models

package
v0.5.1-0...-a058e20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 19, 2020 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Affect 

type Affect struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	Vendor  string
	Product string
	Version string
}

Affect has vendor/product/version info in NVD JSON

type Cert 

type Cert struct {
	gorm.Model `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	Title string `sql:"type:text"`
	Link  string `sql:"type:text"`
}

Cert is Child model of Jvn/Nvd. It holds CERT alerts.

type Cpe 

type Cpe struct {
	gorm.Model `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	CpeBase
	EnvCpes []EnvCpe
}

Cpe is Child model of Jvn/Nvd. see https://www.ipa.go.jp/security/vuln/CPE.html In NVD JSON, configurations>nodes>cpe>valunerable: true

type CpeBase 

type CpeBase struct {
	URI             string
	FormattedString string
	WellFormedName  string `sql:"type:text"`
	CpeWFN

	VersionStartExcluding string
	VersionStartIncluding string
	VersionEndExcluding   string
	VersionEndIncluding   string
}

CpeBase has common args of Cpe and EnvCpe

type CpeWFN 

type CpeWFN struct {
	Part            string
	Vendor          string
	Product         string
	Version         string
	Update          string
	Edition         string
	Language        string
	SoftwareEdition string
	TargetSW        string
	TargetHW        string
	Other           string
}

CpeWFN has CPE Well Formed name informaiton

type CveDetail 

type CveDetail struct {
	gorm.Model `json:"-" xml:"-"`

	CveID   string
	NvdJSON *NvdJSON `json:",omitempty"`
	Jvn     *Jvn     `json:",omitempty"`
}

CveDetail is a parent of Jnv/Nvd model

type Cvss2 

type Cvss2 struct {
	gorm.Model `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`

	VectorString          string
	AccessVector          string
	AccessComplexity      string
	Authentication        string
	ConfidentialityImpact string
	IntegrityImpact       string
	AvailabilityImpact    string
	BaseScore             float64

	// NVD JSON and JVN has severity (Not in NVD XML)
	Severity string
}

Cvss2 has CVSS Version 2 info

type Cvss2Extra 

type Cvss2Extra struct {
	NvdJSONID uint `json:"-" xml:"-"`

	Cvss2
	ExploitabilityScore     float64
	ImpactScore             float64
	ObtainAllPrivilege      bool
	ObtainUserPrivilege     bool
	ObtainOtherPrivilege    bool
	UserInteractionRequired bool
}

Cvss2Extra has extra CVSS V2 info

type Cvss3 

type Cvss3 struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`
	JVNID      uint `json:"-" xml:"-"`

	VectorString string

	AttackVector          string
	AttackComplexity      string
	PrivilegesRequired    string
	UserInteraction       string
	Scope                 string
	ConfidentialityImpact string
	IntegrityImpact       string
	AvailabilityImpact    string

	BaseScore           float64
	BaseSeverity        string
	ExploitabilityScore float64
	ImpactScore         float64
}

Cvss3 has CVSS Version 3 info NVD JSON and JVN has CVSS3 info

type Cwe 

type Cwe struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`

	CweID string
}

Cwe has CweID

type Description 

type Description struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`

	Lang  string
	Value string `sql:"type:text"`
}

Description has description of the CVE

type EnvCpe 

type EnvCpe struct {
	gorm.Model `json:"-" xml:"-"`
	CpeID      uint `json:"-" xml:"-"`

	CpeBase
}

EnvCpe is a Environmental CPE Only NVD JSON has this information. configurations>nodes>cpe>valunerable: false

type FeedMeta 

type FeedMeta struct {
	gorm.Model `json:"-"`

	URL              string
	Hash             string
	LastModifiedDate string

	LatestHash             string `json:"-" gorm:"-"`
	LatestLastModifiedDate string `json:"-" gorm:"-"`
}

FeedMeta has meta information about fetched feeds

func (FeedMeta) FetchOption 

func (f FeedMeta) FetchOption() string

FetchOption returns a option of fetch subcommand for list subcommand

func (FeedMeta) Newly 

func (f FeedMeta) Newly() bool

Newly checks whether not fetched yet

func (FeedMeta) OutDated 

func (f FeedMeta) OutDated() bool

OutDated checks whether last fetched feed is out dated

func (FeedMeta) StatusForStdout 

func (f FeedMeta) StatusForStdout() string

StatusForStdout returns a status of fetched feed

func (FeedMeta) ToTableWriterRow 

func (f FeedMeta) ToTableWriterRow() []string

ToTableWriterRow generate data for table writer

func (FeedMeta) UpToDate 

func (f FeedMeta) UpToDate() bool

UpToDate checks whether last fetched feed is up to date

func (FeedMeta) Year 

func (f FeedMeta) Year() (year string, xml bool, err error)

Year returns year, whether xml or not of the feed

type Jvn 

type Jvn struct {
	gorm.Model  `json:"-" xml:"-"`
	CveDetailID uint `json:"-" xml:"-"`

	CveID   string
	Title   string
	Summary string `sql:"type:text"`
	JvnLink string
	JvnID   string

	Cvss2      Cvss2
	Cvss3      Cvss3
	Cpes       []Cpe `json:",omitempty"`
	References []Reference

	Certs            []Cert
	PublishedDate    time.Time
	LastModifiedDate time.Time
}

Jvn is a model of JVN

type NvdJSON 

type NvdJSON struct {
	gorm.Model  `json:"-" xml:"-"`
	CveDetailID uint `json:"-" xml:"-"`

	CveID        string
	Descriptions []Description

	Cvss2      Cvss2Extra
	Cvss3      Cvss3
	Cwes       []Cwe
	Cpes       []Cpe
	Affects    []Affect
	References []Reference

	// Assigner         string
	Certs            []Cert
	PublishedDate    time.Time
	LastModifiedDate time.Time
}

NvdJSON is a struct of NVD JSON https://scap.nist.gov/schema/nvd/feed/0.1/nvd_cve_feed_json_0.1_beta.schema

type Reference 

type Reference struct {
	gorm.Model `json:"-" xml:"-"`
	NvdJSONID  uint `json:"-" xml:"-"`
	JvnID      uint `json:"-" xml:"-"`

	Source string
	Link   string `sql:"type:text"`
}

Reference is Child model of Jvn/Nvd. It holds reference information about the CVE.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.