cve

package
v0.17.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 19, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Bucket    = release.TestBucket
	Directory = "/release/cve/"

	// Regexp to check CVE IDs.
	CVEIDRegExp = `^CVE-\d{4}-\d+$`
)

Variables

This section is empty.

Functions

func ValidateID

func ValidateID(cveID string) error

ValidateID checks if a CVE IS string is valid.

Types

type CVE

type CVE struct {
	ID            string  `json:"id"                 yaml:"id"`                 // CVE ID, eg CVE-2019-1010260
	Title         string  `json:"title"              yaml:"title"`              // Title of the vulnerability
	Description   string  `json:"description"        yaml:"description"`        // Description text of the vulnerability
	TrackingIssue string  `json:"issue"              yaml:"issue"`              // Link to the vulnerability tracking issue (url, optional)
	CVSSVector    string  `json:"vector"             yaml:"vector"`             // Full CVSS vector string, CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
	CVSSScore     float32 `json:"score"              yaml:"score"`              // Numeric CVSS score (eg 6.2)
	CVSSRating    string  `json:"rating"             yaml:"rating"`             // Severity bucket (eg Medium)
	CalcLink      string  `json:"calclink,omitempty" yaml:"calclink,omitempty"` // Link to the CVE calculator (automatic)
	LinkedPRs     []int   `json:"pullrequests"`                                 // List of linked PRs (to remove them from the release notes doc)
}

CVE Information of a linked CVE vulnerability.

func (*CVE) ReadRawInterface

func (cve *CVE) ReadRawInterface(cvedata interface{}) error

ReadRawInterface populates the CVE data struct from the raw array as returned by the YAML parser.

func (*CVE) Validate

func (cve *CVE) Validate() (err error)

Validate checks the data defined in a CVE map is complete and valid.

type Client

type Client struct {
	// contains filtered or unexported fields
}

func NewClient

func NewClient() *Client

func (*Client) CheckID

func (c *Client) CheckID(cve string) error

CheckID checks a CVE ID to verify it is well formed.

func (*Client) CopyToTemp

func (c *Client) CopyToTemp(cve string) (file *os.File, err error)

CopyToTemp copies a CVE entry into a temporary local file.

func (*Client) CreateEmptyMap

func (c *Client) CreateEmptyMap(cve string) (file *os.File, err error)

CreateEmptyMap creates a new, empty CVE data map.

func (*Client) Delete

func (c *Client) Delete(cve string) error

Delete removes a CVE entry from the security bucket location.

func (*Client) EntryExists

func (c *Client) EntryExists(cveID string) (bool, error)

List return a list iof existing CVE entries.

func (*Client) Write

func (c *Client) Write(cve, mapPath string) error

Write writes a map to the bucket.

type ClientImplementation

type ClientImplementation interface {
	CheckBucketPath(string, *ClientOptions) error
	CheckBucketWriteAccess(*ClientOptions) error
	DeleteFile(string, *ClientOptions) error
	CopyFile(string, string, *ClientOptions) error
	CheckID(string) error
	CopyToTemp(string, *ClientOptions) (*os.File, error)
	ValidateCVEMap(string, string, *ClientOptions) error
	CreateEmptyFile(string, *ClientOptions) (*os.File, error)
	EntryExists(string, *ClientOptions) (bool, error)
}

type ClientOptions

type ClientOptions struct {
	Bucket    string
	Directory string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL