vuls: github.com/future-architect/vuls/models Index | Files

package models

import "github.com/future-architect/vuls/models"

Index

Package Files

cvecontents.go library.go models.go packages.go scanresults.go utils.go vulninfos.go wordpress.go

Constants

const (
    // CpeNameMatchStr is a String representation of CpeNameMatch
    CpeNameMatchStr = "CpeNameMatch"

    // YumUpdateSecurityMatchStr is a String representation of YumUpdateSecurityMatch
    YumUpdateSecurityMatchStr = "YumUpdateSecurityMatch"

    // PkgAuditMatchStr is a String representation of PkgAuditMatch
    PkgAuditMatchStr = "PkgAuditMatch"

    // OvalMatchStr is a String representation of OvalMatch
    OvalMatchStr = "OvalMatch"

    // RedHatAPIStr is a String representation of RedHatAPIMatch
    RedHatAPIStr = "RedHatAPIMatch"

    // DebianSecurityTrackerMatchStr is a String representation of DebianSecurityTrackerMatch
    DebianSecurityTrackerMatchStr = "DebianSecurityTrackerMatch"

    // ChangelogExactMatchStr is a String representation of ChangelogExactMatch
    ChangelogExactMatchStr = "ChangelogExactMatch"

    // ChangelogLenientMatchStr is a String representation of ChangelogLenientMatch
    ChangelogLenientMatchStr = "ChangelogLenientMatch"

    // GitHubMatchStr is a String representation of GitHubMatch
    GitHubMatchStr = "GitHubMatch"

    // WPVulnDBMatchStr is a String representation of WordPress VulnDB scanning
    WPVulnDBMatchStr = "WPVulnDBMatch"

    // FailedToGetChangelog is a String representation of FailedToGetChangelog
    FailedToGetChangelog = "FailedToGetChangelog"

    // FailedToFindVersionInChangelog is a String representation of FailedToFindVersionInChangelog
    FailedToFindVersionInChangelog = "FailedToFindVersionInChangelog"
)
const (
    // WPCore is a type `core` in WPPackage struct
    WPCore = "core"
    // WPPlugin is a type `plugin` in WPPackage struct
    WPPlugin = "plugin"
    // WPTheme is a type `theme` in WPPackage struct
    WPTheme = "theme"

    // Inactive is a inactive status in WPPackage struct
    Inactive = "inactive"
)
const JSONVersion = 4

JSONVersion is JSON Version

Variables

var (
    // CpeNameMatch is a ranking how confident the CVE-ID was deteted correctly
    CpeNameMatch = Confidence{100, CpeNameMatchStr, 1}

    // YumUpdateSecurityMatch is a ranking how confident the CVE-ID was deteted correctly
    YumUpdateSecurityMatch = Confidence{100, YumUpdateSecurityMatchStr, 2}

    // PkgAuditMatch is a ranking how confident the CVE-ID was deteted correctly
    PkgAuditMatch = Confidence{100, PkgAuditMatchStr, 2}

    // OvalMatch is a ranking how confident the CVE-ID was deteted correctly
    OvalMatch = Confidence{100, OvalMatchStr, 0}

    // RedHatAPIMatch ranking how confident the CVE-ID was deteted correctly
    RedHatAPIMatch = Confidence{100, RedHatAPIStr, 0}

    // DebianSecurityTrackerMatch ranking how confident the CVE-ID was deteted correctly
    DebianSecurityTrackerMatch = Confidence{100, DebianSecurityTrackerMatchStr, 0}

    // ChangelogExactMatch is a ranking how confident the CVE-ID was deteted correctly
    ChangelogExactMatch = Confidence{95, ChangelogExactMatchStr, 3}

    // ChangelogLenientMatch is a ranking how confident the CVE-ID was deteted correctly
    ChangelogLenientMatch = Confidence{50, ChangelogLenientMatchStr, 4}

    // GitHubMatch is a ranking how confident the CVE-ID was deteted correctly
    GitHubMatch = Confidence{97, GitHubMatchStr, 2}

    // WPVulnDBMatch is a ranking how confident the CVE-ID was deteted correctly
    WPVulnDBMatch = Confidence{100, WPVulnDBMatchStr, 0}
)
var AllCveContetTypes = CveContentTypes{
    Nvd,
    NvdXML,
    Jvn,
    RedHat,
    RedHatAPI,
    Debian,
    Ubuntu,
    Amazon,
    SUSE,
    DebianSecurityTracker,
    WPVulnDB,
    NodeSec,
    PythonSec,
    PhpSec,
    RubySec,
    RustSec,
}

AllCveContetTypes has all of CveContentTypes

var LibraryMap = map[string]string{
    "package-lock.json": "node",
    "yarn.lock":         "node",
    "Gemfile.lock":      "ruby",
    "Cargo.lock":        "rust",
    "composer.json":     "php",
    "Pipfile.lock":      "python",
    "poetry.lock":       "python",
}

LibraryMap is filename and library type

type AffectedProcess Uses

type AffectedProcess struct {
    PID         string   `json:"pid,omitempty"`
    Name        string   `json:"name,omitempty"`
    ListenPorts []string `json:"listenPorts,omitempty"`
}

AffectedProcess keep a processes information affected by software update

type Alert Uses

type Alert struct {
    URL   string `json:"url,omitempty"`
    Title string `json:"title,omitempty"`
    Team  string `json:"team,omitempty"`
}

Alert has XCERT alert information

type AlertDict Uses

type AlertDict struct {
    Ja  []Alert `json:"ja"`
    En  []Alert `json:"en"`
}

AlertDict has target cve's JPCERT and USCERT alert data

func (AlertDict) FormatSource Uses

func (a AlertDict) FormatSource() string

FormatSource returns which source has this alert

type Changelog Uses

type Changelog struct {
    Contents string          `json:"contents"`
    Method   DetectionMethod `json:"method"`
}

Changelog has contents of changelog and how to get it. Method: models.detectionMethodStr

type Confidence Uses

type Confidence struct {
    Score           int             `json:"score"`
    DetectionMethod DetectionMethod `json:"detectionMethod"`
    SortOrder       int             `json:"-"`
}

Confidence is a ranking how confident the CVE-ID was deteted correctly Score: 0 - 100

func (Confidence) String Uses

func (c Confidence) String() string

type Confidences Uses

type Confidences []Confidence

Confidences is a list of Confidence

func (*Confidences) AppendIfMissing Uses

func (cs *Confidences) AppendIfMissing(confidence Confidence)

AppendIfMissing appends confidence to the list if missiong

func (Confidences) SortByConfident Uses

func (cs Confidences) SortByConfident() Confidences

SortByConfident sorts Confidences

type Container Uses

type Container struct {
    ContainerID string `json:"containerID"`
    Name        string `json:"name"`
    Image       string `json:"image"`
    Type        string `json:"type"`
    UUID        string `json:"uuid"`
}

Container has Container information

type Cpe Uses

type Cpe struct {
    URI             string `json:"uri"`
    FormattedString string `json:"formattedString"`
}

Cpe is Common Platform Enumeration

type CveContent Uses

type CveContent struct {
    Type          CveContentType    `json:"type"`
    CveID         string            `json:"cveID"`
    Title         string            `json:"title"`
    Summary       string            `json:"summary"`
    Cvss2Score    float64           `json:"cvss2Score"`
    Cvss2Vector   string            `json:"cvss2Vector"`
    Cvss2Severity string            `json:"cvss2Severity"`
    Cvss3Score    float64           `json:"cvss3Score"`
    Cvss3Vector   string            `json:"cvss3Vector"`
    Cvss3Severity string            `json:"cvss3Severity"`
    SourceLink    string            `json:"sourceLink"`
    Cpes          []Cpe             `json:"cpes,omitempty"`
    References    References        `json:"references,omitempty"`
    CweIDs        []string          `json:"cweIDs,omitempty"`
    Published     time.Time         `json:"published"`
    LastModified  time.Time         `json:"lastModified"`
    Mitigation    string            `json:"mitigation"` // RedHat API
    Optional      map[string]string `json:"optional,omitempty"`
}

CveContent has abstraction of various vulnerability information

func ConvertJvnToModel Uses

func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent

ConvertJvnToModel convert JVN to CveContent

func ConvertNvdJSONToModel Uses

func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent

ConvertNvdJSONToModel convert NVD to CveContent

func ConvertNvdXMLToModel Uses

func ConvertNvdXMLToModel(cveID string, nvd *cvedict.NvdXML) *CveContent

ConvertNvdXMLToModel convert NVD to CveContent

func (CveContent) Empty Uses

func (c CveContent) Empty() bool

Empty checks the content is empty

type CveContentCpes Uses

type CveContentCpes struct {
    Type  CveContentType
    Value []Cpe
}

CveContentCpes has CveContentType and Value

type CveContentCvss Uses

type CveContentCvss struct {
    Type  CveContentType `json:"type"`
    Value Cvss           `json:"value"`
}

CveContentCvss has CVSS information

type CveContentRefs Uses

type CveContentRefs struct {
    Type  CveContentType
    Value []Reference
}

CveContentRefs has CveContentType and Cpes

type CveContentStr Uses

type CveContentStr struct {
    Type  CveContentType
    Value string
}

CveContentStr has CveContentType and Value

type CveContentType Uses

type CveContentType string

CveContentType is a source of CVE information

const (
    // NvdXML is NvdXML
    NvdXML CveContentType = "nvdxml"

    // Nvd is Nvd
    Nvd CveContentType = "nvd"

    // Jvn is Jvn
    Jvn CveContentType = "jvn"

    // RedHat is RedHat
    RedHat CveContentType = "redhat"

    // RedHatAPI is RedHat
    RedHatAPI CveContentType = "redhat_api"

    // DebianSecurityTracker is Debian Secury tracker
    DebianSecurityTracker CveContentType = "debian_security_tracker"

    // Debian is Debian
    Debian CveContentType = "debian"

    // Ubuntu is Ubuntu
    Ubuntu CveContentType = "ubuntu"

    // Oracle is Oracle Linux
    Oracle CveContentType = "oracle"

    // Amazon is Amazon Linux
    Amazon CveContentType = "amazon"

    // SUSE is SUSE Linux
    SUSE CveContentType = "suse"

    // Microsoft is Microsoft
    Microsoft CveContentType = "microsoft"

    // WPVulnDB is WordPress
    WPVulnDB CveContentType = "wpvulndb"

    // NodeSec : for JS
    NodeSec CveContentType = "node"

    // PythonSec : for PHP
    PythonSec CveContentType = "python"

    // PhpSec : for PHP
    PhpSec CveContentType = "php"

    // RubySec : for Ruby
    RubySec CveContentType = "ruby"

    // RustSec : for Rust
    RustSec CveContentType = "rust"

    // Unknown is Unknown
    Unknown CveContentType = "unknown"
)

func NewCveContentType Uses

func NewCveContentType(name string) CveContentType

NewCveContentType create CveContentType

type CveContentTypes Uses

type CveContentTypes []CveContentType

CveContentTypes has slide of CveContentType

func (CveContentTypes) Except Uses

func (c CveContentTypes) Except(excepts ...CveContentType) (excepted CveContentTypes)

Except returns CveContentTypes except for given args

type CveContents Uses

type CveContents map[CveContentType]CveContent

CveContents has CveContent

func NewCveContents Uses

func NewCveContents(conts ...CveContent) CveContents

NewCveContents create CveContents

func (CveContents) Cpes Uses

func (v CveContents) Cpes(myFamily string) (values []CveContentCpes)

Cpes returns affected CPEs of this Vulnerability

func (CveContents) CweIDs Uses

func (v CveContents) CweIDs(myFamily string) (values []CveContentStr)

CweIDs returns related CweIDs of the vulnerability

func (CveContents) Except Uses

func (v CveContents) Except(exceptCtypes ...CveContentType) (values CveContents)

Except returns CveContents except given keys for enumeration

func (CveContents) References Uses

func (v CveContents) References(myFamily string) (values []CveContentRefs)

References returns References

func (v CveContents) SourceLinks(lang, myFamily, cveID string) (values []CveContentStr)

SourceLinks returns link of source

func (CveContents) UniqCweIDs Uses

func (v CveContents) UniqCweIDs(myFamily string) (values []CveContentStr)

UniqCweIDs returns Uniq CweIDs

type Cvss Uses

type Cvss struct {
    Type                 CvssType `json:"type"`
    Score                float64  `json:"score"`
    CalculatedBySeverity bool     `json:"calculatedBySeverity"`
    Vector               string   `json:"vector"`
    Severity             string   `json:"severity"`
}

Cvss has CVSS Score

func (Cvss) Format Uses

func (c Cvss) Format() string

Format CVSS Score and Vector

type CvssType Uses

type CvssType string

CvssType Represent the type of CVSS

const (
    // CVSS2 means CVSS vesion2
    CVSS2 CvssType = "2"

    // CVSS3 means CVSS vesion3
    CVSS3 CvssType = "3"
)

type CweDict Uses

type CweDict map[string]CweDictEntry

CweDict is a dictionary for CWE

func (CweDict) Get Uses

func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL string)

Get the name, url, top10URL for the specified cweID, lang

type CweDictEntry Uses

type CweDictEntry struct {
    En              *cwe.Cwe `json:"en,omitempty"`
    Ja              *cwe.Cwe `json:"ja,omitempty"`
    OwaspTopTen2017 string   `json:"owaspTopTen2017"`
}

CweDictEntry is a entry of CWE

type DetectionMethod Uses

type DetectionMethod string

DetectionMethod indicates - How to detect the CveID - How to get the changelog difference between installed and candidate version

type DistroAdvisories Uses

type DistroAdvisories []DistroAdvisory

DistroAdvisories is a list of DistroAdvisory

func (*DistroAdvisories) AppendIfMissing Uses

func (advs *DistroAdvisories) AppendIfMissing(adv *DistroAdvisory) bool

AppendIfMissing appends if missing

type DistroAdvisory Uses

type DistroAdvisory struct {
    AdvisoryID  string    `json:"advisoryID"`
    Severity    string    `json:"severity"`
    Issued      time.Time `json:"issued"`
    Updated     time.Time `json:"updated"`
    Description string    `json:"description"`
}

DistroAdvisory has Amazon Linux, RHEL, FreeBSD Security Advisory information.

func (DistroAdvisory) Format Uses

func (p DistroAdvisory) Format() string

Format the distro advisory information

type Exploit Uses

type Exploit struct {
    ExploitType  exploitmodels.ExploitType `json:"exploitType"`
    ID           string                    `json:"id"`
    URL          string                    `json:"url"`
    Description  string                    `json:"description"`
    DocumentURL  *string                   `json:"documentURL,omitempty"`
    ShellCodeURL *string                   `json:"shellCodeURL,omitempty"`
    BinaryURL    *string                   `json:"binaryURL,omitempty"`
}

Exploit :

type GitHubSecurityAlert Uses

type GitHubSecurityAlert struct {
    PackageName   string    `json:"packageName"`
    FixedIn       string    `json:"fixedIn"`
    AffectedRange string    `json:"affectedRange"`
    Dismissed     bool      `json:"dismissed"`
    DismissedAt   time.Time `json:"dismissedAt"`
    DismissReason string    `json:"dismissReason"`
}

GitHubSecurityAlert has detected CVE-ID, PackageName, Status fetched via GitHub API

type GitHubSecurityAlerts Uses

type GitHubSecurityAlerts []GitHubSecurityAlert

GitHubSecurityAlerts is a list of GitHubSecurityAlert

func (GitHubSecurityAlerts) Add Uses

func (g GitHubSecurityAlerts) Add(alert GitHubSecurityAlert) GitHubSecurityAlerts

Add adds given arg to the slice and return the slice (immutable)

func (GitHubSecurityAlerts) Names Uses

func (g GitHubSecurityAlerts) Names() (names []string)

Names return a slice of lib names

type Image Uses

type Image struct {
    Name string `json:"name"`
    Tag  string `json:"tag"`
}

Image has Container information

type Kernel Uses

type Kernel struct {
    Release        string `json:"release"`
    Version        string `json:"version"`
    RebootRequired bool   `json:"rebootRequired"`
}

Kernel has the Release, version and whether need restart

type LibraryFixedIn Uses

type LibraryFixedIn struct {
    Key     string `json:"key,omitempty"`
    Name    string `json:"name,omitempty"`
    FixedIn string `json:"fixedIn,omitempty"`
}

LibraryFixedIn has library fixed information

type LibraryFixedIns Uses

type LibraryFixedIns []LibraryFixedIn

LibraryFixedIns is a list of Library's FixedIn

type LibraryScanner Uses

type LibraryScanner struct {
    Path string
    Libs []types.Library
}

LibraryScanner has libraries information

func (LibraryScanner) GetLibraryKey Uses

func (s LibraryScanner) GetLibraryKey() string

GetLibraryKey returns target library key

func (LibraryScanner) Scan Uses

func (s LibraryScanner) Scan() ([]VulnInfo, error)

Scan : scan target library

type NeedRestartProcess Uses

type NeedRestartProcess struct {
    PID         string `json:"pid"`
    Path        string `json:"path"`
    ServiceName string `json:"serviceName"`
    InitSystem  string `json:"initSystem"`
    HasInit     bool   `json:"-"`
}

NeedRestartProcess keep a processes information affected by software update

type Package Uses

type Package struct {
    Name             string               `json:"name"`
    Version          string               `json:"version"`
    Release          string               `json:"release"`
    NewVersion       string               `json:"newVersion"`
    NewRelease       string               `json:"newRelease"`
    Arch             string               `json:"arch"`
    Repository       string               `json:"repository"`
    Changelog        Changelog            `json:"changelog"`
    AffectedProcs    []AffectedProcess    `json:",omitempty"`
    NeedRestartProcs []NeedRestartProcess `json:",omitempty"`
}

Package has installed binary packages.

func (Package) FQPN Uses

func (p Package) FQPN() string

FQPN returns Fully-Qualified-Package-Name name-version-release.arch

func (Package) FormatChangelog Uses

func (p Package) FormatChangelog() string

FormatChangelog formats the changelog

func (Package) FormatNewVer Uses

func (p Package) FormatNewVer() string

FormatNewVer returns package version-release

func (Package) FormatVer Uses

func (p Package) FormatVer() string

FormatVer returns package version-release

func (Package) FormatVersionFromTo Uses

func (p Package) FormatVersionFromTo(notFixedYet bool, status string) string

FormatVersionFromTo formats installed and new package version

type PackageFixStatus Uses

type PackageFixStatus struct {
    Name        string `json:"name"`
    NotFixedYet bool   `json:"notFixedYet"`
    FixState    string `json:"fixState"`
}

PackageFixStatus has name and other status abount the package

type PackageFixStatuses Uses

type PackageFixStatuses []PackageFixStatus

PackageFixStatuses is a list of PackageStatus

func (PackageFixStatuses) Names Uses

func (ps PackageFixStatuses) Names() (names []string)

Names return a slice of package names

func (PackageFixStatuses) Sort Uses

func (ps PackageFixStatuses) Sort()

Sort by Name

func (PackageFixStatuses) Store Uses

func (ps PackageFixStatuses) Store(pkg PackageFixStatus) PackageFixStatuses

Store insert given pkg if missing, update pkg if exists

type Packages Uses

type Packages map[string]Package

Packages is Map of Package { "package-name": Package }

func NewPackages Uses

func NewPackages(packs ...Package) Packages

NewPackages create Packages

func (Packages) FindByFQPN Uses

func (ps Packages) FindByFQPN(nameVerRelArc string) (*Package, error)

FindByFQPN search a package by Fully-Qualified-Package-Name

func (Packages) FindOne Uses

func (ps Packages) FindOne(f func(Package) bool) (string, Package, bool)

FindOne search a element

func (Packages) Merge Uses

func (ps Packages) Merge(other Packages) Packages

Merge returns merged map (immutable)

func (Packages) MergeNewVersion Uses

func (ps Packages) MergeNewVersion(as Packages)

MergeNewVersion merges candidate version information to the receiver struct

type Platform Uses

type Platform struct {
    Name       string `json:"name"` // aws or azure or gcp or other...
    InstanceID string `json:"instanceID"`
}

Platform has platform information

type Reference Uses

type Reference struct {
    Source string `json:"source"`
    Link   string `json:"link"`
    RefID  string `json:"refID"`
}

Reference has a related link of the CVE

type References Uses

type References []Reference

References is a slice of Reference

type ScanResult Uses

type ScanResult struct {
    JSONVersion      int                   `json:"jsonVersion"`
    Lang             string                `json:"lang"`
    ServerUUID       string                `json:"serverUUID"`
    ServerName       string                `json:"serverName"` // TOML Section key
    Family           string                `json:"family"`
    Release          string                `json:"release"`
    Container        Container             `json:"container"`
    Image            Image                 `json:"image"`
    Platform         Platform              `json:"platform"`
    IPv4Addrs        []string              `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
    IPv6Addrs        []string              `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
    IPSIdentifiers   map[config.IPS]string `json:"ipsIdentifiers,omitempty"`
    ScannedAt        time.Time             `json:"scannedAt"`
    ScanMode         string                `json:"scanMode"`
    ScannedVersion   string                `json:"scannedVersion"`
    ScannedRevision  string                `json:"scannedRevision"`
    ScannedBy        string                `json:"scannedBy"`
    ScannedVia       string                `json:"scannedVia"`
    ScannedIPv4Addrs []string              `json:"scannedIpv4Addrs,omitempty"`
    ScannedIPv6Addrs []string              `json:"scannedIpv6Addrs,omitempty"`
    ReportedAt       time.Time             `json:"reportedAt"`
    ReportedVersion  string                `json:"reportedVersion"`
    ReportedRevision string                `json:"reportedRevision"`
    ReportedBy       string                `json:"reportedBy"`
    Errors           []string              `json:"errors"`
    Warnings         []string              `json:"warnings"`

    ScannedCves       VulnInfos              `json:"scannedCves"`
    RunningKernel     Kernel                 `json:"runningKernel"`
    Packages          Packages               `json:"packages"`
    SrcPackages       SrcPackages            `json:",omitempty"`
    WordPressPackages *WordPressPackages     `json:",omitempty"`
    LibraryScanners   []LibraryScanner       `json:"libScanners"`
    CweDict           CweDict                `json:"cweDict,omitempty"`
    Optional          map[string]interface{} `json:",omitempty"`
    Config            struct {
        Scan   config.Config `json:"scan"`
        Report config.Config `json:"report"`
    }   `json:"config"`
}

ScanResult has the result of scanned CVE information.

func (ScanResult) FilterByCvssOver Uses

func (r ScanResult) FilterByCvssOver(over float64) ScanResult

FilterByCvssOver is filter function.

func (ScanResult) FilterIgnoreCves Uses

func (r ScanResult) FilterIgnoreCves() ScanResult

FilterIgnoreCves is filter function.

func (ScanResult) FilterIgnorePkgs Uses

func (r ScanResult) FilterIgnorePkgs() ScanResult

FilterIgnorePkgs is filter function.

func (ScanResult) FilterInactiveWordPressLibs Uses

func (r ScanResult) FilterInactiveWordPressLibs() ScanResult

FilterInactiveWordPressLibs is filter function.

func (ScanResult) FilterUnfixed Uses

func (r ScanResult) FilterUnfixed() ScanResult

FilterUnfixed is filter function.

func (ScanResult) FormatAlertSummary Uses

func (r ScanResult) FormatAlertSummary() string

FormatAlertSummary returns a summary of XCERT alerts

func (ScanResult) FormatExploitCveSummary Uses

func (r ScanResult) FormatExploitCveSummary() string

FormatExploitCveSummary returns a summary of exploit cve

func (ScanResult) FormatServerName Uses

func (r ScanResult) FormatServerName() (name string)

FormatServerName returns server and container name

func (ScanResult) FormatTextReportHeadedr Uses

func (r ScanResult) FormatTextReportHeadedr() string

FormatTextReportHeadedr returns header of text report

func (ScanResult) FormatUpdatablePacksSummary Uses

func (r ScanResult) FormatUpdatablePacksSummary() string

FormatUpdatablePacksSummary returns a summary of updatable packages

func (ScanResult) IsContainer Uses

func (r ScanResult) IsContainer() bool

IsContainer returns whether this ServerInfo is about container

func (ScanResult) IsDeepScanMode Uses

func (r ScanResult) IsDeepScanMode() bool

IsDeepScanMode checks if the scan mode is deep scan mode.

func (ScanResult) IsImage Uses

func (r ScanResult) IsImage() bool

IsImage returns whether this ServerInfo is about container

func (ScanResult) ReportFileName Uses

func (r ScanResult) ReportFileName() (name string)

ReportFileName returns the filename on localhost without extention

func (ScanResult) ReportKeyName Uses

func (r ScanResult) ReportKeyName() (name string)

ReportKeyName returns the name of key on S3, Azure-Blob without extention

func (ScanResult) ServerInfo Uses

func (r ScanResult) ServerInfo() string

ServerInfo returns server name one line

func (ScanResult) ServerInfoTui Uses

func (r ScanResult) ServerInfoTui() string

ServerInfoTui returns server information for TUI sidebar

type ScanResults Uses

type ScanResults []ScanResult

ScanResults is a slide of ScanResult

type SrcPackage Uses

type SrcPackage struct {
    Name        string   `json:"name"`
    Version     string   `json:"version"`
    Arch        string   `json:"arch"`
    BinaryNames []string `json:"binaryNames"`
}

SrcPackage has installed source package information. Debian based Linux has both of package and source information in dpkg. OVAL database often includes a source version (Not a binary version), so it is also needed to capture source version for OVAL version comparison. https://github.com/future-architect/vuls/issues/504

func (*SrcPackage) AddBinaryName Uses

func (s *SrcPackage) AddBinaryName(name string)

AddBinaryName add the name if not exists

type SrcPackages Uses

type SrcPackages map[string]SrcPackage

SrcPackages is Map of SrcPackage { "package-name": SrcPackage }

func (SrcPackages) FindByBinName Uses

func (s SrcPackages) FindByBinName(name string) (*SrcPackage, bool)

FindByBinName finds by bin-package-name

type VulnInfo Uses

type VulnInfo struct {
    CveID                string               `json:"cveID,omitempty"`
    Confidences          Confidences          `json:"confidences,omitempty"`
    AffectedPackages     PackageFixStatuses   `json:"affectedPackages,omitempty"`
    DistroAdvisories     DistroAdvisories     `json:"distroAdvisories,omitempty"` // for Aamazon, RHEL, FreeBSD
    CveContents          CveContents          `json:"cveContents,omitempty"`
    Exploits             []Exploit            `json:"exploits,omitempty"`
    AlertDict            AlertDict            `json:"alertDict,omitempty"`
    CpeURIs              []string             `json:"cpeURIs,omitempty"` // CpeURIs related to this CVE defined in config.toml
    GitHubSecurityAlerts GitHubSecurityAlerts `json:"gitHubSecurityAlerts,omitempty"`
    WpPackageFixStats    WpPackageFixStats    `json:"wpPackageFixStats,omitempty"`
    LibraryFixedIns      LibraryFixedIns      `json:"libraryFixedIns,omitempty"`

    VulnType string `json:"vulnType,omitempty"`
}

VulnInfo has a vulnerability information and unsecure packages

func (VulnInfo) AttackVector Uses

func (v VulnInfo) AttackVector() string

AttackVector returns attack vector string

func (VulnInfo) Cvss2CalcURL Uses

func (v VulnInfo) Cvss2CalcURL() string

Cvss2CalcURL returns CVSS v2 caluclator's URL

func (VulnInfo) Cvss2Scores Uses

func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss)

Cvss2Scores returns CVSS V2 Scores

func (VulnInfo) Cvss3CalcURL Uses

func (v VulnInfo) Cvss3CalcURL() string

Cvss3CalcURL returns CVSS v3 caluclator's URL

func (VulnInfo) Cvss3Scores Uses

func (v VulnInfo) Cvss3Scores() (values []CveContentCvss)

Cvss3Scores returns CVSS V3 Score

func (VulnInfo) FormatMaxCvssScore Uses

func (v VulnInfo) FormatMaxCvssScore() string

FormatMaxCvssScore returns Max CVSS Score

func (VulnInfo) MaxCvss2Score Uses

func (v VulnInfo) MaxCvss2Score() CveContentCvss

MaxCvss2Score returns Max CVSS V2 Score

func (VulnInfo) MaxCvss3Score Uses

func (v VulnInfo) MaxCvss3Score() CveContentCvss

MaxCvss3Score returns Max CVSS V3 Score

func (VulnInfo) MaxCvssScore Uses

func (v VulnInfo) MaxCvssScore() CveContentCvss

MaxCvssScore returns max CVSS Score If there is no CVSS Score, return Severity as a numerical value.

func (VulnInfo) Mitigations Uses

func (v VulnInfo) Mitigations(myFamily string) (values []CveContentStr)

Mitigations returns mitigations

func (VulnInfo) PatchStatus Uses

func (v VulnInfo) PatchStatus(packs Packages) string

PatchStatus returns fixed or unfixed string

func (VulnInfo) Summaries Uses

func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr)

Summaries returns summaries

func (VulnInfo) Titles Uses

func (v VulnInfo) Titles(lang, myFamily string) (values []CveContentStr)

Titles returns tilte (TUI)

func (v VulnInfo) VendorLinks(family string) map[string]string

VendorLinks returns links of vendor support's URL

type VulnInfos Uses

type VulnInfos map[string]VulnInfo

VulnInfos has a map of VulnInfo Key: CveID

func (VulnInfos) CountGroupBySeverity Uses

func (v VulnInfos) CountGroupBySeverity() map[string]int

CountGroupBySeverity summarize the number of CVEs group by CVSSv2 Severity

func (VulnInfos) Find Uses

func (v VulnInfos) Find(f func(VulnInfo) bool) VulnInfos

Find elements that matches the function passed in argument

func (VulnInfos) FindScoredVulns Uses

func (v VulnInfos) FindScoredVulns() VulnInfos

FindScoredVulns return scored vulnerabilities

func (VulnInfos) FormatCveSummary Uses

func (v VulnInfos) FormatCveSummary() string

FormatCveSummary summarize the number of CVEs group by CVSSv2 Severity

func (VulnInfos) FormatFixedStatus Uses

func (v VulnInfos) FormatFixedStatus(packs Packages) string

FormatFixedStatus summarize the number of cves are fixed.

func (VulnInfos) ToSortedSlice Uses

func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo)

ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID

type WordPressPackages Uses

type WordPressPackages []WpPackage

WordPressPackages has Core version, plugins and themes.

func (WordPressPackages) CoreVersion Uses

func (w WordPressPackages) CoreVersion() string

CoreVersion returns the core version of the installed WordPress

func (WordPressPackages) Find Uses

func (w WordPressPackages) Find(name string) (ps *WpPackage, found bool)

Find searches by specified name

func (WordPressPackages) Plugins Uses

func (w WordPressPackages) Plugins() (ps []WpPackage)

Plugins returns a slice of plugins of the installed WordPress

func (WordPressPackages) Themes Uses

func (w WordPressPackages) Themes() (ps []WpPackage)

Themes returns a slice of themes of the installed WordPress

type WpPackage Uses

type WpPackage struct {
    Name    string `json:"name,omitempty"`
    Status  string `json:"status,omitempty"` // active, inactive or must-use
    Update  string `json:"update,omitempty"` // available or none
    Version string `json:"version,omitempty"`
    Type    string `json:"type,omitempty"` // core, plugin, theme
}

WpPackage has a details of plugin and theme

type WpPackageFixStats Uses

type WpPackageFixStats []WpPackageFixStatus

WpPackageFixStats is a list of WpPackageFixStatus

func (WpPackageFixStats) Names Uses

func (ws WpPackageFixStats) Names() (names []string)

Names return a slice of names

type WpPackageFixStatus Uses

type WpPackageFixStatus struct {
    Name    string `json:"name,omitempty"`
    FixedIn string `json:"fixedIn,omitempty"`
}

WpPackageFixStatus is used in Vulninfo.WordPress

type WpPackages Uses

type WpPackages []WpPackage

WpPackages has a list of WpPackage

func (WpPackages) Add Uses

func (g WpPackages) Add(pkg WpPackage) WpPackages

Add adds given arg to the slice and return the slice (immutable)

Package models imports 17 packages (graph) and is imported by 59 packages. Updated 2019-09-12. Refresh now. Tools for package owners.