nvd

package

v2.1.0+incompatible Latest Latest Go to latest Published: Nov 5, 2019 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rpnguyen/clair

Links

Open Source Insights

Documentation ¶

Overview ¶

Package nvd implements a vulnerability metadata appender using the NIST NVD database.

Index ¶

func SeverityFromCVSS(score float64) database.Severity
type NVDMetadata
type NVDmetadataCVSSv2
type NVDmetadataCVSSv3

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func SeverityFromCVSS ¶

func SeverityFromCVSS(score float64) database.Severity

SeverityFromCVSS converts the CVSS Score (0.0 - 10.0) into a database.Severity following the qualitative rating scale available in the CVSS v3.0 specification (https://www.first.org/cvss/specification-document), Table 14.

The Negligible level is set for CVSS scores between [0, 1), replacing the specified None level, originally used for a score of 0.

Types ¶

type NVDMetadata ¶

type NVDMetadata struct {
	CVSSv2 NVDmetadataCVSSv2
	CVSSv3 NVDmetadataCVSSv3
}

type NVDmetadataCVSSv2 ¶

type NVDmetadataCVSSv2 struct {
	PublishedDateTime string
	Vectors           string
	Score             float64
}

type NVDmetadataCVSSv3 ¶

type NVDmetadataCVSSv3 struct {
	Vectors             string
	Score               float64
	ExploitabilityScore float64
	ImpactScore         float64
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL