nvd

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 14, 2026 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package nvd is the library behind the nvd command line: the HTTP client, request shaping, and typed data models for the NIST National Vulnerability Database CVE API.

The Client here is the spine every command shares. It sets a real User-Agent, paces requests to stay within NVD rate limits, and retries transient failures (429 and 5xx) with exponential backoff.

Index

Constants

View Source
const BaseURL = "https://services.nvd.nist.gov/rest/json/cves/2.0"

BaseURL is the full NVD CVE 2.0 API endpoint.

View Source
const Host = "services.nvd.nist.gov"

Host is the NVD API host.

Variables

This section is empty.

Functions

This section is empty.

Types

type CVE

type CVE struct {
	ID           string   `json:"id"            kit:"id"`
	Published    string   `json:"published"`
	LastModified string   `json:"last_modified"`
	Status       string   `json:"status"`
	Description  string   `json:"description"   kit:"body"`
	Score        *float64 `json:"cvss_score,omitempty"`
	Severity     string   `json:"severity,omitempty"`
	CWEs         []string `json:"cwes,omitempty"`
	References   []string `json:"references,omitempty"`
}

CVE is a flat record extracted from the nested NVD API response.

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client talks to the NVD CVE 2.0 API.

func NewClient

func NewClient(cfg Config) *Client

NewClient returns a Client using the supplied Config.

func (*Client) CVE

func (c *Client) CVE(ctx context.Context, id string) (*CVE, error)

CVE fetches a single CVE by ID (e.g. "CVE-2021-44228").

func (*Client) Recent

func (c *Client) Recent(ctx context.Context, opts RecentOptions) ([]*CVE, error)

Recent returns CVEs published in the last N days.

func (*Client) Search

func (c *Client) Search(ctx context.Context, keyword string, opts SearchOptions) ([]*CVE, error)

Search searches CVEs by keyword.

type Config

type Config struct {
	BaseURL   string
	UserAgent string
	APIKey    string        // optional; when set, appended as ?apiKey=<key>
	Rate      time.Duration // min gap between requests
	Timeout   time.Duration
	Retries   int
}

Config holds all tunables for the NVD client.

func DefaultConfig

func DefaultConfig() Config

DefaultConfig returns the recommended defaults. Without a key NVD allows 5 requests per 30 seconds (≈ 1 per 6s); we use 600ms as a comfortable pace for single-threaded use.

type Domain

type Domain struct{}

Domain is the NVD driver. It carries no state; the per-run client is built by newClient.

func (Domain) Classify

func (Domain) Classify(input string) (uriType, id string, err error)

Classify turns a CVE ID or NVD URL into (type, id).

func (Domain) Info

func (Domain) Info() kit.DomainInfo

Info describes the scheme, hostnames matched from pasted links, and the identity used for the binary's help and version.

func (Domain) Locate

func (Domain) Locate(uriType, id string) (string, error)

Locate returns the canonical NVD web URL for a CVE.

func (Domain) Register

func (Domain) Register(app *kit.App)

Register installs the client factory and every operation onto app.

type RecentOptions

type RecentOptions struct {
	Days     int
	Limit    int
	Severity string
}

RecentOptions controls the recent CVEs query.

type SearchOptions

type SearchOptions struct {
	Limit    int
	Severity string // LOW, MEDIUM, HIGH, CRITICAL
}

SearchOptions controls keyword search parameters.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL