nvdjson

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 24, 2019 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package nvdjson defines the types and methods necessary to parse CVE Language specification as per https://csrc.nist.gov/schema/nvd/feed/0.1/nvd_cve_feed_json_0.1_beta.schema

Copyright (c) Facebook, Inc. and its affiliates.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Parse 

func Parse(in io.Reader) ([]iface.CVEItem, error)

Parse parses dictionary from NVD vulnerability feed JSON

Types

type CVEJSON40 

type CVEJSON40 struct {
	Affects     *CVEJSON40Affects     `json:"affects"`
	CVEDataMeta *CVEJSON40CVEDataMeta `json:"CVE_data_meta"`
	DataFormat  string                `json:"data_format"`
	DataType    string                `json:"data_type"`
	DataVersion string                `json:"data_version"`
	Description *CVEJSON40Description `json:"description"`
	Problemtype *CVEJSON40Problemtype `json:"problemtype"`
	References  *CVEJSON40References  `json:"references"`
}

CVEJSON40 was auto-generated. Source: https://csrc.nist.gov/schema/nvd/feed/1.0/CVE_JSON_4.0_min.schema

type CVEJSON40Affects 

type CVEJSON40Affects struct {
	Vendor *CVEJSON40AffectsVendor `json:"vendor"`
}

CVEJSON40Affects was auto-generated.

type CVEJSON40AffectsVendor 

type CVEJSON40AffectsVendor struct {
	VendorData []*CVEJSON40AffectsVendorVendorData `json:"vendor_data"`
}

CVEJSON40AffectsVendor was auto-generated.

type CVEJSON40AffectsVendorVendorData 

type CVEJSON40AffectsVendorVendorData struct {
	Product    *CVEJSON40AffectsVendorVendorDataProduct `json:"product"`
	VendorName string                                   `json:"vendor_name"`
}

CVEJSON40AffectsVendorVendorData was auto-generated.

type CVEJSON40AffectsVendorVendorDataProduct 

type CVEJSON40AffectsVendorVendorDataProduct struct {
	ProductData []*CVEJSON40Product `json:"product_data"`
}

CVEJSON40AffectsVendorVendorDataProduct was auto-generated.

type CVEJSON40CVEDataMeta 

type CVEJSON40CVEDataMeta struct {
	ASSIGNER string `json:"ASSIGNER"`
	ID       string `json:"ID"`
	STATE    string `json:"STATE,omitempty"`
}

CVEJSON40CVEDataMeta was auto-generated.

type CVEJSON40Description 

type CVEJSON40Description struct {
	DescriptionData []*CVEJSON40LangString `json:"description_data"`
}

CVEJSON40Description was auto-generated.

type CVEJSON40LangString 

type CVEJSON40LangString struct {
	Lang  string `json:"lang"`
	Value string `json:"value"`
}

CVEJSON40LangString was auto-generated.

type CVEJSON40Problemtype 

type CVEJSON40Problemtype struct {
	ProblemtypeData []*CVEJSON40ProblemtypeProblemtypeData `json:"problemtype_data"`
}

CVEJSON40Problemtype was auto-generated.

type CVEJSON40ProblemtypeProblemtypeData 

type CVEJSON40ProblemtypeProblemtypeData struct {
	Description []*CVEJSON40LangString `json:"description"`
}

CVEJSON40ProblemtypeProblemtypeData was auto-generated.

type CVEJSON40Product 

type CVEJSON40Product struct {
	ProductName string                   `json:"product_name"`
	Version     *CVEJSON40ProductVersion `json:"version"`
}

CVEJSON40Product was auto-generated.

type CVEJSON40ProductVersion 

type CVEJSON40ProductVersion struct {
	VersionData []*CVEJSON40ProductVersionVersionData `json:"version_data"`
}

CVEJSON40ProductVersion was auto-generated.

type CVEJSON40ProductVersionVersionData 

type CVEJSON40ProductVersionVersionData struct {
	VersionAffected string `json:"version_affected,omitempty"`
	VersionValue    string `json:"version_value"`
}

CVEJSON40ProductVersionVersionData was auto-generated.

type CVEJSON40Reference 

type CVEJSON40Reference struct {
	Name      string   `json:"name,omitempty"`
	Refsource string   `json:"refsource,omitempty"`
	Tags      []string `json:"tags,omitempty"`
	URL       string   `json:"url"`
}

CVEJSON40Reference was auto-generated.

type CVEJSON40References 

type CVEJSON40References struct {
	ReferenceData []*CVEJSON40Reference `json:"reference_data"`
}

CVEJSON40References was auto-generated.

type CVSSV20 

type CVSSV20 struct {
	AccessComplexity           string  `json:"accessComplexity,omitempty"`
	AccessVector               string  `json:"accessVector,omitempty"`
	Authentication             string  `json:"authentication,omitempty"`
	AvailabilityImpact         string  `json:"availabilityImpact,omitempty"`
	AvailabilityRequirement    string  `json:"availabilityRequirement,omitempty"`
	BaseScore                  float64 `json:"baseScore"`
	CollateralDamagePotential  string  `json:"collateralDamagePotential,omitempty"`
	ConfidentialityImpact      string  `json:"confidentialityImpact,omitempty"`
	ConfidentialityRequirement string  `json:"confidentialityRequirement,omitempty"`
	EnvironmentalScore         float64 `json:"environmentalScore,omitempty"`
	Exploitability             string  `json:"exploitability,omitempty"`
	IntegrityImpact            string  `json:"integrityImpact,omitempty"`
	IntegrityRequirement       string  `json:"integrityRequirement,omitempty"`
	RemediationLevel           string  `json:"remediationLevel,omitempty"`
	ReportConfidence           string  `json:"reportConfidence,omitempty"`
	TargetDistribution         string  `json:"targetDistribution,omitempty"`
	TemporalScore              float64 `json:"temporalScore,omitempty"`
	VectorString               string  `json:"vectorString"`
	Version                    string  `json:"version"`
}

CVSSV20 was auto-generated. Source: https://csrc.nist.gov/schema/nvd/feed/1.0/cvss-v2.0.json

type CVSSV30 

type CVSSV30 struct {
	AttackComplexity              string  `json:"attackComplexity,omitempty"`
	AttackVector                  string  `json:"attackVector,omitempty"`
	AvailabilityImpact            string  `json:"availabilityImpact,omitempty"`
	AvailabilityRequirement       string  `json:"availabilityRequirement,omitempty"`
	BaseScore                     float64 `json:"baseScore"`
	BaseSeverity                  string  `json:"baseSeverity"`
	ConfidentialityImpact         string  `json:"confidentialityImpact,omitempty"`
	ConfidentialityRequirement    string  `json:"confidentialityRequirement,omitempty"`
	EnvironmentalScore            float64 `json:"environmentalScore,omitempty"`
	EnvironmentalSeverity         string  `json:"environmentalSeverity,omitempty"`
	ExploitCodeMaturity           string  `json:"exploitCodeMaturity,omitempty"`
	IntegrityImpact               string  `json:"integrityImpact,omitempty"`
	IntegrityRequirement          string  `json:"integrityRequirement,omitempty"`
	ModifiedAttackComplexity      string  `json:"modifiedAttackComplexity,omitempty"`
	ModifiedAttackVector          string  `json:"modifiedAttackVector,omitempty"`
	ModifiedAvailabilityImpact    string  `json:"modifiedAvailabilityImpact,omitempty"`
	ModifiedConfidentialityImpact string  `json:"modifiedConfidentialityImpact,omitempty"`
	ModifiedIntegrityImpact       string  `json:"modifiedIntegrityImpact,omitempty"`
	ModifiedPrivilegesRequired    string  `json:"modifiedPrivilegesRequired,omitempty"`
	ModifiedScope                 string  `json:"modifiedScope,omitempty"`
	ModifiedUserInteraction       string  `json:"modifiedUserInteraction,omitempty"`
	PrivilegesRequired            string  `json:"privilegesRequired,omitempty"`
	RemediationLevel              string  `json:"remediationLevel,omitempty"`
	ReportConfidence              string  `json:"reportConfidence,omitempty"`
	Scope                         string  `json:"scope,omitempty"`
	TemporalScore                 float64 `json:"temporalScore,omitempty"`
	TemporalSeverity              string  `json:"temporalSeverity,omitempty"`
	UserInteraction               string  `json:"userInteraction,omitempty"`
	VectorString                  string  `json:"vectorString"`
	Version                       string  `json:"version"`
}

CVSSV30 was auto-generated. Source: https://csrc.nist.gov/schema/nvd/feed/1.0/cvss-v3.0.json

type NVDCVEFeedJSON10 

type NVDCVEFeedJSON10 struct {
	CVEDataFormat       string                        `json:"CVE_data_format"`
	CVEDataNumberOfCVEs string                        `json:"CVE_data_numberOfCVEs,omitempty"`
	CVEDataTimestamp    string                        `json:"CVE_data_timestamp,omitempty"`
	CVEDataType         string                        `json:"CVE_data_type"`
	CVEDataVersion      string                        `json:"CVE_data_version"`
	CVEItems            []*NVDCVEFeedJSON10DefCVEItem `json:"CVE_Items"`
}

NVDCVEFeedJSON10 was auto-generated. Source: https://csrc.nist.gov/schema/nvd/feed/1.0/nvd_cve_feed_json_1.0.schema

type NVDCVEFeedJSON10DefCPEMatch 

type NVDCVEFeedJSON10DefCPEMatch struct {
	CPEName               []*NVDCVEFeedJSON10DefCPEName `json:"cpe_name,omitempty"`
	Cpe22Uri              string                        `json:"cpe22Uri,omitempty"`
	Cpe23Uri              string                        `json:"cpe23Uri"`
	VersionEndExcluding   string                        `json:"versionEndExcluding,omitempty"`
	VersionEndIncluding   string                        `json:"versionEndIncluding,omitempty"`
	VersionStartExcluding string                        `json:"versionStartExcluding,omitempty"`
	VersionStartIncluding string                        `json:"versionStartIncluding,omitempty"`
	Vulnerable            bool                          `json:"vulnerable"`
	// contains filtered or unexported fields
}

NVDCVEFeedJSON10DefCPEMatch was auto-generated. CPE match string or range.

type NVDCVEFeedJSON10DefCPEName 

type NVDCVEFeedJSON10DefCPEName struct {
	Cpe22Uri string `json:"cpe22Uri,omitempty"`
	Cpe23Uri string `json:"cpe23Uri"`
}

NVDCVEFeedJSON10DefCPEName was auto-generated. CPE name.

type NVDCVEFeedJSON10DefCVEItem 

type NVDCVEFeedJSON10DefCVEItem struct {
	CVE              *CVEJSON40                         `json:"cve"`
	Configurations   *NVDCVEFeedJSON10DefConfigurations `json:"configurations,omitempty"`
	Impact           *NVDCVEFeedJSON10DefImpact         `json:"impact,omitempty"`
	LastModifiedDate string                             `json:"lastModifiedDate,omitempty"`
	PublishedDate    string                             `json:"publishedDate,omitempty"`
}

NVDCVEFeedJSON10DefCVEItem was auto-generated. Defines a vulnerability in the NVD data feed.

func (*NVDCVEFeedJSON10DefCVEItem) CVEID 

func (i *NVDCVEFeedJSON10DefCVEItem) CVEID() string

CVEID implements part of cvefeed.CVEItem interface

func (*NVDCVEFeedJSON10DefCVEItem) Config 

func (i *NVDCVEFeedJSON10DefCVEItem) Config() []iface.LogicalTest

Config implements part of cvefeed.CVEItem interface

type NVDCVEFeedJSON10DefConfigurations 

type NVDCVEFeedJSON10DefConfigurations struct {
	CVEDataVersion string                     `json:"CVE_data_version"`
	Nodes          []*NVDCVEFeedJSON10DefNode `json:"nodes,omitempty"`
	// contains filtered or unexported fields
}

NVDCVEFeedJSON10DefConfigurations was auto-generated. Defines the set of product configurations for a NVD applicability statement.

type NVDCVEFeedJSON10DefImpact 

type NVDCVEFeedJSON10DefImpact struct {
	BaseMetricV2 *NVDCVEFeedJSON10DefImpactBaseMetricV2 `json:"baseMetricV2,omitempty"`
	BaseMetricV3 *NVDCVEFeedJSON10DefImpactBaseMetricV3 `json:"baseMetricV3,omitempty"`
}

NVDCVEFeedJSON10DefImpact was auto-generated. Impact scores for a vulnerability as found on NVD.

type NVDCVEFeedJSON10DefImpactBaseMetricV2 

type NVDCVEFeedJSON10DefImpactBaseMetricV2 struct {
	AcInsufInfo             bool     `json:"acInsufInfo,omitempty"`
	CVSSV2                  *CVSSV20 `json:"cvssV2,omitempty"`
	ExploitabilityScore     float64  `json:"exploitabilityScore,omitempty"`
	ImpactScore             float64  `json:"impactScore,omitempty"`
	ObtainAllPrivilege      bool     `json:"obtainAllPrivilege,omitempty"`
	ObtainOtherPrivilege    bool     `json:"obtainOtherPrivilege,omitempty"`
	ObtainUserPrivilege     bool     `json:"obtainUserPrivilege,omitempty"`
	Severity                string   `json:"severity,omitempty"`
	UserInteractionRequired bool     `json:"userInteractionRequired,omitempty"`
}

NVDCVEFeedJSON10DefImpactBaseMetricV2 was auto-generated. CVSS V2.0 score.

type NVDCVEFeedJSON10DefImpactBaseMetricV3 

type NVDCVEFeedJSON10DefImpactBaseMetricV3 struct {
	CVSSV3              *CVSSV30 `json:"cvssV3,omitempty"`
	ExploitabilityScore float64  `json:"exploitabilityScore,omitempty"`
	ImpactScore         float64  `json:"impactScore,omitempty"`
}

NVDCVEFeedJSON10DefImpactBaseMetricV3 was auto-generated. CVSS V3.0 score.

type NVDCVEFeedJSON10DefNode 

type NVDCVEFeedJSON10DefNode struct {
	CPEMatch []*NVDCVEFeedJSON10DefCPEMatch `json:"cpe_match,omitempty"`
	Children []*NVDCVEFeedJSON10DefNode     `json:"children,omitempty"`
	Negate   bool                           `json:"negate,omitempty"`
	Operator string                         `json:"operator,omitempty"`
	// contains filtered or unexported fields
}

NVDCVEFeedJSON10DefNode was auto-generated. Defines a node or sub-node in an NVD applicability statement.

func (*NVDCVEFeedJSON10DefNode) CPEs 

func (n *NVDCVEFeedJSON10DefNode) CPEs() []*wfn.Attributes

CPEs implements part of cvefeed.LogicalTest interface

func (*NVDCVEFeedJSON10DefNode) InnerTests 

func (n *NVDCVEFeedJSON10DefNode) InnerTests() []iface.LogicalTest

InnerTests implements part of cvefeed.LogicalTest interface

func (*NVDCVEFeedJSON10DefNode) LogicalOperator 

func (n *NVDCVEFeedJSON10DefNode) LogicalOperator() string

LogicalOperator implements part of cvefeed.LogicalTest interface

func (*NVDCVEFeedJSON10DefNode) MatchPlatform 

func (n *NVDCVEFeedJSON10DefNode) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool

MatchPlatform implements part of cvefeed.LogicalTest interface

func (*NVDCVEFeedJSON10DefNode) NegateIfNeeded 

func (n *NVDCVEFeedJSON10DefNode) NegateIfNeeded(b bool) bool

NegateIfNeeded implements part of cvefeed.LogicalTest interface

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.