Documentation ¶
Index ¶
- Variables
- type Affects
- type BaseMetricV2
- type BaseMetricV3
- type CPEMatch
- type CPEName
- type CVE
- type CVEDataMeta
- type CVEItem
- type CVEResponse
- type CVSSV2
- type CVSSV3
- type Configurations
- type Description
- type ErrUnexpectedStatus
- type GetCVEParams
- type GetCVEsParams
- type HTTPClient
- type Impact
- type LangString
- type Node
- type ProblemType
- type ProblemTypeData
- type Product
- type Reference
- type References
- type Result
- type Vendor
- type VendorData
- type VendorProduct
- type Version
- type VersionData
Constants ¶
This section is empty.
Variables ¶
var ( // ErrNilClient is an error returned when a given HTTPClient is nil. ErrNilClient = errors.New("given client is nil") )
Functions ¶
This section is empty.
Types ¶
type BaseMetricV2 ¶
type BaseMetricV2 struct { CVSSV2 *CVSSV2 `json:"cvssV2,omitempty"` Severity *string `json:"severity,omitempty"` ExploitabilityScore *float64 `json:"exploitabilityScore,omitempty"` ImpactScore *float64 `json:"impactScore,omitempty"` AcInsufInfo *bool `json:"acInsufInfo,omitempty"` ObtainAllPrivilege *bool `json:"obtainAllPrivilege,omitempty"` ObtainUserPrivilege *bool `json:"obtainUserPrivilege,omitempty"` ObtainOtherPrivilege *bool `json:"obtainOtherPrivilege,omitempty"` UserInteractionRequired *bool `json:"userInteractionRequired,omitempty"` }
BaseMetricV2 is the CVSS V2.0 score as defined in the NIST API schema.
type BaseMetricV3 ¶
type BaseMetricV3 struct { CVSSV3 *CVSSV3 `json:"cvssV3,omitempty"` ExploitabilityScore *float64 `json:"exploitabilityScore,omitempty"` ImpactScore *float64 `json:"impactScore,omitempty"` }
BaseMetricV3 is the CVSS V3.x score as defined in the NIST API schema.
type CPEMatch ¶
type CPEMatch struct { Vulnerable bool `json:"vulnerable"` CPE22URI *string `json:"cpe22Uri,omitempty"` CPE23URI string `json:"cpe23Uri"` VersionStartExcluding *string `json:"versionStartExcluding,omitempty"` VersionStartIncluding *string `json:"versionStartIncluding,omitempty"` VersionEndExcluding *string `json:"versionEndExcluding,omitempty"` VersionEndIncluding *string `json:"versionEndIncluding,omitempty"` CPEName *[]CPEName `json:"cpe_name,omitempty"` }
CPEMatch is the CPE Match string or range as defined in the NIST API schema.
type CPEName ¶
type CPEName struct { CPE22URI *string `json:"cpe22Uri,omitempty"` CPE23URI string `json:"cpe23Uri"` LastModifiedDate *string `json:"lastModifiedDate,omitempty"` }
CPEName is the CPE name as defined in the NIST API schema.
type CVE ¶
type CVE struct { DataType string `json:"data_type"` DataFormat string `json:"data_format"` DataVersion string `json:"data_version"` CVEDataMeta CVEDataMeta `json:"CVE_data_meta"` Affects *Affects `json:"affects,omitempty"` ProblemType ProblemType `json:"problemtype"` References References `json:"references"` Description Description `json:"description"` }
CVE as defined in the NIST API schema.
type CVEDataMeta ¶
type CVEItem ¶
type CVEItem struct { CVE CVE `json:"cve"` Configurations *Configurations `json:"configurations,omitempty"` Impact *Impact `json:"impact,omitempty"` PublishedDate *string `json:"publishedDate,omitempty"` LastModifiedDate *string `json:"lastModifiedDate,omitempty"` }
CVEITEM defines a vulnerability in the NVD data feed as defined in the NIST API schema.
type CVEResponse ¶
type CVEResponse struct { ResultsPerPage int `json:"resultsPerPage"` StartIndex int `json:"startIndex"` TotalResults int `json:"totalResults"` Result Result `json:"result"` }
func GetCVE ¶
func GetCVE(client HTTPClient, params GetCVEParams) (*CVEResponse, error)
GetCVE fetches and returns the CVE given the parameters.
func GetCVEs ¶
func GetCVEs(client HTTPClient, params GetCVEsParams) (*CVEResponse, error)
GetCVEs fetches and returns the CVEs given the parameters.
type CVSSV2 ¶
type CVSSV2 struct { Version string `json:"version"` VectorString string `json:"vectorString"` AccessVector *string `json:"accessVector,omitempty"` AccessComplexity *string `json:"accessComplexity,omitempty"` Authentication *string `json:"authentication,omitempty"` ConfidentialityImpact *string `json:"confidentialityImpact,omitempty"` IntegrityImpact *string `json:"integrityImpact,omitempty"` AvailabilityImpact *string `json:"availabilityImpact,omitempty"` BaseScore float64 `json:"baseScore"` Exploitability *string `json:"exploitability,omitempty"` RemediationLevel *string `json:"remediationLevel,omitempty"` ReportConfidence *string `json:"reportConfidence,omitempty"` TemporalScore *float64 `json:"temporalScore,omitempty"` CollateralDamagePotential *string `json:"collateralDamagePotential,omitempty"` TargetDistribution *string `json:"targetDistribution,omitempty"` ConfidentialityRequirement *string `json:"confidentialityRequirement,omitempty"` IntegrityRequirement *string `json:"integrityRequirement,omitempty"` AvailabilityRequirement *string `json:"availabilityRequirement,omitempty"` EnvironmentalScore *float64 `json:"environmentalScore,omitempty"` }
type CVSSV3 ¶
type CVSSV3 struct { // Version should be implemented using an enum Version string `json:"version"` VectorString string `json:"vectorString"` AttackVector *string `json:"attackVector,omitempty"` AttackComplexity *string `json:"attackComplexity,omitempty"` PrivilegesRequired *string `json:"privilegesRequired,omitempty"` UserInteraction *string `json:"userInteraction,omitempty"` Scope *string `json:"scope,omitempty"` ConfidentialityImpact *string `json:"confidentialityImpact,omitempty"` IntegrityImpact *string `json:"integrityImpact,omitempty"` AvailabilityImpact *string `json:"availabilityImpact,omitempty"` BaseScore float64 `json:"baseScore"` BaseSeverity string `json:"baseSeverity"` ExploitCodeMaturity *string `json:"exploitCodeMaturity,omitempty"` RemediationLevel *string `json:"remediationLevel,omitempty"` ReportConfidence *string `json:"reportConfidence,omitempty"` TemporalScore *float64 `json:"temporalScore,omitempty"` TemporalSeverity *string `json:"temporalSeverity,omitempty"` ConfidentialityRequirement *string `json:"confidentialityRequirement,omitempty"` IntegrityRequirement *string `json:"integrityRequirement,omitempty"` AvailabilityRequirement *string `json:"availabilityRequirement,omitempty"` ModifiedAttackVector *string `json:"modifiedAttackVector,omitempty"` ModifiedAttackComplexity *string `json:"modifiedAttackComplexity,omitempty"` ModifiedPrivilegesRequired *string `json:"modifiedPrivilegesRequired,omitempty"` ModifiedUserInteraction *string `json:"modifiedUserInteraction,omitempty"` ModifiedScope *string `json:"modifiedScope,omitempty"` ModifiedConfidentialityImpact *string `json:"modifiedConfidentialityImpact,omitempty"` ModifiedIntegrityImpact *string `json:"modifiedIntegrityImpact,omitempty"` ModifiedAvailabilityImpact *string `json:"modifiedAvailabilityImpact,omitempty"` EnvironmentalScore *float64 `json:"environmentalScore,omitempty"` EnvironmentalSeverity *string `json:"environmentalSeverity,omitempty"` }
type Configurations ¶
type Configurations struct { CVEDataVersion string `json:"CVE_data_version"` Nodes *[]Node `json:"nodes,omitempty"` }
Configurations defines the set of product configurations for a NVD applicability statement as defined in the NIST API schema.
type Description ¶
type Description struct { // DescriptionData has a minimum of 0 items according to // the NIST API schema. DescriptionData []LangString `json:"description_data"` }
type ErrUnexpectedStatus ¶
ErrUnexpectedStatus is an error meaning the API call returned a response with an unexpected status. It may occurs when the server is down or the parameters/body is invalid.
func (ErrUnexpectedStatus) Error ¶
func (e ErrUnexpectedStatus) Error() string
type GetCVEParams ¶
GetCVEParams combines the parameters needed for GetCVE.
type GetCVEsParams ¶
type GetCVEsParams struct { StartIndex *int `schema:"startIndex,omitempty"` ResultsPerPage *int `schema:"resultsPerPage,omitempty"` PubStartDate *string `schema:"pubStartDate,omitempty"` PubEndDate *string `schema:"pubEndDate,omitempty"` ModStartDate *string `schema:"modStartDate,omitempty"` ModEndDate *string `schema:"modEndDate,omitempty"` IncludeMatchStringChange *bool `schema:"includeMatchStringChange,omitempty"` Keyword *string `schema:"keyword,omitempty"` IsExactMatch *bool `schema:"isExactMatch,omitempty"` CWEID *bool `schema:"cweId,omitempty"` CVSSV2Severity *bool `schema:"cvssV2Severity,omitempty"` CVSSV3Severity *bool `schema:"cvssV3Severity,omitempty"` CVSSV2Metrics *bool `schema:"cvssV2Metrics,omitempty"` CVSSV3Metrics *bool `schema:"cvssV3Metrics,omitempty"` CPEMatchString *bool `schema:"cpeMatchString,omitempty"` CPEName *string `schema:"cpeName,omitempty"` AddOns *bool `schema:"addOns,omitempty"` }
GetCVEsParams combines the parameters needed for GetCVEs.
type HTTPClient ¶
HTTPClient defines what is the basic implementation of an HTTP client. Used for interconnectability with various implementations of an HTTP client, and for mocking purposes.
type Impact ¶
type Impact struct { BaseMetricV3 *BaseMetricV3 `json:"baseMetricV3,omitempty"` BaseMetricV2 *BaseMetricV2 `json:"baseMetricV2,omitempty"` }
Impact scores for a vulnerability as found on NVD as defined in the NIST API schema.
type LangString ¶
type Node ¶
type Node struct { Operator *string `json:"operator,omitempty"` Negate *bool `json:"negate,omitempty"` Children *[]Node `json:"children,omitempty"` CPEMatch *[]CPEMatch `json:"cpe_match,omitempty"` }
Node is a node or sub-node in an NVD applicability statement as defined in the NIST API schema.
type ProblemType ¶
type ProblemType struct { // ProblemTypeData has a minimum of 0 items according to the // NIST API schema. ProblemTypeData []ProblemTypeData `json:"problemtype_data"` }
type ProblemTypeData ¶
type ProblemTypeData struct { // Description has a minimum of 0 items according to the // NIST API schema. Description []LangString `json:"description"` }
type References ¶
type References struct { // ReferenceData has a minimum of 0 and a maximum of 500 // items according to the NIST API schema. ReferenceData []Reference `json:"reference_data"` }
type Result ¶
type Result struct { CVEDataType string `json:"CVE_data_type"` CVEDataFormat string `json:"CVE_data_format"` CVEDataVersion string `json:"CVE_data_version"` CVEDataNumberOfCVEs *string `json:"CVE_data_numberOfCVEs,omitempty"` CVEDataTimestamp string `json:"CVE_data_timestamp"` CVEItems *[]CVEItem `json:"CVE_Items,omitempty"` }
type Vendor ¶
type Vendor struct { // VendorData has a minimum of 0 items according to the // NIST API schema. VendorData []VendorData `json:""` }
type VendorData ¶
type VendorData struct { VendorName string `json:"vendor_name"` Product VendorProduct `json:"product"` }
type VendorProduct ¶
type VendorProduct struct { // ProductData has a minimum of 1 item according to the // NIST API schema. ProductData []Product `json:"product_data"` }
type Version ¶
type Version struct { // VersionData has a minimum of 1 item according to the // NIST API schema. VersionData []VersionData `json:"version_data"` }