nvdapi

package
v0.26.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 1, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DefaultHost  = "services.nvd.nist.gov"
	CVEsEndpoint = "/rest/json/cves/2.0"
)

Variables

View Source
var ErrRateLimited = errors.New("we've been rate limited by NVD! 🙊")

Functions

This section is empty.

Types

type CVEsResponse

type CVEsResponse struct {
	ResultsPerPage  int             `json:"resultsPerPage"`
	StartIndex      int             `json:"startIndex"`
	TotalResults    int             `json:"totalResults"`
	Format          string          `json:"format"`
	Version         string          `json:"version"`
	Timestamp       string          `json:"timestamp"`
	Vulnerabilities []Vulnerability `json:"vulnerabilities"`
}

type CpeMatch

type CpeMatch struct {
	Vulnerable            bool   `json:"vulnerable"`
	Criteria              string `json:"criteria"`
	VersionEndIncluding   string `json:"versionEndIncluding,omitempty"`
	MatchCriteriaID       string `json:"matchCriteriaId"`
	VersionEndExcluding   string `json:"versionEndExcluding,omitempty"`
	VersionStartIncluding string `json:"versionStartIncluding,omitempty"`
}

type Cve

type Cve struct {
	ID               string `json:"id"`
	SourceIdentifier string `json:"sourceIdentifier"`
	Published        string `json:"published"`
	LastModified     string `json:"lastModified"`
	VulnStatus       string `json:"vulnStatus"`
	EvaluatorImpact  string `json:"evaluatorImpact,omitempty"`
	Descriptions     []struct {
		Lang  string `json:"lang"`
		Value string `json:"value"`
	} `json:"descriptions"`
	Metrics    Metrics `json:"metrics"`
	Weaknesses []struct {
		Source      string `json:"source"`
		Type        string `json:"type"`
		Description []struct {
			Lang  string `json:"lang"`
			Value string `json:"value"`
		} `json:"description"`
	} `json:"weaknesses"`
	Configurations []struct {
		Nodes []struct {
			Operator string     `json:"operator"`
			Negate   bool       `json:"negate"`
			CpeMatch []CpeMatch `json:"cpeMatch"`
		} `json:"nodes"`
		Operator string `json:"operator,omitempty"`
	} `json:"configurations"`
	References []struct {
		URL    string   `json:"url"`
		Source string   `json:"source"`
		Tags   []string `json:"tags,omitempty"`
	} `json:"references"`
}

type Detector

type Detector struct {
	// contains filtered or unexported fields
}

func NewDetector

func NewDetector(client *http.Client, serviceHost, apiKey string) *Detector

func (*Detector) VulnerabilitiesForPackage added in v0.4.0

func (d *Detector) VulnerabilitiesForPackage(ctx context.Context, pkg string) ([]vuln.Match, error)

func (*Detector) VulnerabilitiesForPackages

func (d *Detector) VulnerabilitiesForPackages(ctx context.Context, packages ...string) (map[string][]vuln.Match, error)

VulnerabilitiesForPackages uses CPE-based queries to the NVD API to detect vulnerability matches for the given list of packages. It returns a map of package names to slices of vulnerability matches for that package. This method's requests to the NVD API are constrained by the Detector's configured rate limiter.

type Metrics

type Metrics struct {
	CvssMetricV2 []struct {
		Source   string `json:"source"`
		Type     string `json:"type"`
		CvssData struct {
			Version               string  `json:"version"`
			VectorString          string  `json:"vectorString"`
			AccessVector          string  `json:"accessVector"`
			AccessComplexity      string  `json:"accessComplexity"`
			Authentication        string  `json:"authentication"`
			ConfidentialityImpact string  `json:"confidentialityImpact"`
			IntegrityImpact       string  `json:"integrityImpact"`
			AvailabilityImpact    string  `json:"availabilityImpact"`
			BaseScore             float64 `json:"baseScore"`
		} `json:"cvssData"`
		BaseSeverity            string  `json:"baseSeverity"`
		ExploitabilityScore     float64 `json:"exploitabilityScore"`
		ImpactScore             float64 `json:"impactScore"`
		AcInsufInfo             bool    `json:"acInsufInfo"`
		ObtainAllPrivilege      bool    `json:"obtainAllPrivilege"`
		ObtainUserPrivilege     bool    `json:"obtainUserPrivilege"`
		ObtainOtherPrivilege    bool    `json:"obtainOtherPrivilege"`
		UserInteractionRequired bool    `json:"userInteractionRequired,omitempty"`
	} `json:"cvssMetricV2,omitempty"`
	CvssMetricV30 []struct {
		Source   string `json:"source"`
		Type     string `json:"type"`
		CvssData struct {
			Version               string  `json:"version"`
			VectorString          string  `json:"vectorString"`
			AttackVector          string  `json:"attackVector"`
			AttackComplexity      string  `json:"attackComplexity"`
			PrivilegesRequired    string  `json:"privilegesRequired"`
			UserInteraction       string  `json:"userInteraction"`
			Scope                 string  `json:"scope"`
			ConfidentialityImpact string  `json:"confidentialityImpact"`
			IntegrityImpact       string  `json:"integrityImpact"`
			AvailabilityImpact    string  `json:"availabilityImpact"`
			BaseScore             float64 `json:"baseScore"`
			BaseSeverity          string  `json:"baseSeverity"`
		} `json:"cvssData"`
		ExploitabilityScore float64 `json:"exploitabilityScore"`
		ImpactScore         float64 `json:"impactScore"`
	} `json:"cvssMetricV30,omitempty"`
	CvssMetricV31 []struct {
		Source   string `json:"source"`
		Type     string `json:"type"`
		CvssData struct {
			Version               string  `json:"version"`
			VectorString          string  `json:"vectorString"`
			AttackVector          string  `json:"attackVector"`
			AttackComplexity      string  `json:"attackComplexity"`
			PrivilegesRequired    string  `json:"privilegesRequired"`
			UserInteraction       string  `json:"userInteraction"`
			Scope                 string  `json:"scope"`
			ConfidentialityImpact string  `json:"confidentialityImpact"`
			IntegrityImpact       string  `json:"integrityImpact"`
			AvailabilityImpact    string  `json:"availabilityImpact"`
			BaseScore             float64 `json:"baseScore"`
			BaseSeverity          string  `json:"baseSeverity"`
		} `json:"cvssData"`
		ExploitabilityScore float64 `json:"exploitabilityScore"`
		ImpactScore         float64 `json:"impactScore"`
	} `json:"cvssMetricV31,omitempty"`
}

type Vulnerability

type Vulnerability struct {
	Cve Cve `json:"cve"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL