Documentation ¶
Index ¶
- type Affected
- type AffectedComponent
- type Asset
- type AssetType
- type CPEMatch
- type CVE
- type CWE
- type Comment
- type Component
- type Config
- type Flaw
- type FlawEvent
- type FlawEventType
- type FlawState
- type Mitigation
- type Model
- type OSV
- type Org
- type PAT
- type Project
- type RequirementLevel
- type Severity
- type Type
- type VulnInPackage
- type Weakness
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AffectedComponent ¶
type AffectedComponent struct { ID string `json:"id" gorm:"primaryKey;"` PURL string `json:"purl" gorm:"type:text;column:purl"` Ecosystem string `json:"ecosystem" gorm:"type:text;"` Scheme string `json:"scheme" gorm:"type:text;"` Type string `json:"type" gorm:"type:text;"` Name string `json:"name" gorm:"type:text;"` Namespace *string `json:"namespace" gorm:"type:text;"` Qualifiers *string `json:"qualifiers" gorm:"type:text;"` Subpath *string `json:"subpath" gorm:"type:text;"` Version *string `json:"version"` // either version or semver is defined SemverIntroduced *string `json:"semver_start" gorm:"type:semver;"` SemverFixed *string `json:"semver_end" gorm:"type:semver;"` CVE []CVE `json:"cves" gorm:"many2many:cve_affected_component;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"` }
func (*AffectedComponent) SetIdHash ¶
func (affectedComponent *AffectedComponent) SetIdHash()
func (AffectedComponent) TableName ¶
func (affectedComponent AffectedComponent) TableName() string
type Asset ¶
type Asset struct { Model Name string `json:"name" gorm:"type:text"` Slug string `json:"slug" gorm:"type:text;uniqueIndex:idx_app_project_slug;not null;"` ProjectID uuid.UUID `json:"projectId" gorm:"uniqueIndex:idx_app_project_slug;not null;type:uuid;"` Description string `json:"description" gorm:"type:text"` Flaws []Flaw `json:"flaws" gorm:"foreignKey:AssetID;constraint:OnDelete:CASCADE;"` Type AssetType `json:"type" gorm:"type:text;not null;"` Importance int `json:"importance" gorm:"default:1;"` ReachableFromInternet bool `json:"reachableFromInternet" gorm:"default:false;"` ConfidentialityRequirement RequirementLevel `json:"confidentialityRequirement" gorm:"default:'high';not null;type:text;"` IntegrityRequirement RequirementLevel `json:"integrityRequirement" gorm:"default:'high';not null;type:text;"` AvailabilityRequirement RequirementLevel `json:"availabilityRequirement" gorm:"default:'high';not null;type:text;"` Components []Component `json:"components" gorm:"many2many:asset_components;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"` Version string `json:"version" gorm:"type:text;"` LastComponentUpdate time.Time `json:"lastComponentUpdate"` }
type CPEMatch ¶
type CPEMatch struct { MatchCriteriaID string `json:"matchCriteriaId" gorm:"primaryKey;type:text;"` Criteria string `json:"criteria" gorm:"type:text;"` Part string `json:"part" gorm:"type:text;"` Vendor string `json:"vendor" gorm:"type:text;"` Product string `json:"product" gorm:"type:text;"` Version string `json:"version" gorm:"type:text;"` Update string `json:"update" gorm:"type:text;"` Edition string `json:"edition" gorm:"type:text;"` Language string `json:"language" gorm:"type:text;"` SwEdition string `json:"swEdition" gorm:"type:text;"` TargetSw string `json:"targetSw" gorm:"type:text;"` TargetHw string `json:"targetHw" gorm:"type:text;"` Other string `json:"other" gorm:"type:text;"` VersionEndExcluding string `json:"versionEndExcluding" gorm:"type:text;"` VersionStartIncluding string `json:"versionStartIncluding" gorm:"type:text;"` Vulnerable bool `json:"vulnerable" gorm:"type:boolean;"` CVEs []*CVE `json:"cve" gorm:"many2many:cve_cpe_match;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"` }
type CVE ¶
type CVE struct { CVE string `json:"cve" gorm:"primaryKey;not null;type:text;"` CreatedAt time.Time `json:"createdAt"` UpdatedAt time.Time `json:"updatedAt"` DatePublished time.Time `json:"datePublished"` DateLastModified time.Time `json:"dateLastModified"` Weaknesses []*Weakness `json:"weaknesses" gorm:"foreignKey:CVEID;constraint:OnDelete:CASCADE;"` Description string `json:"description" gorm:"type:text;"` CVSS float32 `json:"cvss" gorm:"type:decimal(4,2);"` Severity Severity `json:"severity"` ExploitabilityScore float32 `json:"exploitabilityScore" gorm:"type:decimal(4,2);"` ImpactScore float32 `json:"impactScore" gorm:"type:decimal(4,2);"` AttackVector string `json:"attackVector"` AttackComplexity string `json:"attackComplexity"` PrivilegesRequired string `json:"privilegesRequired"` UserInteraction string `json:"userInteractionRequired"` Scope string `json:"scope"` ConfidentialityImpact string `json:"confidentialityImpact"` IntegrityImpact string `json:"integrityImpact"` AvailabilityImpact string `json:"availabilityImpact"` References string `json:"references" gorm:"type:text;"` CISAExploitAdd *datatypes.Date `json:"cisaExploitAdd" gorm:"type:date;"` CISAActionDue *datatypes.Date `json:"cisaActionDue" gorm:"type:date;"` CISARequiredAction string `json:"cisaRequiredAction" gorm:"type:text;"` CISAVulnerabilityName string `json:"cisaVulnerabilityName" gorm:"type:text;"` Configurations []*CPEMatch `json:"configurations" gorm:"many2many:cve_cpe_match;"` EPSS *float32 `json:"epss" gorm:"type:decimal(6,5);"` Percentile *float32 `json:"percentile" gorm:"type:decimal(6,5);"` }
func (CVE) GetReferences ¶
type CWE ¶
type Comment ¶
type Component ¶
type Flaw ¶
type Flaw struct { ID string `json:"id" gorm:"primaryKey;not null;"` // the scanner which was used to detect this flaw ScannerID string `json:"scanner" gorm:"not null;"` Message *string `json:"message"` Comments []Comment `gorm:"foreignKey:FlawID;constraint:OnDelete:CASCADE;" json:"comments"` Events []FlawEvent `gorm:"foreignKey:FlawID;constraint:OnDelete:CASCADE;" json:"events"` AssetID uuid.UUID `json:"assetId" gorm:"not null;"` State FlawState `json:"state" gorm:"default:'open';not null;type:text;"` CVE *CVE `json:"cve"` CVEID string `json:"cveId" gorm:"null;type:text;default:null;"` Component *Component `json:"component" gorm:"foreignKey:ComponentPurlOrCpe;constraint:OnDelete:CASCADE;"` ComponentPurlOrCpe string `json:"componentPurlOrCpe" gorm:"type:text;default:null;"` Effort *int `json:"effort" gorm:"default:null;"` RiskAssessment *int `json:"riskAssessment" gorm:"default:null;"` RawRiskAssessment *int `json:"rawRiskAssessment" gorm:"default:null;"` Priority *int `json:"priority" gorm:"default:null;"` ArbitraryJsonData string `json:"arbitraryJsonData" gorm:"type:text;"` LastDetected time.Time `json:"lastDetected" gorm:"default:now();not null;"` CreatedAt time.Time `json:"createdAt"` UpdatedAt time.Time `json:"updatedAt"` DeletedAt sql.NullTime `gorm:"index" json:"-"` // contains filtered or unexported fields }
func (*Flaw) CalculateHash ¶
func (*Flaw) GetArbitraryJsonData ¶
func (*Flaw) SetArbitraryJsonData ¶
type FlawEvent ¶
type FlawEvent struct { Model Type FlawEventType `json:"type" gorm:"type:text"` FlawID string `json:"flawId"` UserID string `json:"userId"` Payload *datatypes.JSON `json:"payload" gorm:"type:jsonb"` }
func NewDetectedEvent ¶
func NewFixedEvent ¶
type FlawEventType ¶
type FlawEventType string
const ( EventTypeDetected FlawEventType = "detected" EventTypeFixed FlawEventType = "fixed" EventTypeRiskAssessmentUpdated FlawEventType = "riskAssessmentUpdated" )
type Mitigation ¶
type Mitigation struct { Model Type Type `json:"mitigationType"` InitiatingUserID string `json:"initiatingUserId"` ResultID uuid.UUID `json:"resultId"` DueDate *time.Time `json:"dueDate"` Properties datatypes.JSON `gorm:"type:jsonb;default:'{}';not null"` MitigationPending bool `json:"mitigationPending" gorm:"default:false"` // will be true for fix and transfer types - we are waiting for another scan report which verifies, that the related result is fixed. Will be false for avoid and accept types Justification string `json:"justification"` }
type Model ¶
type OSV ¶
type OSV struct { ID string `json:"id"` Summary string `json:"summary"` Modified time.Time `json:"modified"` Published time.Time `json:"published"` Related []string `json:"related"` Aliases []string `json:"aliases"` Affected []Affected `json:"affected"` SchemaVersion string `json:"schema_version"` }
func (OSV) GetAffectedPackages ¶
func (osv OSV) GetAffectedPackages() []AffectedComponent
type Org ¶
type Org struct { Model Name string `json:"name" gorm:"type:text"` ContactPhoneNumber *string `json:"contactPhoneNumber" gorm:"type:text"` NumberOfEmployees *int `json:"numberOfEmployees"` Country *string `json:"country" gorm:"type:text"` Industry *string `json:"industry" gorm:"type:text"` CriticalInfrastructure bool `json:"criticalInfrastructure"` ISO27001 bool `json:"iso27001"` NIST bool `json:"nist"` Grundschutz bool `json:"grundschutz"` Projects []Project `json:"projects" gorm:"foreignKey:OrganizationID;constraint:OnDelete:CASCADE;"` Slug string `json:"slug" gorm:"type:text;unique;not null;index"` Description string `json:"description" gorm:"type:text"` }
type PAT ¶
type Project ¶
type Project struct { Model Name string `json:"name" gorm:"type:text"` Assets []Asset `json:"assets" gorm:"foreignKey:ProjectID;constraint:OnDelete:CASCADE;"` OrganizationID uuid.UUID `json:"organizationId" gorm:"uniqueIndex:idx_project_org_slug;not null;type:uuid"` Slug string `json:"slug" gorm:"type:text;uniqueIndex:idx_project_org_slug;not null"` Description string `json:"description" gorm:"type:text"` }
type RequirementLevel ¶
type RequirementLevel string
const ( RequirementLevelLow RequirementLevel = "low" RequirementLevelMedium RequirementLevel = "medium" RequirementLevelHigh RequirementLevel = "high" )
type VulnInPackage ¶
type VulnInPackage struct { CVEID string CVE CVE FixedVersion *string IntroducedVersion *string PackageName string PurlWithVersion string }
func (VulnInPackage) GetFixedVersion ¶
func (v VulnInPackage) GetFixedVersion() string
func (VulnInPackage) GetIntroducedVersion ¶
func (v VulnInPackage) GetIntroducedVersion() string
Click to show internal directories.
Click to hide internal directories.