analyzer

package
v0.1.31 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 6, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package analyzer Debian CVE Tracker Analyzer Copyright 2019 debcvescan authors

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Package analyzer Debian CVE Tracker Analyzer Copyright 2019 debcvescan authors

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Package analyzer Debian CVE Tracker Analyzer Copyright 2019 debcvescan authors

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetOSInfo added in v0.1.21 

func GetOSInfo() (string, string, string)

GetOSInfo returns information about the Debian distro

Types

type Severity 

type Severity int

Severity describs the severity 

const (
	// OPEN open issue still beein investigated
	OPEN Severity = iota

	// HIGH  critical issue to be fixef
	HIGH

	// MEDIUM  medium severity
	MEDIUM

	// LOW  low severity
	LOW
	// UNKNOWN unknown impact
	UNKNOWN

	// IGNORE end of life and outdated issues
	IGNORE
)

func (Severity) String 

func (serverity Severity) String() string

type Vulnerability 

type Vulnerability struct {
	Severity         Severity `json:"severity"`
	CVE              string   `json:"cve"`
	Description      string   `json:"description"`
	PackageName      string   `json:"package"`
	InstalledVersion string   `json:"installed_version"`
	FixedVersion     string   `json:"fixed_version"`
}

Vulnerability contains a vulnerability

type VulnerabilityReport added in v0.1.13 

type VulnerabilityReport struct {
	CountTotal      int             `json:"count_total"`
	CountHigh       int             `json:"count_high"`
	CountMedium     int             `json:"count_medium"`
	CountLow        int             `json:"count_low"`
	CountUnknown    int             `json:"count_unknown"`
	CountIgnore     int             `json:"count_ignore"`
	CountOpen       int             `json:"count_open"`
	Vulnerabilities []Vulnerability `json:"vulnerabilities"`
}

VulnerabilityReport vulnerability report

func NewVulnerabilityReport added in v0.1.24 

func NewVulnerabilityReport() VulnerabilityReport

NewVulnerabilityReport creates a new instance of the vulnerability report

func ScanPackages 

func ScanPackages(installedPackages dpkg.PackageList) VulnerabilityReport

ScanPackages scans the given list of debian packages for vulnerabilties

func (*VulnerabilityReport) AddVulnerability added in v0.1.24 

func (r *VulnerabilityReport) AddVulnerability(vul Vulnerability)

AddVulnerability adds a new vulnerability to the report and updates the statistics

type WhiteList added in v0.1.19 

type WhiteList struct {
	Whitelisted []WhitelistEntry `json:"whitelisted"`
}

object struct for the whitelist

func NewWhitelist added in v0.1.19 

func NewWhitelist() WhiteList

NewWhiteList creates a new instance of the WhiteList class

func (*WhiteList) AddCVE added in v0.1.20 

func (s *WhiteList) AddCVE(cve string, justification string)

Add adds a new CVE whitelist entry together with justification to 'debcvescan.whitelist' file and saves it

func (*WhiteList) AddPackage added in v0.1.20 

func (s *WhiteList) AddPackage(name string, justification string)

Add adds a new package whitelist entry together with justification to 'debcvescan.whitelist' file and saves it

func (*WhiteList) HasCVE added in v0.1.20 

func (s *WhiteList) HasCVE(cve string) bool

HasCVE checks if th given CVE is whitelisted or not

func (*WhiteList) HasPackage added in v0.1.20 

func (s *WhiteList) HasPackage(name string) bool

HasPackage checks if th given package is whitelisted or not

func (*WhiteList) RemoveCVE added in v0.1.20 

func (s *WhiteList) RemoveCVE(cve string)

RemoveCVE emoves the given CVE entry from the 'debcvescan.whitelist' file and saves ii

func (*WhiteList) RemovePackage added in v0.1.20 

func (s *WhiteList) RemovePackage(name string)

RemovePackage emoves the given package entry from the 'debcvescan.whitelist' file and saves ii

type WhitelistEntry added in v0.1.19 

type WhitelistEntry struct {
	CVE           string `json:"cve"`
	Package       string `json:"package"`
	Justification string `json:"justification"`
}

WhitelistEntry represents an entry in the whitelist

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.