vdb

package
v3.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 17, 2026 License: AGPL-3.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// StaticEnumTTL is the cache TTL for slowly-changing enumeration endpoints.
	StaticEnumTTL = 1 * time.Hour
	// PaginatedEnumTTL is the cache TTL for paginated list endpoints.
	PaginatedEnumTTL = 5 * time.Minute
)
View Source 
const (
	DefaultBaseURL    = "https://api.vdb.vulnetix.com"
	DefaultAPIVersion = "/v2"
	Region            = "us-east-1"
	Service           = "vdb"
	Algorithm         = "AWS4-HMAC-SHA512"
	TokenExpiry       = 15 * time.Minute
	MaxRetries        = 2
	BaseBackoff       = 2 * time.Second
)

Variables

This section is empty.

Functions

func LoadCredentials 

func LoadCredentials() (orgID, secretKey string, err error)

LoadCredentials loads VDB credentials using the centralized auth package. Returns orgID and secretKey for backward compatibility with existing callers.

func LoadFullCredentials 

func LoadFullCredentials() (*auth.Credentials, error)

LoadFullCredentials loads credentials as a full Credentials struct

Types

type AttackTechniquesSearchParams 

type AttackTechniquesSearchParams struct {
	TechniqueIDs []string
	Tactics      []string
	CveIDs       []string
	Sources      []string
	CapecID      string
	Domain       string
	Subtechnique string
	DerivedBy    string
	Q            string
	Since        string
	Until        string
	Limit        int
	Offset       int
}

AttackTechniquesSearchParams carries the optional filter knobs for the MITRE ATT&CK collection endpoint.

type CVEInfo 

type CVEInfo struct {
	Data interface{} // Store full response for display (array or object)
}

CVEInfo represents vulnerability information for a CVE

type Client 

type Client struct {
	BaseURL         string
	APIVersion      string
	OrgID           string
	SecretKey       string
	AuthMethod      auth.AuthMethod
	APIKey          string // hex digest for Direct API Key auth
	HTTPClient      *http.Client
	LastRateLimit   *RateLimitInfo
	LastCacheStatus string // "HIT", "MISS", "LOCAL", "REVALIDATED", or "" if no X-Cache header
	Cache           *cache.DiskCache
	NoCache         bool
	RefreshCache    bool
	FallbackCreds   *auth.Credentials // community creds to use when quota exhausted; nil = disabled
	UsingFallback   bool              // true after client switched to fallback (readable by cmd layer)
	// contains filtered or unexported fields
}

Client represents a VDB API client

func NewClient 

func NewClient(orgID, secretKey string) *Client

NewClient creates a new VDB API client using SigV4 auth

func NewClientFromCredentials 

func NewClientFromCredentials(creds *auth.Credentials) *Client

NewClientFromCredentials creates a VDB API client from centralized credentials

func (*Client) CritLookup 

func (c *Client) CritLookup(provider, service, resourceType string) (*CritLookupResponse, error)

CritLookup queries the VDB for vulnerabilities matching a CRIT template. The CRIT template is defined by provider (e.g. "aws"), service (e.g. "ec2"), and resourceType (e.g. "instance").

func (*Client) DoRequest 

func (c *Client) DoRequest(method, path string, body interface{}) ([]byte, error)

DoRequest performs an authenticated API request with retry for transient errors.

func (*Client) DoRequestCached 

func (c *Client) DoRequestCached(method, path string, body interface{}, ttl time.Duration) ([]byte, error)

DoRequestCached performs an authenticated, cached GET request. For non-GET or when cache is disabled, it falls through to DoRequest.

func (*Client) DoRequestMultipart 

func (c *Client) DoRequestMultipart(path, filePath, fileField string, fields map[string]string) ([]byte, error)

DoRequestMultipart performs an authenticated multipart/form-data API request.

func (*Client) DoRequestRawBody 

func (c *Client) DoRequestRawBody(method, path string, body []byte, contentType string) ([]byte, error)

DoRequestRawBody performs an authenticated API request with a raw body (not JSON-marshaled).

func (*Client) EOLPackageVersion 

func (c *Client) EOLPackageVersion(ecosystem, packageName, version string) (*EOLReleaseResponse, error)

EOLPackageVersion retrieves EOL lifecycle data for a specific package version. Returns (nil, nil) when the package/version is not in the VDB EOL database (404). Endpoint: GET /v1/eol/packages/{ecosystem}/{package}/versions/{version}

func (*Client) EOLProduct 

func (c *Client) EOLProduct(product string) (*EOLProductResponse, error)

EOLProduct retrieves product metadata and all releases for an EOL product.

func (*Client) EOLRelease 

func (c *Client) EOLRelease(product, release string) (*EOLReleaseResponse, error)

EOLRelease retrieves lifecycle data for a specific product release.

func (*Client) GetCVE 

func (c *Client) GetCVE(cveID string) (*CVEInfo, error)

GetCVE retrieves full vulnerability data for a specific CVE

func (*Client) GetCVEFixes 

func (c *Client) GetCVEFixes(identifier string) (map[string]interface{}, error)

GetCVEFixes retrieves fix data for a specific CVE identifier

func (*Client) GetCVETimeline 

func (c *Client) GetCVETimeline(identifier string, params TimelineParams) (map[string]interface{}, error)

GetCVETimeline retrieves the vulnerability timeline from the v1 API.

func (*Client) GetCVEsByDateRange 

func (c *Client) GetCVEsByDateRange(start, end string) (map[string]interface{}, error)

GetCVEsByDateRange retrieves paginated CVEs by date range

func (*Client) GetEcosystemGroupPackage 

func (c *Client) GetEcosystemGroupPackage(ecosystem, group, artifact string) (map[string]interface{}, error)

GetEcosystemGroupPackage retrieves Maven-style group/artifact information in a specific ecosystem

func (*Client) GetEcosystemPackage 

func (c *Client) GetEcosystemPackage(ecosystem, pkg string) (map[string]interface{}, error)

GetEcosystemPackage retrieves package information scoped to a specific ecosystem

func (*Client) GetEcosystemPackageVersions 

func (c *Client) GetEcosystemPackageVersions(ecosystem, pkg string) (map[string]interface{}, error)

GetEcosystemPackageVersions retrieves version information for a package in a specific ecosystem

func (*Client) GetEcosystems 

func (c *Client) GetEcosystems() ([]Ecosystem, error)

GetEcosystems retrieves the list of available ecosystems

func (*Client) GetExploitSources 

func (c *Client) GetExploitSources() (map[string]interface{}, error)

GetExploitSources retrieves the list of exploit intelligence sources

func (*Client) GetExploitTypes 

func (c *Client) GetExploitTypes() (map[string]interface{}, error)

GetExploitTypes retrieves the list of exploit type classifications

func (*Client) GetExploits 

func (c *Client) GetExploits(identifier string) (map[string]interface{}, error)

GetExploits retrieves exploit intelligence for a specific CVE identifier

func (*Client) GetFixDistributions 

func (c *Client) GetFixDistributions() (map[string]interface{}, error)

GetFixDistributions retrieves the list of supported Linux distributions for fix advisories

func (*Client) GetGCVEIssuances 

func (c *Client) GetGCVEIssuances(year, month, limit, offset int) (*GCVEIssuancesResponse, error)

GetGCVEIssuances retrieves GCVE issuances for a given year/month with pagination

func (*Client) GetHealth 

func (c *Client) GetHealth() (map[string]interface{}, error)

GetHealth checks the API health endpoint (unauthenticated, root-level path).

func (*Client) GetIdentifiersByMonth 

func (c *Client) GetIdentifiersByMonth(year, month, limit, offset int) (*IdentifiersMonthResponse, error)

GetIdentifiersByMonth retrieves CVE identifiers published in a given year/month

func (*Client) GetMetricTypes 

func (c *Client) GetMetricTypes() (map[string]interface{}, error)

GetMetricTypes retrieves the list of vulnerability metric/scoring types

func (*Client) GetOpenAPISpec 

func (c *Client) GetOpenAPISpec() (map[string]interface{}, error)

GetOpenAPISpec retrieves the OpenAPI specification

func (*Client) GetPackageVersions 

func (c *Client) GetPackageVersions(packageName string) (map[string]interface{}, error)

GetPackageVersions retrieves all known versions for a package across ecosystems

func (*Client) GetPackageVulnerabilities 

func (c *Client) GetPackageVulnerabilities(packageName string, limit, offset int) (*VulnerabilitiesResponse, error)

GetPackageVulnerabilities retrieves vulnerabilities for a package

func (*Client) GetProductVersion 

func (c *Client) GetProductVersion(productName, version string) (map[string]interface{}, error)

GetProductVersion retrieves information for a specific product version

func (*Client) GetProductVersionEcosystem 

func (c *Client) GetProductVersionEcosystem(productName, version, ecosystem string) (map[string]interface{}, error)

GetProductVersionEcosystem retrieves product version information scoped to a specific ecosystem

func (*Client) GetProductVersions 

func (c *Client) GetProductVersions(productName string, limit, offset int) (*ProductVersionsResponse, error)

GetProductVersions retrieves all versions for a product with pagination

func (*Client) GetSources 

func (c *Client) GetSources() (map[string]interface{}, error)

GetSources retrieves the list of vulnerability data sources

func (*Client) GetSummary 

func (c *Client) GetSummary() (map[string]interface{}, error)

GetSummary retrieves global all-time database statistics.

func (*Client) GetToken 

func (c *Client) GetToken() (string, error)

GetToken retrieves a valid JWT token (from cache or by requesting a new one)

func (*Client) GetTrafficFilters 

func (c *Client) GetTrafficFilters(identifier string, limit, offset int) (map[string]interface{}, error)

GetTrafficFilters retrieves IDS/IPS traffic filter rules (Snort) for a vulnerability.

func (*Client) SearchExploits 

func (c *Client) SearchExploits(params ExploitSearchParams) (map[string]interface{}, error)

SearchExploits searches for exploits across CVEs with pagination and filters

func (*Client) SearchIdentifiers 

func (c *Client) SearchIdentifiers(prefix string, limit, offset int) (*IdentifiersSearchResponse, error)

SearchIdentifiers retrieves CVE identifiers matching a prefix

func (*Client) SearchPackages 

func (c *Client) SearchPackages(query, ecosystem string, limit, offset int) (map[string]interface{}, error)

SearchPackages performs a full-text search across packages

func (*Client) V2Advisories 

func (c *Client) V2Advisories(id string) (map[string]interface{}, error)

V2Advisories retrieves advisory data for a vulnerability.

func (*Client) V2Affected 

func (c *Client) V2Affected(id string, p V2QueryParams) (map[string]interface{}, error)

V2Affected retrieves affected product/package data for a vulnerability.

func (*Client) V2AttackTechniques 

func (c *Client) V2AttackTechniques(id string) (map[string]interface{}, error)

V2AttackTechniques retrieves the ATT&CK technique mapping for a single CVE.

func (*Client) V2AttackTechniquesSearch 

func (c *Client) V2AttackTechniquesSearch(p AttackTechniquesSearchParams) (map[string]interface{}, error)

V2AttackTechniquesSearch performs a collection-wide search for ATT&CK technique mappings across CVEs.

func (*Client) V2CloudLocators 

func (c *Client) V2CloudLocators(vendor, product string) (map[string]interface{}, error)

V2CloudLocators retrieves cloud resource locator templates for a vendor/product pair.

func (*Client) V2CweGuidance 

func (c *Client) V2CweGuidance(id string) (map[string]interface{}, error)

V2CweGuidance retrieves CWE-based guidance for a vulnerability.

func (*Client) V2DistributionPatches 

func (c *Client) V2DistributionPatches(id string, p V2QueryParams) (map[string]interface{}, error)

V2DistributionPatches retrieves distribution patch data for a vulnerability.

func (*Client) V2ExploitPoC 

func (c *Client) V2ExploitPoC(exploitUUID string) (body []byte, filename, sha256, originalURL string, err error)

V2ExploitPoC — GET /v2/exploits/{exploitUuid}/poc. Returns raw bytes, the original filename (from Content-Disposition), and the SHA-256 hash (from X-Vulnetix-Sha256). The CLI uses these to write a file with a chain-of-custody-friendly name + integrity check.

func (*Client) V2IOCsSearch 

func (c *Client) V2IOCsSearch(p IOCSearchParams) ([]byte, string, error)

V2IOCsSearch returns the raw response body so the caller can switch on `format` (the STIX bundle is not JSON-shape compatible).

func (*Client) V2Kev 

func (c *Client) V2Kev(id string) (map[string]interface{}, error)

V2Kev retrieves CISA KEV (Known Exploited Vulnerabilities) data.

func (*Client) V2KevSearch 

func (c *Client) V2KevSearch(p KevSearchParams) (map[string]interface{}, error)

func (*Client) V2RawArchive 

func (c *Client) V2RawArchive(source, cveID string) (body []byte, contentType, sha256, r2Path string, err error)

V2RawArchive — GET /v2/raw/{source}/{cveId}. Returns raw bytes + content-type + sha256.

func (*Client) V2RawSources 

func (c *Client) V2RawSources() (map[string]interface{}, error)

V2RawSources — GET /v2/raw/sources.

func (*Client) V2RegistryFixes 

func (c *Client) V2RegistryFixes(id string, p V2QueryParams) (map[string]interface{}, error)

V2RegistryFixes retrieves registry-sourced fixes for a vulnerability.

func (*Client) V2RemediationPlan 

func (c *Client) V2RemediationPlan(id string, p V2RemediationParams) (map[string]interface{}, error)

V2RemediationPlan retrieves a context-aware remediation plan for a vulnerability.

func (*Client) V2ScanCycloneDX 

func (c *Client) V2ScanCycloneDX(filePath string, metadata ...[]byte) (map[string]interface{}, error)

V2ScanCycloneDX uploads a CycloneDX document for scanning. An optional metadata parameter (JSON bytes) is sent as a query parameter.

func (*Client) V2ScanManifest 

func (c *Client) V2ScanManifest(filePath, manifestType, ecosystem string, metadata ...[]byte) (map[string]interface{}, error)

V2ScanManifest uploads a manifest file for scanning. An optional metadata parameter (JSON bytes) is sent as the "metadata" form field.

func (*Client) V2ScanSPDX 

func (c *Client) V2ScanSPDX(filePath string, metadata ...[]byte) (map[string]interface{}, error)

V2ScanSPDX uploads an SPDX document for scanning. An optional metadata parameter (JSON bytes) is sent as a query parameter.

func (*Client) V2ScanStatus 

func (c *Client) V2ScanStatus(scanID string) (map[string]interface{}, error)

V2ScanStatus retrieves the status of a scan.

func (*Client) V2Scorecard 

func (c *Client) V2Scorecard(id string) (map[string]interface{}, error)

V2Scorecard retrieves the vulnerability scorecard.

func (*Client) V2ScorecardSearch 

func (c *Client) V2ScorecardSearch(query string) (map[string]interface{}, error)

V2ScorecardSearch searches scorecards by repository name.

func (*Client) V2SnortRules 

func (c *Client) V2SnortRules(id string) (map[string]interface{}, error)

V2SnortRules retrieves a CVE's Snort rules (per-CVE endpoint).

func (*Client) V2SnortRulesSearch 

func (c *Client) V2SnortRulesSearch(p SnortSearchParams) (map[string]interface{}, error)

V2SnortRulesSearch performs a collection-wide search for Snort rules with expressive filters.

func (*Client) V2SourceFixes 

func (c *Client) V2SourceFixes(id string, p ...V2QueryParams) (map[string]interface{}, error)

V2SourceFixes retrieves upstream source fixes for a vulnerability.

func (*Client) V2Timeline 

func (c *Client) V2Timeline(id string, p V2TimelineParams) (map[string]interface{}, error)

V2Timeline retrieves the vulnerability timeline with optional filters.

func (*Client) V2TreeSitterQueries 

func (c *Client) V2TreeSitterQueries(id string, p V2TreeSitterParams) (*TreeSitterResponse, error)

V2TreeSitterQueries retrieves tree-sitter S-expression queries derived from the named vulnerability. Returns a typed response (unlike most v2 helpers) because the scanner consumes the result programmatically.

func (*Client) V2Triage 

func (c *Client) V2Triage(p TriageParams) (map[string]interface{}, error)

func (*Client) V2VexSearch 

func (c *Client) V2VexSearch(p VexSearchParams) (map[string]interface{}, error)

func (*Client) V2VulnExploits 

func (c *Client) V2VulnExploits(id string) (map[string]interface{}, error)

V2VulnExploits — GET /v2/vuln/{id}/exploits.

func (*Client) V2VulnIOCs 

func (c *Client) V2VulnIOCs(id string) (map[string]interface{}, error)

func (*Client) V2VulnNuclei 

func (c *Client) V2VulnNuclei(id string) (map[string]interface{}, error)

V2VulnNuclei — GET /v2/vuln/{id}/nuclei. The CLI calls without format for the JSON listing, then optionally re-fetches with format=yaml&first=true to print a single template body.

func (*Client) V2VulnNucleiYAML 

func (c *Client) V2VulnNucleiYAML(id string, first bool) ([]byte, error)

V2VulnNucleiYAML — GET /v2/vuln/{id}/nuclei?format=yaml. Returns the raw YAML body. With first=true, returns the first template alone.

func (*Client) V2VulnSightings 

func (c *Client) V2VulnSightings(id string) (map[string]interface{}, error)

V2VulnSightings — GET /v2/vuln/{id}/sightings.

func (*Client) V2VulnVex 

func (c *Client) V2VulnVex(id string) (map[string]interface{}, error)

V2VulnVex — GET /v2/vuln/{id}/vex.

func (*Client) V2Workarounds 

func (c *Client) V2Workarounds(id string) (map[string]interface{}, error)

V2Workarounds retrieves workaround information for a vulnerability.

func (*Client) V2YaraRules 

func (c *Client) V2YaraRules(id string) (map[string]interface{}, error)

V2YaraRules retrieves a CVE's YARA rules (per-CVE endpoint).

func (*Client) V2YaraRulesSearch 

func (c *Client) V2YaraRulesSearch(p YaraSearchParams) (map[string]interface{}, error)

V2YaraRulesSearch performs a collection-wide search for YARA rules.

func (*Client) VulnetixKevGet 

func (c *Client) VulnetixKevGet(cveID string) (map[string]any, error)

VulnetixKevGet fetches a single entry by CVE ID. Implemented client-side as a list + filter since the API exposes the catalogue as a collection. Returns a NotFoundError if the CVE isn't in the catalogue.

func (*Client) VulnetixKevList 

func (c *Client) VulnetixKevList(p VulnetixKevParams) ([]byte, error)

VulnetixKevList fetches the full Vulnetix KEV catalogue. The response bytes are returned verbatim — JSON or CSV per p.Format — so callers can write them straight to stdout or a file.

Forces the V2 API (/v2/vulnetix-kev is V2-only).

type CritLookupExploits 

type CritLookupExploits struct {
	Count   int      `json:"count"`
	Sources []string `json:"sources,omitempty"`
}

CritLookupExploits contains exploit intelligence summary.

type CritLookupKev 

type CritLookupKev struct {
	DateAdded                  string `json:"dateAdded"`
	DueDate                    string `json:"dueDate,omitempty"`
	KnownRansomwareCampaignUse string `json:"knownRansomwareCampaignUse,omitempty"`
	RequiredAction             string `json:"requiredAction,omitempty"`
}

CritLookupKev contains CISA KEV metadata.

type CritLookupMatch 

type CritLookupMatch struct {
	Crit           CritRecord            `json:"crit"`
	VulnID         string                `json:"vuln_id"`
	Aliases        []string              `json:"aliases,omitempty"`
	Kev            *CritLookupKev        `json:"kev,omitempty"`
	ExploitSummary *CritLookupExploits   `json:"exploit_summary,omitempty"`
	SnortRules     []CritLookupSnortRule `json:"snort_rules,omitempty"`
}

CritLookupMatch is a single matched CRIT record with enrichment data.

type CritLookupResponse 

type CritLookupResponse struct {
	Count   int               `json:"count"`
	Matches []CritLookupMatch `json:"matches"`
}

CritLookupResponse is the response from POST /v1/crit/lookup.

type CritLookupSnortRule 

type CritLookupSnortRule struct {
	SnortID           string `json:"snortId"`
	Msg               string `json:"msg"`
	SignatureSeverity string `json:"signatureSeverity,omitempty"`
	RawText           string `json:"rawText,omitempty"`
}

CritLookupSnortRule contains an IDS detection rule.

type CritRecord 

type CritRecord struct {
	VectorString         string `json:"vectorString"`
	VulnID               string `json:"vuln_id"`
	Provider             string `json:"provider"`
	Service              string `json:"service"`
	ResourceType         string `json:"resource_type"`
	VexStatus            string `json:"vex_status"`
	SharedResponsibility string `json:"shared_responsibility"`
}

CritRecord represents a CRIT (Cloud Resource Inventory Template) record.

type EOLProductDetail 

type EOLProductDetail struct {
	Name     string   `json:"name"`
	Label    string   `json:"label"`
	Category string   `json:"category"`
	Tags     []string `json:"tags"`
}

EOLProductDetail contains product metadata.

type EOLProductResponse 

type EOLProductResponse struct {
	Timestamp int64              `json:"timestamp"`
	Product   EOLProductDetail   `json:"product"`
	Releases  []EOLReleaseDetail `json:"releases"`
}

EOLProductResponse is the response from GET /v1/eol/products/{product}.

type EOLReleaseDetail 

type EOLReleaseDetail struct {
	Name             string  `json:"name"`
	Codename         *string `json:"codename,omitempty"`
	Label            string  `json:"label"`
	ReleaseDate      *string `json:"releaseDate,omitempty"`
	IsLts            bool    `json:"isLts"`
	LtsFrom          *string `json:"ltsFrom,omitempty"`
	IsEoas           bool    `json:"isEoas"`
	EoasFrom         *string `json:"eoasFrom,omitempty"`
	IsEol            bool    `json:"isEol"`
	EolFrom          *string `json:"eolFrom,omitempty"`
	IsEoes           *bool   `json:"isEoes,omitempty"`
	EoesFrom         *string `json:"eoesFrom,omitempty"`
	IsDiscontinued   *bool   `json:"isDiscontinued,omitempty"`
	DiscontinuedFrom *string `json:"discontinuedFrom,omitempty"`
	IsMaintained     bool    `json:"isMaintained"`
	LatestVersion    *string `json:"latestVersion,omitempty"`
	LatestDate       *string `json:"latestDate,omitempty"`
}

EOLReleaseDetail contains lifecycle data for a single release.

type EOLReleaseResponse 

type EOLReleaseResponse struct {
	Timestamp   int64            `json:"timestamp"`
	ProductName string           `json:"productName"`
	Release     EOLReleaseDetail `json:"release"`
}

EOLReleaseResponse is the response from GET /v1/eol/products/{product}/releases/{release}.

type Ecosystem 

type Ecosystem struct {
	Name  string `json:"name"`
	Count int    `json:"count"`
}

Ecosystem represents a single ecosystem entry

type EcosystemsResponse 

type EcosystemsResponse struct {
	Timestamp  int64       `json:"timestamp"`
	Ecosystems []Ecosystem `json:"ecosystems"`
}

EcosystemsResponse represents the ecosystems list response

type ErrorResponse 

type ErrorResponse struct {
	Success bool   `json:"success"`
	Error   string `json:"error"`
	Details string `json:"details,omitempty"`
}

ErrorResponse represents an API error response

type ExploitSearchParams 

type ExploitSearchParams struct {
	Limit     int
	Offset    int
	Ecosystem string
	Source    string
	Severity  string
	Sort      string
	Query     string
	InKev     string
	MinEpss   string
}

type GCVEIssuanceIdentifier 

type GCVEIssuanceIdentifier struct {
	GcveID        string `json:"gcveId"`
	CveID         string `json:"cveId"`
	DatePublished int64  `json:"datePublished"`
}

GCVEIssuanceIdentifier represents a single GCVE issuance record

type GCVEIssuancesResponse 

type GCVEIssuancesResponse struct {
	Timestamp   int64                    `json:"timestamp"`
	Year        int                      `json:"year"`
	Month       int                      `json:"month"`
	Total       int                      `json:"total"`
	Limit       int                      `json:"limit"`
	Offset      int                      `json:"offset"`
	HasMore     bool                     `json:"hasMore"`
	Identifiers []GCVEIssuanceIdentifier `json:"identifiers"`
}

GCVEIssuancesResponse represents the paginated GCVE issuances response

type IOCSearchParams 

type IOCSearchParams struct {
	CveIDs     []string
	Countries  []string
	ASNs       []int
	Behavior   string
	Reputation string
	Since      string
	Limit      int
	Offset     int
	Format     string // json | stix
}

IOCSearchParams ─ GET /v2/iocs.

type IdentifiersMonthResponse 

type IdentifiersMonthResponse struct {
	Timestamp   int64    `json:"timestamp"`
	Year        int      `json:"year"`
	Month       int      `json:"month"`
	Total       int      `json:"total"`
	Limit       int      `json:"limit"`
	Offset      int      `json:"offset"`
	HasMore     bool     `json:"hasMore"`
	Identifiers []string `json:"identifiers"`
}

IdentifiersMonthResponse represents the paginated CVE identifiers response by month

type IdentifiersSearchResponse 

type IdentifiersSearchResponse struct {
	Timestamp   int64    `json:"timestamp"`
	Prefix      string   `json:"prefix"`
	Total       int      `json:"total"`
	Limit       int      `json:"limit"`
	Offset      int      `json:"offset"`
	HasMore     bool     `json:"hasMore"`
	Identifiers []string `json:"identifiers"`
}

IdentifiersSearchResponse represents the paginated CVE identifiers search response

type KevSearchParams 

type KevSearchParams struct {
	CveIDs    []string
	Sources   []string // CISA | vulnetix | enisa | vulncheck (repeat for OR; default = all four)
	Reason    string
	Since     string
	Until     string
	DueBefore string
	DueAfter  string
	Vendor    string
	Product   string
	Sort      string // due | added | cve
	Limit     int
	Offset    int
}

KevSearchParams ─ GET /v2/kev (the 4-source merged collection).

type NotFoundError 

type NotFoundError struct {
	Message string
}

NotFoundError is returned when the API responds with 404.

func (*NotFoundError) Error 

func (e *NotFoundError) Error() string

type ProductVersionsResponse 

type ProductVersionsResponse struct {
	PackageName string          `json:"packageName"`
	Timestamp   int64           `json:"timestamp"`
	Total       int             `json:"total"`
	Limit       int             `json:"limit"`
	Offset      int             `json:"offset"`
	HasMore     bool            `json:"hasMore"`
	Versions    []VersionRecord `json:"versions"`
}

ProductVersionsResponse represents product versions with pagination

type RateLimitInfo 

type RateLimitInfo struct {
	DayLimit   int    // RateLimit-DayLimit  (0 = unlimited)
	Remaining  int    // RateLimit-Remaining (-1 = unlimited)
	Reset      int    // RateLimit-Reset     (Unix epoch seconds)
	Plan       string // X-VDB-Plan          (community/pro/teams/enterprise)
	SoftLimits bool   // X-Softlimits        (true = advisory only, never blocked)
	Present    bool
}

RateLimitInfo holds rate limit data returned in API response headers. Headers are informational — the CLI never enforces limits based on them; only actual HTTP 429 responses trigger retry/backoff.

type SnortSearchParams 

type SnortSearchParams struct {
	CveIDs           []string
	Sources          []string
	Techniques       []string // MITRE ATT&CK T-id (any of)
	Tactics          []string // MITRE ATT&CK TA-id (any of)
	Classtype        string
	Severity         string
	Protocol         string
	Action           string
	DstPort          string
	SrcPort          string
	Disabled         string // "true" / "false" / ""
	Q                string // free-text on msg + rawText
	AffectedProducts []string
	Tags             []string
	Since            string // RFC3339
	Until            string // RFC3339
	Sort             string // recent | severity | id
	Limit            int
	Offset           int
}

SnortSearchParams carries the optional filter knobs for V2SnortRulesSearch. All fields are optional; zero-valued slices and strings are skipped.

type TimelineParams 

type TimelineParams struct {
	Include     string // comma-separated event types to include
	Exclude     string // comma-separated event types to exclude
	Dates       string // comma-separated CVE date fields: published,modified,reserved
	ScoresLimit int    // max score-change events (default 30, max 365)
}

ExploitSearchParams holds parameters for the exploit search endpoint TimelineParams holds filter parameters for the /vuln/{id}/timeline endpoint.

type TokenCache 

type TokenCache struct {
	Token     string
	ExpiresAt time.Time
}

TokenCache stores the JWT token and its expiration

type TokenResponse 

type TokenResponse struct {
	Token string `json:"token"`
	Iss   string `json:"iss"`
	Sub   string `json:"sub"`
	Exp   int64  `json:"exp"`
}

TokenResponse represents the JWT token response

type TreeSitterCapture 

type TreeSitterCapture struct {
	Name string `json:"name"`
	Kind string `json:"kind,omitempty"`
}

TreeSitterCapture describes a named capture inside a tree-sitter query.

type TreeSitterFilters 

type TreeSitterFilters struct {
	Language  string `json:"language,omitempty"`
	Ecosystem string `json:"ecosystem,omitempty"`
	VulnID    string `json:"vulnId,omitempty"`
}

TreeSitterFilters echoes the filter parameters back on the response.

type TreeSitterPredicate 

type TreeSitterPredicate struct {
	Kind    string   `json:"kind"`
	Name    string   `json:"name"`
	Negated bool     `json:"negated"`
	Args    []string `json:"args"`
}

TreeSitterPredicate describes a predicate or directive attached to a query (e.g. #eq?, #match?, #set!).

type TreeSitterQuery 

type TreeSitterQuery struct {
	VulnID      string                `json:"vulnId,omitempty"`
	Source      string                `json:"source,omitempty"`
	Ecosystems  []string              `json:"ecosystems,omitempty"`
	Language    string                `json:"language"`
	Name        string                `json:"name"`
	Description string                `json:"description,omitempty"`
	QueryText   string                `json:"queryText"`
	QueryHash   string                `json:"queryHash,omitempty"`
	DerivedBy   string                `json:"derivedBy,omitempty"`
	CreatedAt   int64                 `json:"createdAt,omitempty"`
	Captures    []TreeSitterCapture   `json:"captures,omitempty"`
	Predicates  []TreeSitterPredicate `json:"predicates,omitempty"`
	Directives  []TreeSitterPredicate `json:"directives,omitempty"`
}

TreeSitterQuery is a single S-expression query derived from CVE/OSV data by vdb-manager. The CLI runs these against source files to determine reachability of a vulnerable pattern.

type TreeSitterResponse 

type TreeSitterResponse struct {
	Identifier string            `json:"identifier"`
	Filters    TreeSitterFilters `json:"filters"`
	Queries    []TreeSitterQuery `json:"queries"`
}

TreeSitterResponse is the body of GET /vuln/{id}/tree-sitter.

type TriageParams 

type TriageParams struct {
	MinEpss           *float64
	MinEpssPercentile *float64
	MinCess           *float64
	MinCvss           *float64
	Severity          string
	InKev             string // "true" / "false" / ""
	KevSources        []string
	CWEs              []string
	Vendor            string
	Product           string
	Since             string
	WindowDays        int // 0 = unset; 1..30
	Sort              string
	Limit             int
	Offset            int
}

TriageParams ─ GET /v2/triage.

type V2QueryParams 

type V2QueryParams struct {
	Ecosystem   string
	PackageName string
	Vendor      string
	Product     string
	Distro      string
	Purl        string
	Limit       int
	Offset      int
}

V2QueryParams holds common context-filter query parameters for V2 endpoints.

type V2RemediationParams 

type V2RemediationParams struct {
	V2QueryParams
	CurrentVersion           string
	PackageManager           string
	ContainerImage           string
	OS                       string
	Registry                 string
	IncludeGuidance          bool
	IncludeVerificationSteps bool
}

V2RemediationParams extends V2QueryParams with remediation-plan-specific parameters.

type V2TimelineParams 

type V2TimelineParams struct {
	Include     string // comma-separated event types to include
	Exclude     string // comma-separated event types to exclude
	Dates       string // comma-separated CVE date fields: published,modified,reserved
	ScoresLimit int    // max score-change events (default 30, max 365)
}

V2TimelineParams holds filter parameters for the v2 timeline endpoint.

type V2TreeSitterParams 

type V2TreeSitterParams struct {
	Language  string
	Ecosystem string
}

V2TreeSitterParams filters the tree-sitter query endpoint.

type VersionRecord 

type VersionRecord struct {
	Version   string          `json:"version"`
	Ecosystem string          `json:"ecosystem"`
	Sources   []VersionSource `json:"sources"`
	CVEIDs    []string        `json:"cveIds,omitempty"`
}

VersionRecord represents a single version entry with ecosystem and sources

type VersionSource 

type VersionSource struct {
	SourceTable string                 `json:"sourceTable"`
	SourceID    string                 `json:"sourceId"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`
}

VersionSource represents a data source entry for a product version

type VexSearchParams 

type VexSearchParams struct {
	CveIDs   []string
	Status   string
	Supplier string
	Since    string
	Limit    int
	Offset   int
}

VexSearchParams ─ GET /v2/vex.

type VulnerabilitiesResponse 

type VulnerabilitiesResponse struct {
	PackageName     string          `json:"packageName"`
	Timestamp       int64           `json:"timestamp"`
	TotalCVEs       int             `json:"totalCVEs"`
	Total           int             `json:"total"`
	Limit           int             `json:"limit"`
	Offset          int             `json:"offset"`
	HasMore         bool            `json:"hasMore"`
	Versions        []VersionRecord `json:"versions"`
	Vulnerabilities []VersionRecord `json:"vulnerabilities"` // alternative key used by some API paths
	RawData         interface{}     `json:"-"`               // full parsed response for fallback display
}

VulnerabilitiesResponse represents vulnerabilities for a package

type VulnetixKevParams 

type VulnetixKevParams struct {
	Format            string   // "json" | "csv"
	Reasons           []string // filter by VulnetixKevReason enum values
	FilterMode        string   // "any" | "all" (default: any)
	Limit             int      // JSON pagination
	Offset            int      // JSON pagination
	IncludeReferences bool     // JSON-only; adds the `references` bucket per item
}

VulnetixKevParams holds filter options for GET /v2/vulnetix-kev.

type YaraSearchParams 

type YaraSearchParams struct {
	CveIDs      []string
	Sources     []string
	RuleName    string
	Tags        []string
	Imports     []string
	Author      string
	Q           string
	MatchString string
	MatchMeta   string
	Since       string
	Until       string
	Sort        string // recent | name
	Limit       int
	Offset      int
}

YaraSearchParams carries the optional filter knobs for V2YaraRulesSearch.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.