlobalParams).(*command.GenericParams)
				if !ok || gcvalues == nil {
					return command.ErrNoGlobalParams
				}

				xc := app.NewExecutionContext(
					fullCmdName(EpssCmdName),
					gcvalues.QuietCLIMode,
					gcvalues.OutputFormat)

				cparams, err := EpssCommandFlagValues(ctx)
				xc.FailOn(err)

				if len(cparams.CVEList) == 0 && cparams.Op == EpssOpLookup {
					xc.Fail("EPSS lookup requires, at least, one CVE")
				}

				OnEpssCommand(xc, gcvalues, cparams)
				return nil
			},
		},
	},
}
View Source
var CommandFlagSuggestions = &command.FlagSuggestions{
	Names: []prompt.Suggest{
		{Text: command.FullFlagName(FlagCVE), Description: FlagCVEUsage},

		{Text: EpssCmdName, Description: EpssCmdNameUsage},
	},
	Values: map[string]command.CompleteValue{},
}
View Source
var CommandSuggestion = prompt.Suggest{
	Text:        Name,
	Description: Usage,
}
View Source
var Flags = map[string]cli.Flag{
	FlagCVE: &cli.StringSliceFlag{
		Name:    FlagCVE,
		Value:   cli.NewStringSlice(),
		Usage:   FlagCVEUsage,
		EnvVars: []string{"DSLIM_VULN_CVE"},
	},
	FlagDate: &cli.StringFlag{
		Name:    FlagDate,
		Value:   "",
		Usage:   FlagDateUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_DATE"},
	},
	FlagOp: &cli.StringFlag{
		Name:    FlagOp,
		Value:   EpssOpLookup,
		Usage:   FlagOpUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_OP"},
	},
	FlagWithHistory: &cli.BoolFlag{
		Name:    FlagWithHistory,
		Value:   false,
		Usage:   FlagWithHistoryUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_HISTORY"},
	},
	FlagLimit: &cli.Uint64Flag{
		Name:    FlagLimit,
		Value:   10,
		Usage:   FlagLimitUsage,
		EnvVars: []string{"DSLIM_VULN_LIMIT"},
	},
	FlagOffset: &cli.Uint64Flag{
		Name:    FlagOffset,
		Value:   0,
		Usage:   FlagOffsetUsage,
		EnvVars: []string{"DSLIM_VULN_OFFSET"},
	},
	FlagFilterCveIDPattern: &cli.StringFlag{
		Name:    FlagFilterCveIDPattern,
		Value:   "",
		Usage:   FlagFilterCveIDPatternUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_FILTER_CVEID_PAT"},
	},
	FlagFilterDaysSinceAdded: &cli.UintFlag{
		Name:    FlagFilterDaysSinceAdded,
		Value:   0,
		Usage:   FlagFilterDaysSinceAddedUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_FILTER_DAYS_SINCE"},
	},
	FlagFilterScoreGt: &cli.Float64Flag{
		Name:    FlagFilterScoreGt,
		Value:   0,
		Usage:   FlagFilterScoreGtUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_FILTER_SCORE_GT"},
	},
	FlagFilterScoreLt: &cli.Float64Flag{
		Name:    FlagFilterScoreLt,
		Value:   0,
		Usage:   FlagFilterScoreLtUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_FILTER_SCORE_LT"},
	},
	FlagFilterPercentileGt: &cli.Float64Flag{
		Name:    FlagFilterPercentileGt,
		Value:   0,
		Usage:   FlagFilterPercentileGtUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_FILTER_PERC_GT"},
	},
	FlagFilterPercentileLt: &cli.Float64Flag{
		Name:    FlagFilterPercentileLt,
		Value:   0,
		Usage:   FlagFilterPercentileLtUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_FILTER_PERC_LT"},
	},
	FlagFilterOrderRecords: &cli.StringFlag{
		Name:    FlagFilterOrderRecords,
		Value:   "",
		Usage:   FlagFilterOrderRecordsUsage,
		EnvVars: []string{"DSLIM_VULN_EPSS_FILTER_ORDER"},
	},
}

Functions

func IsValidOp

func IsValidOp(input string) bool

func IsValidOrderRecordsValue

func IsValidOrderRecordsValue(input string) bool

func OnEpssCommand

func OnEpssCommand(
	xc *app.ExecutionContext,
	gparams *command.GenericParams,
	cparams *EpssCommandParams)

OnEpssCommand implements the 'vulnerability epss' command

func OrderType

func OrderType(input string) epss.OrderType

func RegisterCommand

func RegisterCommand()

Types

type CommonCommandParams

type CommonCommandParams struct {
	CVEList []string
}

func CommonCommandFlagValues

func CommonCommandFlagValues(ctx *cli.Context) (*CommonCommandParams, error)

type EpssCommandParams

type EpssCommandParams struct {
	*CommonCommandParams
	Date                 time.Time
	Op                   string
	WithHistory          bool
	Limit                uint64
	Offset               uint64
	FilterCveIDPattern   string
	FilterDaysSinceAdded uint
	FilterScoreGt        float64
	FilterScoreLt        float64
	FilterPercentileGt   float64
	FilterPercentileLt   float64
	FilterOrderRecords   epss.OrderType
}

func EpssCommandFlagValues

func EpssCommandFlagValues(ctx *cli.Context) (*EpssCommandParams, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL