Documentation
¶
Index ¶
- Variables
- func AbbrCheck(name string, info ProductsTable, symbol string) bool
- func AccessComplexityVerbose(i string) string
- func CreateOrUpdateCVE(db *gorm.DB, id string, cve *CVE) error
- func CreateOrUpdateCWE(db *gorm.DB, id string, i interface{}) error
- func FilterCVE(db *gorm.DB, req *ypb.QueryCVERequest) *gorm.DB
- func FixProductName(ProductName string, db *gorm.DB) ([]string, error)
- func FuzzCheck(input []string, data []string) bool
- func IsNum(s string) bool
- func MarshalCheck(v any) []byte
- func RegisterDesc(d map[string]CVEDesc)
- func Set(s []string) []string
- func SeverityVerbose(i string) string
- func StatusVerbose(i string) string
- func ToReg(start, end string, startFlag, endFlag bool) []string
- func VersionCompare(v1, v2 string) (int, float64)
- func YieldCVEs(db *gorm.DB, ctx context.Context) chan *CVE
- func YieldCWEs(db *gorm.DB, ctx context.Context) chan *CWE
- type BaseMetricV2
- type BaseMetricV3
- type CPE
- type CVE
- type CVEDataMeta
- type CVEDesc
- type CVERecord
- type CVERes
- type CVEYearFile
- type CWE
- type Configurations
- type CpeMatch
- type Cve
- type CvssV2
- type CvssV3
- type Description
- type DescriptionData
- type DescriptionInfo
- type Impact
- type Nodes
- type Problemtype
- type ProblemtypeData
- type ProductId
- type ProductsTable
- type ReferenceData
- type References
- type SqliteManager
Constants ¶
This section is empty.
Variables ¶
View Source
var CVETbles = []any{ &CVE{}, &CWE{}, &ProductsTable{}, }
View Source
var CommonFix map[string]ProductId = map[string]ProductId{
"httpd": {
ProductName: "http_server",
Vendor: "apache",
},
"iis": {
ProductName: "internet_information_server",
},
}
Functions ¶
func AccessComplexityVerbose ¶
func MarshalCheck ¶
func RegisterDesc ¶
func SeverityVerbose ¶
func StatusVerbose ¶
func VersionCompare ¶
Types ¶
type BaseMetricV2 ¶
type BaseMetricV2 struct {
CvssV2 CvssV2 `json:"cvssV2"`
Severity string `json:"severity"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
ObtainAllPrivilege bool `json:"obtainAllPrivilege"`
ObtainUserPrivilege bool `json:"obtainUserPrivilege"`
ObtainOtherPrivilege bool `json:"obtainOtherPrivilege"`
UserInteractionRequired bool `json:"userInteractionRequired"`
}
type BaseMetricV3 ¶
type BaseMetricV3 struct {
CvssV3 CvssV3 `json:"cvssV3"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
ObtainAllPrivilege bool `json:"obtainAllPrivilege"`
ObtainUserPrivilege bool `json:"obtainUserPrivilege"`
ObtainOtherPrivilege bool `json:"obtainOtherPrivilege"`
UserInteractionRequired bool `json:"userInteractionRequired"`
}
type CPE ¶
type CPE struct {
//cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*
Part, Vendor, Product, Version, Edition string
}
type CVE ¶
type CVE struct {
gorm.Model
CVE string `gorm:"uniqueIndex"`
CWE string
ProblemType []byte
References []byte
TitleZh string
Solution string
DescriptionMain string
DescriptionMainZh string
Descriptions []byte
Vendor string
Product string
CPEConfigurations []byte
CVSSVersion string
CVSSVectorString string
// 攻击路径
AccessVector string
// 攻击复杂度
AccessComplexity string
// 需要认证
Authentication string
// 机密性影响(泄密)
ConfidentialityImpact string
// 完整性影响(破坏程度)
IntegrityImpact string
// 可用性影响(导致服务不可用)
AvailabilityImpact string
// 基础评分
BaseCVSSv2Score float64
// 严重等级
Severity string
// 漏洞利用评分
ExploitabilityScore float64
// 漏洞影响评分
ImpactScore float64
// 可获取所有权限
ObtainAllPrivilege bool
// 可获取用户权限
ObtainUserPrivilege bool
// 可获取其他权限
ObtainOtherPrivilege bool
// 是否需要用户交互
UserInteractionRequired bool
PublishedDate time.Time
LastModifiedData time.Time
}
func (*CVE) ToGPRCModel ¶
type CVEDataMeta ¶
type CVERecord ¶
type CVERecord struct {
Cve Cve `json:"cve"`
Configurations Configurations `json:"configurations"`
Impact Impact `json:"impact"`
PublishedDate string `json:"publishedDate"`
LastModifiedDate string `json:"lastModifiedDate"`
}
func (*CVERecord) DescriptionMain ¶
func (*CVERecord) GetLastModifiedDate ¶
func (*CVERecord) GetPublishedDate ¶
type CVEYearFile ¶
type CVEYearFile struct {
CVEDataType string `json:"CVE_data_type"`
CVEDataFormat string `json:"CVE_data_format"`
CVEDataVersion string `json:"CVE_data_version"`
CVEDataNumberOfCVEs string `json:"CVE_data_numberOfCVEs"`
CVEDataTimestamp string `json:"CVE_data_timestamp"`
CVERecords []CVERecord `json:"CVE_Items"`
}
type CWE ¶
type CWE struct {
Id int `json:"id" gorm:"primary_key"`
IdStr string `json:"id_str" gorm:"uniqueIndex"`
Name string
NameZh string
// 描述 CWE 之间的关系
Parent string `json:"parent"` // 父子关系
Siblings string `json:"siblings"` // 兄弟关系
InferTo string `json:"infer_to"` // 推导关系(有上一个问题,多半也会有这个问题)
Requires string `json:"requires"` // 依赖关系
Status string // CWE 发布状态 draft / incomplete / stable
Stable bool
Incomplete bool
Description string
DescriptionZh string
ExtendedDescription string
ExtendedDescriptionZh string
Abstraction string // base / varint
RelativeLanguage string // 可能出现的语言
CWESolution string // 修复方案
CVEExamples string // 典型 CVE 案例
CAPECVectors string
}
func (*CWE) BeforeSave ¶
func (*CWE) ToGRPCModel ¶
type Configurations ¶
type CpeMatch ¶
type CpeMatch struct {
Vulnerable bool `json:"vulnerable"`
Cpe23URI string `json:"cpe23Uri"`
VersionStartExcluding string `json:"versionStartExcluding"`
VersionEndExcluding string `json:"versionEndExcluding"`
VersionStartIncluding string `json:"versionStartIncluding"`
VersionEndIncluding string `json:"versionEndIncluding"`
}
type Cve ¶
type Cve struct {
DataType string `json:"data_type"`
DataFormat string `json:"data_format"`
DataVersion string `json:"data_version"`
CVEDataMeta CVEDataMeta `json:"CVE_data_meta"`
Problemtype Problemtype `json:"problemtype"`
References References `json:"references"`
DescriptionInfo DescriptionInfo `json:"description"`
}
type CvssV2 ¶
type CvssV2 struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AccessVector string `json:"accessVector"`
AccessComplexity string `json:"accessComplexity"`
Authentication string `json:"authentication"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
}
type CvssV3 ¶
type CvssV3 struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AttackVector string `json:"attackVector"`
AttackComplexity string `json:"attackComplexity"`
PrivilegesRequired string `json:"privilegesRequired"`
UserInteraction string `json:"userInteraction"`
Scope string `json:"scope"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
BaseSeverity string `json:"baseSeverity"`
}
type Description ¶
type DescriptionData ¶
type DescriptionInfo ¶
type DescriptionInfo struct {
DescriptionData []DescriptionData `json:"description_data"`
}
type Impact ¶
type Impact struct {
BaseMetricV2 BaseMetricV2 `json:"baseMetricV2"`
BaseMetricV3 BaseMetricV3 `json:"baseMetricV3"`
}
type Nodes ¶
type Nodes struct {
Operator string `json:"operator"`
CpeMatch []CpeMatch `json:"cpe_match"`
Children []Nodes `json:"children"`
}
func (Nodes) GetProduct ¶
type Problemtype ¶
type Problemtype struct {
ProblemtypeData []ProblemtypeData `json:"problemtype_data"`
}
type ProblemtypeData ¶
type ProblemtypeData struct {
Description []Description `json:"description"`
}
type ProductsTable ¶
type ReferenceData ¶
type References ¶
type References struct {
ReferenceData []ReferenceData `json:"reference_data"`
}
type SqliteManager ¶
func GetManager ¶
func GetManager(path string, forceCreates ...bool) *SqliteManager
func (*SqliteManager) SaveCVERecord ¶
func (m *SqliteManager) SaveCVERecord(record *CVERecord)
Source Files
Click to show internal directories.
Click to hide internal directories.