Documentation
¶
Index ¶
Constants ¶
View Source
const ( DefaultHost = "services.nvd.nist.gov" CVEsEndpoint = "/rest/json/cves/2.0" )
Variables ¶
View Source
var ErrRateLimited = errors.New("we've been rate limited by NVD! 🙊")
Functions ¶
This section is empty.
Types ¶
type CVEsResponse ¶
type CVEsResponse struct {
ResultsPerPage int `json:"resultsPerPage"`
StartIndex int `json:"startIndex"`
TotalResults int `json:"totalResults"`
Format string `json:"format"`
Version string `json:"version"`
Timestamp string `json:"timestamp"`
Vulnerabilities []Vulnerability `json:"vulnerabilities"`
}
type CpeMatch ¶
type CpeMatch struct {
Vulnerable bool `json:"vulnerable"`
Criteria string `json:"criteria"`
VersionEndIncluding string `json:"versionEndIncluding,omitempty"`
MatchCriteriaID string `json:"matchCriteriaId"`
VersionEndExcluding string `json:"versionEndExcluding,omitempty"`
VersionStartIncluding string `json:"versionStartIncluding,omitempty"`
}
type Cve ¶
type Cve struct {
ID string `json:"id"`
SourceIdentifier string `json:"sourceIdentifier"`
Published string `json:"published"`
LastModified string `json:"lastModified"`
VulnStatus string `json:"vulnStatus"`
EvaluatorImpact string `json:"evaluatorImpact,omitempty"`
Descriptions []struct {
Lang string `json:"lang"`
Value string `json:"value"`
} `json:"descriptions"`
Metrics Metrics `json:"metrics"`
Weaknesses []struct {
Source string `json:"source"`
Type string `json:"type"`
Description []struct {
Lang string `json:"lang"`
Value string `json:"value"`
} `json:"description"`
} `json:"weaknesses"`
Configurations []struct {
Nodes []struct {
Operator string `json:"operator"`
Negate bool `json:"negate"`
CpeMatch []CpeMatch `json:"cpeMatch"`
} `json:"nodes"`
Operator string `json:"operator,omitempty"`
} `json:"configurations"`
References []struct {
URL string `json:"url"`
Source string `json:"source"`
Tags []string `json:"tags,omitempty"`
} `json:"references"`
}
type Detector ¶
type Detector struct {
// contains filtered or unexported fields
}
func (*Detector) VulnerabilitiesForPackage ¶ added in v0.4.0
func (*Detector) VulnerabilitiesForPackages ¶
func (d *Detector) VulnerabilitiesForPackages(ctx context.Context, packages ...string) (map[string][]vuln.Match, error)
VulnerabilitiesForPackages uses CPE-based queries to the NVD API to detect vulnerability matches for the given list of packages. It returns a map of package names to slices of vulnerability matches for that package. This method's requests to the NVD API are constrained by the Detector's configured rate limiter.
type Metrics ¶
type Metrics struct {
CvssMetricV2 []struct {
Source string `json:"source"`
Type string `json:"type"`
CvssData struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AccessVector string `json:"accessVector"`
AccessComplexity string `json:"accessComplexity"`
Authentication string `json:"authentication"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
} `json:"cvssData"`
BaseSeverity string `json:"baseSeverity"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
AcInsufInfo bool `json:"acInsufInfo"`
ObtainAllPrivilege bool `json:"obtainAllPrivilege"`
ObtainUserPrivilege bool `json:"obtainUserPrivilege"`
ObtainOtherPrivilege bool `json:"obtainOtherPrivilege"`
UserInteractionRequired bool `json:"userInteractionRequired,omitempty"`
} `json:"cvssMetricV2,omitempty"`
CvssMetricV30 []struct {
Source string `json:"source"`
Type string `json:"type"`
CvssData struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AttackVector string `json:"attackVector"`
AttackComplexity string `json:"attackComplexity"`
PrivilegesRequired string `json:"privilegesRequired"`
UserInteraction string `json:"userInteraction"`
Scope string `json:"scope"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
BaseSeverity string `json:"baseSeverity"`
} `json:"cvssData"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
} `json:"cvssMetricV30,omitempty"`
CvssMetricV31 []struct {
Source string `json:"source"`
Type string `json:"type"`
CvssData struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AttackVector string `json:"attackVector"`
AttackComplexity string `json:"attackComplexity"`
PrivilegesRequired string `json:"privilegesRequired"`
UserInteraction string `json:"userInteraction"`
Scope string `json:"scope"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
BaseSeverity string `json:"baseSeverity"`
} `json:"cvssData"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
} `json:"cvssMetricV31,omitempty"`
}
type Vulnerability ¶
type Vulnerability struct {
Cve Cve `json:"cve"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.