models

package
v0.25.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 22, 2024 License: GPL-3.0 Imports: 16 Imported by: 74

Documentation

Index

Constants

View Source 
const (
	// DiffPlus is newly detected CVE
	DiffPlus = DiffStatus("+")

	// DiffMinus is resolved CVE
	DiffMinus = DiffStatus("-")
)
View Source 
const (
	// NvdExactVersionMatchStr :
	NvdExactVersionMatchStr = "NvdExactVersionMatch"

	// NvdRoughVersionMatchStr :
	NvdRoughVersionMatchStr = "NvdRoughVersionMatch"

	// NvdVendorProductMatchStr :
	NvdVendorProductMatchStr = "NvdVendorProductMatch"

	// JvnVendorProductMatchStr :
	JvnVendorProductMatchStr = "JvnVendorProductMatch"

	// FortinetExactVersionMatchStr :
	FortinetExactVersionMatchStr = "FortinetExactVersionMatch"

	// FortinetRoughVersionMatchStr :
	FortinetRoughVersionMatchStr = "FortinetRoughVersionMatch"

	// FortinetVendorProductMatchStr :
	FortinetVendorProductMatchStr = "FortinetVendorProductMatch"

	// PkgAuditMatchStr :
	PkgAuditMatchStr = "PkgAuditMatch"

	// OvalMatchStr :
	OvalMatchStr = "OvalMatch"

	// RedHatAPIStr is :
	RedHatAPIStr = "RedHatAPIMatch"

	// DebianSecurityTrackerMatchStr :
	DebianSecurityTrackerMatchStr = "DebianSecurityTrackerMatch"

	// UbuntuAPIMatchStr :
	UbuntuAPIMatchStr = "UbuntuAPIMatch"

	// WindowsUpdateSearchStr :
	WindowsUpdateSearchStr = "WindowsUpdateSearch"

	// TrivyMatchStr :
	TrivyMatchStr = "TrivyMatch"

	// ChangelogExactMatchStr :
	ChangelogExactMatchStr = "ChangelogExactMatch"

	// ChangelogRoughMatchStr :
	ChangelogRoughMatchStr = "ChangelogRoughMatch"

	// GitHubMatchStr :
	GitHubMatchStr = "GitHubMatch"

	// WpScanMatchStr :
	WpScanMatchStr = "WpScanMatch"

	// FailedToGetChangelog :
	FailedToGetChangelog = "FailedToGetChangelog"

	// FailedToFindVersionInChangelog :
	FailedToFindVersionInChangelog = "FailedToFindVersionInChangelog"
)
View Source 
const (
	// WPCore is a type `core` in WPPackage struct
	WPCore = "core"
	// WPPlugin is a type `plugin` in WPPackage struct
	WPPlugin = "plugin"
	// WPTheme is a type `theme` in WPPackage struct
	WPTheme = "theme"

	// Inactive is a inactive status in WPPackage struct
	Inactive = "inactive"
)
View Source 
const JSONVersion = 4

JSONVersion is JSON Version

Variables

View Source 
var (
	// PkgAuditMatch is a ranking how confident the CVE-ID was detected correctly
	PkgAuditMatch = Confidence{100, PkgAuditMatchStr, 2}

	// OvalMatch is a ranking how confident the CVE-ID was detected correctly
	OvalMatch = Confidence{100, OvalMatchStr, 0}

	// RedHatAPIMatch ranking how confident the CVE-ID was detected correctly
	RedHatAPIMatch = Confidence{100, RedHatAPIStr, 0}

	// DebianSecurityTrackerMatch ranking how confident the CVE-ID was detected correctly
	DebianSecurityTrackerMatch = Confidence{100, DebianSecurityTrackerMatchStr, 0}

	// UbuntuAPIMatch ranking how confident the CVE-ID was detected correctly
	UbuntuAPIMatch = Confidence{100, UbuntuAPIMatchStr, 0}

	// WindowsUpdateSearch ranking how confident the CVE-ID was detected correctly
	WindowsUpdateSearch = Confidence{100, WindowsUpdateSearchStr, 0}

	// TrivyMatch ranking how confident the CVE-ID was detected correctly
	TrivyMatch = Confidence{100, TrivyMatchStr, 0}

	// ChangelogExactMatch is a ranking how confident the CVE-ID was detected correctly
	ChangelogExactMatch = Confidence{95, ChangelogExactMatchStr, 3}

	// ChangelogRoughMatch is a ranking how confident the CVE-ID was detected correctly
	ChangelogRoughMatch = Confidence{50, ChangelogRoughMatchStr, 4}

	// GitHubMatch is a ranking how confident the CVE-ID was detected correctly
	GitHubMatch = Confidence{100, GitHubMatchStr, 2}

	// WpScanMatch is a ranking how confident the CVE-ID was detected correctly
	WpScanMatch = Confidence{100, WpScanMatchStr, 0}

	// NvdExactVersionMatch is a ranking how confident the CVE-ID was detected correctly
	NvdExactVersionMatch = Confidence{100, NvdExactVersionMatchStr, 1}

	// NvdRoughVersionMatch NvdExactVersionMatch is a ranking how confident the CVE-ID was detected correctly
	NvdRoughVersionMatch = Confidence{80, NvdRoughVersionMatchStr, 1}

	// NvdVendorProductMatch is a ranking how confident the CVE-ID was detected correctly
	NvdVendorProductMatch = Confidence{10, NvdVendorProductMatchStr, 9}

	// JvnVendorProductMatch is a ranking how confident the CVE-ID was detected correctly
	JvnVendorProductMatch = Confidence{10, JvnVendorProductMatchStr, 10}

	// FortinetExactVersionMatch is a ranking how confident the CVE-ID was detected correctly
	FortinetExactVersionMatch = Confidence{100, FortinetExactVersionMatchStr, 1}

	// FortinetRoughVersionMatch FortinetExactVersionMatch is a ranking how confident the CVE-ID was detected correctly
	FortinetRoughVersionMatch = Confidence{80, FortinetRoughVersionMatchStr, 1}

	// FortinetVendorProductMatch is a ranking how confident the CVE-ID was detected correctly
	FortinetVendorProductMatch = Confidence{10, FortinetVendorProductMatchStr, 9}
)
View Source 
var AllCveContetTypes = CveContentTypes{
	Nvd,
	Jvn,
	Fortinet,
	RedHat,
	RedHatAPI,
	Debian,
	DebianSecurityTracker,
	Ubuntu,
	UbuntuAPI,
	Amazon,
	Fedora,
	SUSE,
	WpScan,
	Trivy,
	GitHub,
}

AllCveContetTypes has all of CveContentTypes

View Source 
var FindLockFiles = []string{

	ftypes.PubSpecLock,

	ftypes.MixLock,

	ftypes.NpmPkgLock, ftypes.YarnLock, ftypes.PnpmLock,

	ftypes.GemfileLock, "*.gemspec",

	ftypes.CargoLock,

	ftypes.ComposerLock,

	ftypes.PipRequirements, ftypes.PipfileLock, ftypes.PoetryLock,

	ftypes.NuGetPkgsLock, ftypes.NuGetPkgsConfig, "*.deps.json", "*Packages.props",

	ftypes.GoMod, ftypes.GoSum,

	ftypes.MavenPom, "*.jar", "*.war", "*.ear", "*.par", "*gradle.lockfile",

	ftypes.ConanLock,

	ftypes.CocoaPodsLock, ftypes.SwiftResolved,
}

FindLockFiles is a list of filenames that is the target of findLock

Functions

func ConvertNvdToModel added in v0.4.0 

func ConvertNvdToModel(cveID string, nvds []cvedict.Nvd) ([]CveContent, []Exploit, []Mitigation)

ConvertNvdToModel convert NVD to CveContent

func IsRaspbianPackage added in v0.12.0 

func IsRaspbianPackage(name, version string) bool

IsRaspbianPackage judges whether it is a package related to Raspberry Pi from the package name and version

Types

type AffectedProcess added in v0.5.0 

type AffectedProcess struct {
	PID             string     `json:"pid,omitempty"`
	Name            string     `json:"name,omitempty"`
	ListenPorts     []string   `json:"listenPorts,omitempty"`
	ListenPortStats []PortStat `json:"listenPortStats,omitempty"`
}

AffectedProcess keep a processes information affected by software update

type Alert added in v0.9.0 

type Alert struct {
	URL   string `json:"url,omitempty"`
	Title string `json:"title,omitempty"`
	Team  string `json:"team,omitempty"`
}

Alert has CERT alert information

type AlertDict added in v0.6.2 

type AlertDict struct {
	CISA   []Alert `json:"cisa"`
	JPCERT []Alert `json:"jpcert"`
	USCERT []Alert `json:"uscert"`
}

AlertDict has target cve JPCERT, USCERT and CISA alert data

func (AlertDict) FormatSource added in v0.6.2 

func (a AlertDict) FormatSource() string

FormatSource returns which source has this alert

func (AlertDict) IsEmpty added in v0.19.0 

func (a AlertDict) IsEmpty() bool

IsEmpty checks if the content of AlertDict is empty

type AttentionCWE added in v0.19.8 

type AttentionCWE struct {
	Rank string
	URL  string
}

AttentionCWE has OWASP TOP10, CWE TOP25, CWE/SANS TOP25 rank and url

type Changelog added in v0.3.0 

type Changelog struct {
	Contents string          `json:"contents"`
	Method   DetectionMethod `json:"method"`
}

Changelog has contents of changelog and how to get it. Method: models.detectionMethodStr

type Confidence added in v0.3.0 

type Confidence struct {
	Score           int             `json:"score"`
	DetectionMethod DetectionMethod `json:"detectionMethod"`
	SortOrder       int             `json:"-"`
}

Confidence is a ranking how confident the CVE-ID was detected correctly Score: 0 - 100

func (Confidence) String added in v0.3.0 

func (c Confidence) String() string

type Confidences added in v0.5.0 

type Confidences []Confidence

Confidences is a list of Confidence

func (*Confidences) AppendIfMissing added in v0.5.0 

func (cs *Confidences) AppendIfMissing(confidence Confidence)

AppendIfMissing appends confidence to the list if missing

func (Confidences) SortByConfident added in v0.5.0 

func (cs Confidences) SortByConfident() Confidences

SortByConfident sorts Confidences

type Container added in v0.1.4 

type Container struct {
	ContainerID string `json:"containerID"`
	Name        string `json:"name"`
	Image       string `json:"image"`
	Type        string `json:"type"`
	UUID        string `json:"uuid"`
}

Container has Container information

type Cpe added in v0.4.0 

type Cpe struct {
	URI             string `json:"uri"`
	FormattedString string `json:"formattedString"`
}

Cpe is Common Platform Enumeration

type CveContent added in v0.4.0 

type CveContent struct {
	Type          CveContentType    `json:"type"`
	CveID         string            `json:"cveID"`
	Title         string            `json:"title"`
	Summary       string            `json:"summary"`
	Cvss2Score    float64           `json:"cvss2Score"`
	Cvss2Vector   string            `json:"cvss2Vector"`
	Cvss2Severity string            `json:"cvss2Severity"`
	Cvss3Score    float64           `json:"cvss3Score"`
	Cvss3Vector   string            `json:"cvss3Vector"`
	Cvss3Severity string            `json:"cvss3Severity"`
	SourceLink    string            `json:"sourceLink"`
	Cpes          []Cpe             `json:"cpes,omitempty"`
	References    References        `json:"references,omitempty"`
	CweIDs        []string          `json:"cweIDs,omitempty"`
	Published     time.Time         `json:"published"`
	LastModified  time.Time         `json:"lastModified"`
	Optional      map[string]string `json:"optional,omitempty"`
}

CveContent has abstraction of various vulnerability information

func ConvertFortinetToModel added in v0.24.0 

func ConvertFortinetToModel(cveID string, fortinets []cvedict.Fortinet) []CveContent

ConvertFortinetToModel convert Fortinet to CveContent

func ConvertJvnToModel added in v0.4.0 

func ConvertJvnToModel(cveID string, jvns []cvedict.Jvn) []CveContent

ConvertJvnToModel convert JVN to CveContent

func (CveContent) Empty added in v0.4.0 

func (c CveContent) Empty() bool

Empty checks the content is empty

type CveContentCpes added in v0.4.0 

type CveContentCpes struct {
	Type  CveContentType
	Value []Cpe
}

CveContentCpes has CveContentType and Value

type CveContentCvss added in v0.4.0 

type CveContentCvss struct {
	Type  CveContentType `json:"type"`
	Value Cvss           `json:"value"`
}

CveContentCvss has CVSS information

type CveContentRefs added in v0.4.0 

type CveContentRefs struct {
	Type  CveContentType
	Value []Reference
}

CveContentRefs has CveContentType and Cpes

type CveContentStr added in v0.4.0 

type CveContentStr struct {
	Type  CveContentType
	Value string
}

CveContentStr has CveContentType and Value

type CveContentType added in v0.4.0 

type CveContentType string

CveContentType is a source of CVE information 

const (
	// Nvd is Nvd JSON
	Nvd CveContentType = "nvd"

	// Jvn is Jvn
	Jvn CveContentType = "jvn"

	// Fortinet is Fortinet
	Fortinet CveContentType = "fortinet"

	// RedHat is RedHat
	RedHat CveContentType = "redhat"

	// RedHatAPI is RedHat
	RedHatAPI CveContentType = "redhat_api"

	// DebianSecurityTracker is Debian Security tracker
	DebianSecurityTracker CveContentType = "debian_security_tracker"

	// Debian is Debian
	Debian CveContentType = "debian"

	// Ubuntu is Ubuntu
	Ubuntu CveContentType = "ubuntu"

	// UbuntuAPI is Ubuntu
	UbuntuAPI CveContentType = "ubuntu_api"

	// Oracle is Oracle Linux
	Oracle CveContentType = "oracle"

	// Amazon is Amazon Linux
	Amazon CveContentType = "amazon"

	// Fedora is Fedora Linux
	Fedora CveContentType = "fedora"

	// SUSE is SUSE Linux
	SUSE CveContentType = "suse"

	// Microsoft is Microsoft
	Microsoft CveContentType = "microsoft"

	// WpScan is WordPress
	WpScan CveContentType = "wpscan"

	// Trivy is Trivy
	Trivy CveContentType = "trivy"

	// GitHub is GitHub Security Alerts
	GitHub CveContentType = "github"

	// Unknown is Unknown
	Unknown CveContentType = "unknown"
)

func GetCveContentTypes added in v0.22.1 

func GetCveContentTypes(family string) []CveContentType

GetCveContentTypes return CveContentTypes

func NewCveContentType added in v0.4.0 

func NewCveContentType(name string) CveContentType

NewCveContentType create CveContentType

type CveContentTypes added in v0.4.0 

type CveContentTypes []CveContentType

CveContentTypes has slide of CveContentType

func (CveContentTypes) Except added in v0.4.0 

func (c CveContentTypes) Except(excepts ...CveContentType) (excepted CveContentTypes)

Except returns CveContentTypes except for given args

type CveContents added in v0.4.0 

type CveContents map[CveContentType][]CveContent

CveContents has CveContent

func NewCveContents added in v0.4.0 

func NewCveContents(conts ...CveContent) CveContents

NewCveContents create CveContents

func (CveContents) Cpes added in v0.4.0 

func (v CveContents) Cpes(myFamily string) (values []CveContentCpes)

Cpes returns affected CPEs of this Vulnerability

func (CveContents) CweIDs added in v0.4.0 

func (v CveContents) CweIDs(myFamily string) (values []CveContentStr)

CweIDs returns related CweIDs of the vulnerability

func (CveContents) Except added in v0.4.0 

func (v CveContents) Except(exceptCtypes ...CveContentType) (values CveContents)

Except returns CveContents except given keys for enumeration

func (CveContents) PatchURLs added in v0.14.0 

func (v CveContents) PatchURLs() (urls []string)

PatchURLs returns link of patch

func (CveContents) PrimarySrcURLs added in v0.14.0 

func (v CveContents) PrimarySrcURLs(lang, myFamily, cveID string, confidences Confidences) (values []CveContentStr)

PrimarySrcURLs returns link of source

func (CveContents) References added in v0.4.0 

func (v CveContents) References(myFamily string) (values []CveContentRefs)

References returns References

func (CveContents) Sort added in v0.15.14 

func (v CveContents) Sort()

Sort elements for integration-testing

func (CveContents) UniqCweIDs added in v0.5.0 

func (v CveContents) UniqCweIDs(myFamily string) (values []CveContentStr)

UniqCweIDs returns Uniq CweIDs

type Cvss added in v0.4.0 

type Cvss struct {
	Type                 CvssType `json:"type"`
	Score                float64  `json:"score"`
	CalculatedBySeverity bool     `json:"calculatedBySeverity"`
	Vector               string   `json:"vector"`
	Severity             string   `json:"severity"`
}

Cvss has CVSS Score

func (Cvss) Format added in v0.4.0 

func (c Cvss) Format() string

Format CVSS Score and Vector

func (Cvss) SeverityToCvssScoreRange added in v0.15.4 

func (c Cvss) SeverityToCvssScoreRange() string

SeverityToCvssScoreRange returns CVSS score range

type CvssType added in v0.4.0 

type CvssType string

CvssType Represent the type of CVSS 

const (
	// CVSS2 means CVSS version2
	CVSS2 CvssType = "2"

	// CVSS3 means CVSS version3
	CVSS3 CvssType = "3"
)

type CweDict added in v0.5.0 

type CweDict map[string]CweDictEntry

CweDict is a dictionary for CWE

func (CweDict) Get added in v0.5.0 

func (c CweDict) Get(cweID, lang string) (name, url string, owasp, cwe25, sans map[string]AttentionCWE)

Get the name, url, top10URL for the specified cweID, lang

type CweDictEntry added in v0.5.0 

type CweDictEntry struct {
	En                 *cwe.Cwe          `json:"en,omitempty"`
	Ja                 *cwe.Cwe          `json:"ja,omitempty"`
	OwaspTopTens       map[string]string `json:"owaspTopTens"`
	CweTopTwentyfives  map[string]string `json:"cweTopTwentyfives"`
	SansTopTwentyfives map[string]string `json:"sansTopTwentyfives"`
}

CweDictEntry is a entry of CWE

type Dependency added in v0.22.1 

type Dependency struct {
	PackageName    string `json:"packageName"`
	PackageManager string `json:"packageManager"`
	Repository     string `json:"repository"`
	Requirements   string `json:"requirements"`
}

Dependency has dependency package information

func (Dependency) Version added in v0.22.1 

func (d Dependency) Version() string

Version returns version

type DependencyGraphManifest added in v0.22.1 

type DependencyGraphManifest struct {
	BlobPath     string       `json:"blobPath"`
	Filename     string       `json:"filename"`
	Repository   string       `json:"repository"`
	Dependencies []Dependency `json:"dependencies"`
}

DependencyGraphManifest has filename, repository, dependencies

func (DependencyGraphManifest) Ecosystem added in v0.22.1 

func (m DependencyGraphManifest) Ecosystem() string

Ecosystem returns a name of ecosystem(or package manager) of manifest(lock) file in trivy way https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph#supported-package-ecosystems

func (DependencyGraphManifest) RepoURLFilename added in v0.22.1 

func (m DependencyGraphManifest) RepoURLFilename() string

RepoURLFilename should be same format with GitHubSecurityAlert.RepoURLManifestPath()

type DependencyGraphManifests added in v0.22.1 

type DependencyGraphManifests map[string]DependencyGraphManifest

DependencyGraphManifests has a map of DependencyGraphManifest key: BlobPath

type DetectionMethod added in v0.4.0 

type DetectionMethod string

DetectionMethod indicates - How to detect the CveID - How to get the changelog difference between installed and candidate version

type DiffStatus added in v0.15.8 

type DiffStatus string

DiffStatus keeps a comparison with the previous detection results for this CVE

type DistroAdvisories added in v0.8.0 

type DistroAdvisories []DistroAdvisory

DistroAdvisories is a list of DistroAdvisory

func (*DistroAdvisories) AppendIfMissing added in v0.8.0 

func (advs *DistroAdvisories) AppendIfMissing(adv *DistroAdvisory) bool

AppendIfMissing appends if missing

type DistroAdvisory 

type DistroAdvisory struct {
	AdvisoryID  string    `json:"advisoryID"`
	Severity    string    `json:"severity"`
	Issued      time.Time `json:"issued"`
	Updated     time.Time `json:"updated"`
	Description string    `json:"description"`
}

DistroAdvisory has Amazon Linux, RHEL, FreeBSD Security Advisory information.

func (DistroAdvisory) Format added in v0.4.0 

func (p DistroAdvisory) Format() string

Format the distro advisory information

type Exploit added in v0.6.0 

type Exploit struct {
	ExploitType  exploitmodels.ExploitType `json:"exploitType"`
	ID           string                    `json:"id"`
	URL          string                    `json:"url"`
	Description  string                    `json:"description"`
	DocumentURL  *string                   `json:"documentURL,omitempty"`
	ShellCodeURL *string                   `json:"shellCodeURL,omitempty"`
	BinaryURL    *string                   `json:"binaryURL,omitempty"`
	PaperURL     *string                   `json:"paperURL,omitempty"`
	GHDBURL      *string                   `json:"ghdbURL,omitempty"`
}

Exploit :

type GSAVulnerablePackage added in v0.22.1 

type GSAVulnerablePackage struct {
	Name             string `json:"name"`
	Ecosystem        string `json:"ecosystem"`
	ManifestFilename string `json:"manifestFilename"`
	ManifestPath     string `json:"manifestPath"`
	Requirements     string `json:"requirements"`
}

GSAVulnerablePackage has vulnerable package information

type GitHubSecurityAlert added in v0.6.3 

type GitHubSecurityAlert struct {
	Repository    string               `json:"repository"`
	Package       GSAVulnerablePackage `json:"package,omitempty"`
	FixedIn       string               `json:"fixedIn"`
	AffectedRange string               `json:"affectedRange"`
	Dismissed     bool                 `json:"dismissed"`
	DismissedAt   time.Time            `json:"dismissedAt"`
	DismissReason string               `json:"dismissReason"`
}

GitHubSecurityAlert has detected CVE-ID, GSAVulnerablePackage, Status fetched via GitHub API

func (GitHubSecurityAlert) RepoURLManifestPath added in v0.22.1 

func (a GitHubSecurityAlert) RepoURLManifestPath() string

RepoURLManifestPath should be same format with DependencyGraphManifest.RepoURLFilename()

func (GitHubSecurityAlert) RepoURLPackageName added in v0.22.1 

func (a GitHubSecurityAlert) RepoURLPackageName() string

RepoURLPackageName returns a string connecting the repository and package name

type GitHubSecurityAlerts added in v0.6.3 

type GitHubSecurityAlerts []GitHubSecurityAlert

GitHubSecurityAlerts is a list of GitHubSecurityAlert

func (GitHubSecurityAlerts) Add added in v0.6.3 

func (g GitHubSecurityAlerts) Add(alert GitHubSecurityAlert) GitHubSecurityAlerts

Add adds given arg to the slice and return the slice (immutable)

func (GitHubSecurityAlerts) Names added in v0.7.0 

func (g GitHubSecurityAlerts) Names() (names []string)

Names return a slice of lib names

type Kernel added in v0.4.0 

type Kernel struct {
	Release        string `json:"release"`
	Version        string `json:"version"`
	RebootRequired bool   `json:"rebootRequired"`
}

Kernel has the Release, version and whether need restart

type Library added in v0.18.1 

type Library struct {
	Name    string
	Version string
	PURL    string

	// The Path to the library in the container image. Empty string when Lockfile scan.
	// This field is used to convert the result JSON of a `trivy image` using trivy-to-vuls.
	FilePath string
	Digest   string
}

Library holds the attribute of a package library

type LibraryFixedIn added in v0.8.0 

type LibraryFixedIn struct {
	Key     string `json:"key,omitempty"`
	Name    string `json:"name,omitempty"`
	FixedIn string `json:"fixedIn,omitempty"`
	Path    string `json:"path,omitempty"`
}

LibraryFixedIn has library fixed information

type LibraryFixedIns added in v0.8.0 

type LibraryFixedIns []LibraryFixedIn

LibraryFixedIns is a list of Library's FixedIn

func (LibraryFixedIns) Names added in v0.9.5 

func (lfs LibraryFixedIns) Names() (names []string)

Names return a slice of names

type LibraryScanner added in v0.8.0 

type LibraryScanner struct {
	Type ftypes.LangType
	Libs []Library

	// The path to the Lockfile is stored.
	LockfilePath string `json:"path,omitempty"`
}

LibraryScanner has libraries information

func (LibraryScanner) GetLibraryKey added in v0.8.0 

func (s LibraryScanner) GetLibraryKey() string

GetLibraryKey returns target library key

type LibraryScanners added in v0.9.5 

type LibraryScanners []LibraryScanner

LibraryScanners is an array of LibraryScanner

func (LibraryScanners) Find added in v0.9.5 

func (lss LibraryScanners) Find(path, name string) map[string]Library

Find : find by name

func (LibraryScanners) Total added in v0.15.0 

func (lss LibraryScanners) Total() (total int)

Total returns total count of pkgs

type Metasploit added in v0.11.0 

type Metasploit struct {
	Name        string   `json:"name"`
	Title       string   `json:"title"`
	Description string   `json:"description,omitempty"`
	URLs        []string `json:",omitempty"`
}

Metasploit :

type Mitigation added in v0.14.0 

type Mitigation struct {
	CveContentType CveContentType `json:"cveContentType,omitempty"`
	Mitigation     string         `json:"mitigation,omitempty"`
	URL            string         `json:"url,omitempty"`
}

Mitigation has a link and content

type NeedRestartProcess added in v0.5.0 

type NeedRestartProcess struct {
	PID         string `json:"pid"`
	Path        string `json:"path"`
	ServiceName string `json:"serviceName"`
	InitSystem  string `json:"initSystem"`
	HasInit     bool   `json:"-"`
}

NeedRestartProcess keep a processes information affected by software update

type Package added in v0.4.0 

type Package struct {
	Name             string               `json:"name"`
	Version          string               `json:"version"`
	Release          string               `json:"release"`
	NewVersion       string               `json:"newVersion"`
	NewRelease       string               `json:"newRelease"`
	Arch             string               `json:"arch"`
	Repository       string               `json:"repository"`
	Changelog        *Changelog           `json:"changelog,omitempty"`
	AffectedProcs    []AffectedProcess    `json:",omitempty"`
	NeedRestartProcs []NeedRestartProcess `json:",omitempty"`
}

Package has installed binary packages.

func (Package) FQPN added in v0.5.0 

func (p Package) FQPN() string

FQPN returns Fully-Qualified-Package-Name name-version-release.arch

func (Package) FormatChangelog added in v0.4.0 

func (p Package) FormatChangelog() string

FormatChangelog formats the changelog

func (Package) FormatNewVer added in v0.4.0 

func (p Package) FormatNewVer() string

FormatNewVer returns package version-release

func (Package) FormatVer added in v0.4.0 

func (p Package) FormatVer() string

FormatVer returns package version-release

func (Package) FormatVersionFromTo added in v0.4.0 

func (p Package) FormatVersionFromTo(stat PackageFixStatus) string

FormatVersionFromTo formats installed and new package version

func (Package) HasReachablePort added in v0.13.6 

func (p Package) HasReachablePort() bool

HasReachablePort checks if Package.AffectedProcs has PortReachableTo

type PackageFixStatus added in v0.7.0 

type PackageFixStatus struct {
	Name        string `json:"name,omitempty"`
	NotFixedYet bool   `json:"notFixedYet,omitempty"`
	FixState    string `json:"fixState,omitempty"`
	FixedIn     string `json:"fixedIn,omitempty"`
}

PackageFixStatus has name and other status about the package

type PackageFixStatuses added in v0.7.0 

type PackageFixStatuses []PackageFixStatus

PackageFixStatuses is a list of PackageStatus

func (PackageFixStatuses) Names added in v0.7.0 

func (ps PackageFixStatuses) Names() (names []string)

Names return a slice of package names

func (PackageFixStatuses) Sort added in v0.7.0 

func (ps PackageFixStatuses) Sort()

Sort by Name asc, FixedIn desc

func (PackageFixStatuses) Store added in v0.7.0 

func (ps PackageFixStatuses) Store(pkg PackageFixStatus) PackageFixStatuses

Store insert given pkg if missing, update pkg if exists

type Packages added in v0.4.0 

type Packages map[string]Package

Packages is Map of Package { "package-name": Package }

func NewPackages added in v0.4.0 

func NewPackages(packs ...Package) Packages

NewPackages create Packages

func (Packages) FindByFQPN added in v0.5.0 

func (ps Packages) FindByFQPN(nameVerRel string) (*Package, error)

FindByFQPN search a package by Fully-Qualified-Package-Name

func (Packages) FindOne added in v0.4.0 

func (ps Packages) FindOne(f func(Package) bool) (string, Package, bool)

FindOne search a element

func (Packages) Merge added in v0.4.0 

func (ps Packages) Merge(other Packages) Packages

Merge returns merged map (immutable)

func (Packages) MergeNewVersion added in v0.4.0 

func (ps Packages) MergeNewVersion(as Packages)

MergeNewVersion merges candidate version information to the receiver struct

type Platform added in v0.1.5 

type Platform struct {
	Name       string `json:"name"` // aws or azure or gcp or other...
	InstanceID string `json:"instanceID"`
}

Platform has platform information

type PortStat added in v0.13.6 

type PortStat struct {
	BindAddress     string   `json:"bindAddress"`
	Port            string   `json:"port"`
	PortReachableTo []string `json:"portReachableTo"`
}

PortStat has the result of parsing the port information to the address and port.

func NewPortStat added in v0.13.6 

func NewPortStat(ipPort string) (*PortStat, error)

NewPortStat create a PortStat from ipPort str

type Reference added in v0.4.0 

type Reference struct {
	Link   string   `json:"link,omitempty"`
	Source string   `json:"source,omitempty"`
	RefID  string   `json:"refID,omitempty"`
	Tags   []string `json:"tags,omitempty"`
}

Reference has a related link of the CVE

type References added in v0.4.0 

type References []Reference

References is a slice of Reference

type ScanResult 

type ScanResult struct {
	JSONVersion      int               `json:"jsonVersion"`
	Lang             string            `json:"lang"`
	ServerUUID       string            `json:"serverUUID"`
	ServerName       string            `json:"serverName"` // TOML Section key
	Family           string            `json:"family"`
	Release          string            `json:"release"`
	Container        Container         `json:"container"`
	Platform         Platform          `json:"platform"`
	IPv4Addrs        []string          `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
	IPv6Addrs        []string          `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
	IPSIdentifiers   map[string]string `json:"ipsIdentifiers,omitempty"`
	ScannedAt        time.Time         `json:"scannedAt"`
	ScanMode         string            `json:"scanMode"`
	ScannedVersion   string            `json:"scannedVersion"`
	ScannedRevision  string            `json:"scannedRevision"`
	ScannedBy        string            `json:"scannedBy"`
	ScannedVia       string            `json:"scannedVia"`
	ScannedIPv4Addrs []string          `json:"scannedIpv4Addrs,omitempty"`
	ScannedIPv6Addrs []string          `json:"scannedIpv6Addrs,omitempty"`
	ReportedAt       time.Time         `json:"reportedAt"`
	ReportedVersion  string            `json:"reportedVersion"`
	ReportedRevision string            `json:"reportedRevision"`
	ReportedBy       string            `json:"reportedBy"`
	Errors           []string          `json:"errors"`
	Warnings         []string          `json:"warnings"`

	ScannedCves       VulnInfos                `json:"scannedCves"`
	RunningKernel     Kernel                   `json:"runningKernel"`
	Packages          Packages                 `json:"packages"`
	SrcPackages       SrcPackages              `json:",omitempty"`
	EnabledDnfModules []string                 `json:"enabledDnfModules,omitempty"` // for dnf modules
	WordPressPackages WordPressPackages        `json:",omitempty"`
	GitHubManifests   DependencyGraphManifests `json:"gitHubManifests,omitempty"`
	LibraryScanners   LibraryScanners          `json:"libraries,omitempty"`
	WindowsKB         *WindowsKB               `json:"windowsKB,omitempty"`
	CweDict           CweDict                  `json:"cweDict,omitempty"`
	Optional          map[string]interface{}   `json:",omitempty"`
	Config            struct {
		Scan   config.Config `json:"scan"`
		Report config.Config `json:"report"`
	} `json:"config"`
}

ScanResult has the result of scanned CVE information.

func (*ScanResult) CheckEOL added in v0.15.10 

func (r *ScanResult) CheckEOL()

CheckEOL checks the EndOfLife of the OS

func (ScanResult) ClearFields added in v0.13.4 

func (r ScanResult) ClearFields(targetTagNames []string) ScanResult

ClearFields clears a given fields of ScanResult

func (*ScanResult) FilterInactiveWordPressLibs added in v0.7.0 

func (r *ScanResult) FilterInactiveWordPressLibs(detectInactive bool)

FilterInactiveWordPressLibs is filter function.

func (ScanResult) FormatAlertSummary added in v0.6.2 

func (r ScanResult) FormatAlertSummary() string

FormatAlertSummary returns a summary of CERT alerts

func (ScanResult) FormatExploitCveSummary added in v0.6.0 

func (r ScanResult) FormatExploitCveSummary() string

FormatExploitCveSummary returns a summary of exploit cve

func (ScanResult) FormatMetasploitCveSummary added in v0.11.0 

func (r ScanResult) FormatMetasploitCveSummary() string

FormatMetasploitCveSummary returns a summary of exploit cve

func (ScanResult) FormatServerName added in v0.3.0 

func (r ScanResult) FormatServerName() (name string)

FormatServerName returns server and container name

func (ScanResult) FormatTextReportHeader added in v0.12.0 

func (r ScanResult) FormatTextReportHeader() string

FormatTextReportHeader returns header of text report

func (ScanResult) FormatUpdatablePkgsSummary added in v0.15.10 

func (r ScanResult) FormatUpdatablePkgsSummary() string

FormatUpdatablePkgsSummary returns a summary of updatable packages

func (ScanResult) IsContainer added in v0.5.0 

func (r ScanResult) IsContainer() bool

IsContainer returns whether this ServerInfo is about container

func (ScanResult) RemoveRaspbianPackFromResult added in v0.12.0 

func (r ScanResult) RemoveRaspbianPackFromResult() *ScanResult

RemoveRaspbianPackFromResult is for Raspberry Pi and removes the Raspberry Pi dedicated package from ScanResult.

func (ScanResult) ReportFileName added in v0.2.0 

func (r ScanResult) ReportFileName() (name string)

ReportFileName returns the filename on localhost without extension

func (ScanResult) ReportKeyName added in v0.2.0 

func (r ScanResult) ReportKeyName() (name string)

ReportKeyName returns the name of key on S3, Azure-Blob without extension

func (ScanResult) ServerInfo added in v0.1.4 

func (r ScanResult) ServerInfo() string

ServerInfo returns server name one line

func (ScanResult) ServerInfoTui added in v0.1.4 

func (r ScanResult) ServerInfoTui() string

ServerInfoTui returns server information for TUI sidebar

func (*ScanResult) SortForJSONOutput added in v0.15.10 

func (r *ScanResult) SortForJSONOutput()

SortForJSONOutput sort list elements in the ScanResult to diff in integration-test

type ScanResults 

type ScanResults []ScanResult

ScanResults is a slide of ScanResult

type SrcPackage added in v0.4.1 

type SrcPackage struct {
	Name        string   `json:"name"`
	Version     string   `json:"version"`
	Arch        string   `json:"arch"`
	BinaryNames []string `json:"binaryNames"`
}

SrcPackage has installed source package information. Debian based Linux has both of package and source information in dpkg. OVAL database often includes a source version (Not a binary version), so it is also needed to capture source version for OVAL version comparison. https://github.com/future-architect/vuls/issues/504

func (*SrcPackage) AddBinaryName added in v0.4.1 

func (s *SrcPackage) AddBinaryName(name string)

AddBinaryName add the name if not exists

type SrcPackages added in v0.4.1 

type SrcPackages map[string]SrcPackage

SrcPackages is Map of SrcPackage { "package-name": SrcPackage }

func (SrcPackages) FindByBinName added in v0.5.0 

func (s SrcPackages) FindByBinName(name string) (*SrcPackage, bool)

FindByBinName finds by bin-package-name

type VulnInfo added in v0.2.0 

type VulnInfo struct {
	CveID                string               `json:"cveID,omitempty"`
	Confidences          Confidences          `json:"confidences,omitempty"`
	AffectedPackages     PackageFixStatuses   `json:"affectedPackages,omitempty"`
	DistroAdvisories     DistroAdvisories     `json:"distroAdvisories,omitempty"` // for Amazon, RHEL, Fedora, FreeBSD, Microsoft
	CveContents          CveContents          `json:"cveContents,omitempty"`
	Exploits             []Exploit            `json:"exploits,omitempty"`
	Metasploits          []Metasploit         `json:"metasploits,omitempty"`
	Mitigations          []Mitigation         `json:"mitigations,omitempty"`
	Ctis                 []string             `json:"ctis,omitempty"`
	AlertDict            AlertDict            `json:"alertDict,omitempty"`
	CpeURIs              []string             `json:"cpeURIs,omitempty"` // CpeURIs related to this CVE defined in config.toml
	GitHubSecurityAlerts GitHubSecurityAlerts `json:"gitHubSecurityAlerts,omitempty"`
	WpPackageFixStats    WpPackageFixStats    `json:"wpPackageFixStats,omitempty"`
	LibraryFixedIns      LibraryFixedIns      `json:"libraryFixedIns,omitempty"`
	WindowsKBFixedIns    []string             `json:"windowsKBFixedIns,omitempty"`
	VulnType             string               `json:"vulnType,omitempty"`
	DiffStatus           DiffStatus           `json:"diffStatus,omitempty"`
}

VulnInfo has a vulnerability information and unsecure packages

func (VulnInfo) AttackVector added in v0.5.0 

func (v VulnInfo) AttackVector() string

AttackVector returns attack vector string

func (VulnInfo) CveIDDiffFormat added in v0.15.8 

func (v VulnInfo) CveIDDiffFormat() string

CveIDDiffFormat format CVE-ID for diff mode

func (VulnInfo) Cvss2Scores added in v0.4.0 

func (v VulnInfo) Cvss2Scores() (values []CveContentCvss)

Cvss2Scores returns CVSS V2 Scores

func (VulnInfo) Cvss3Scores added in v0.4.0 

func (v VulnInfo) Cvss3Scores() (values []CveContentCvss)

Cvss3Scores returns CVSS V3 Score

func (VulnInfo) FormatMaxCvssScore added in v0.4.0 

func (v VulnInfo) FormatMaxCvssScore() string

FormatMaxCvssScore returns Max CVSS Score

func (VulnInfo) MaxCvss2Score added in v0.4.0 

func (v VulnInfo) MaxCvss2Score() CveContentCvss

MaxCvss2Score returns Max CVSS V2 Score

func (VulnInfo) MaxCvss3Score added in v0.4.0 

func (v VulnInfo) MaxCvss3Score() CveContentCvss

MaxCvss3Score returns Max CVSS V3 Score

func (VulnInfo) MaxCvssScore added in v0.4.0 

func (v VulnInfo) MaxCvssScore() CveContentCvss

MaxCvssScore returns max CVSS Score If there is no CVSS Score, return Severity as a numerical value.

func (VulnInfo) PatchStatus added in v0.5.0 

func (v VulnInfo) PatchStatus(packs Packages) string

PatchStatus returns fixed or unfixed string

func (VulnInfo) Summaries added in v0.4.0 

func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr)

Summaries returns summaries

func (VulnInfo) Titles added in v0.4.0 

func (v VulnInfo) Titles(lang, myFamily string) (values []CveContentStr)

Titles returns title (TUI)

type VulnInfos added in v0.2.0 

type VulnInfos map[string]VulnInfo

VulnInfos has a map of VulnInfo Key: CveID

func (VulnInfos) CountDiff added in v0.15.8 

func (v VulnInfos) CountDiff() (nPlus int, nMinus int)

CountDiff counts the number of added/removed CVE-ID

func (VulnInfos) CountGroupBySeverity added in v0.4.0 

func (v VulnInfos) CountGroupBySeverity() map[string]int

CountGroupBySeverity summarize the number of CVEs group by CVSSv2 Severity

func (VulnInfos) FilterByConfidenceOver added in v0.15.14 

func (v VulnInfos) FilterByConfidenceOver(over int) (_ VulnInfos, nFiltered int)

FilterByConfidenceOver scored vulnerabilities

func (VulnInfos) FilterByCvssOver added in v0.15.10 

func (v VulnInfos) FilterByCvssOver(over float64) (_ VulnInfos, nFiltered int)

FilterByCvssOver return scored vulnerabilities

func (VulnInfos) FilterIgnoreCves added in v0.15.10 

func (v VulnInfos) FilterIgnoreCves(ignoreCveIDs []string) (_ VulnInfos, nFiltered int)

FilterIgnoreCves filter function.

func (VulnInfos) FilterIgnorePkgs added in v0.15.10 

func (v VulnInfos) FilterIgnorePkgs(ignorePkgsRegexps []string) (_ VulnInfos, nFiltered int)

FilterIgnorePkgs is filter function.

func (VulnInfos) FilterUnfixed added in v0.15.10 

func (v VulnInfos) FilterUnfixed(ignoreUnfixed bool) (_ VulnInfos, nFiltered int)

FilterUnfixed filter unfixed CVE-IDs

func (VulnInfos) Find added in v0.4.0 

func (v VulnInfos) Find(f func(VulnInfo) bool) VulnInfos

Find elements that matches the function passed in argument

func (VulnInfos) FindScoredVulns added in v0.4.0 

func (v VulnInfos) FindScoredVulns() (_ VulnInfos, nFiltered int)

FindScoredVulns return scored vulnerabilities

func (VulnInfos) FormatCveSummary added in v0.4.0 

func (v VulnInfos) FormatCveSummary() string

FormatCveSummary summarize the number of CVEs group by CVSSv2 Severity

func (VulnInfos) FormatFixedStatus added in v0.5.0 

func (v VulnInfos) FormatFixedStatus(packs Packages) string

FormatFixedStatus summarize the number of cves are fixed.

func (VulnInfos) ToSortedSlice added in v0.4.0 

func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo)

ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID

type WindowsKB added in v0.23.0 

type WindowsKB struct {
	Applied   []string `json:"applied,omitempty"`
	Unapplied []string `json:"unapplied,omitempty"`
}

WindowsKB has applied and unapplied KBs

type WordPressPackages added in v0.7.0 

type WordPressPackages []WpPackage

WordPressPackages has Core version, plugins and themes.

func (WordPressPackages) CoreVersion added in v0.7.0 

func (w WordPressPackages) CoreVersion() string

CoreVersion returns the core version of the installed WordPress

func (WordPressPackages) Find added in v0.7.0 

func (w WordPressPackages) Find(name string) (ps *WpPackage, found bool)

Find searches by specified name

func (WordPressPackages) Plugins added in v0.7.0 

func (w WordPressPackages) Plugins() (ps []WpPackage)

Plugins returns a slice of plugins of the installed WordPress

func (WordPressPackages) Themes added in v0.7.0 

func (w WordPressPackages) Themes() (ps []WpPackage)

Themes returns a slice of themes of the installed WordPress

type WpPackage added in v0.7.0 

type WpPackage struct {
	Name    string `json:"name,omitempty"`
	Status  string `json:"status,omitempty"` // active, inactive or must-use
	Update  string `json:"update,omitempty"` // available or none
	Version string `json:"version,omitempty"`
	Type    string `json:"type,omitempty"` // core, plugin, theme
}

WpPackage has a details of plugin and theme

type WpPackageFixStats added in v0.7.0 

type WpPackageFixStats []WpPackageFixStatus

WpPackageFixStats is a list of WpPackageFixStatus

func (WpPackageFixStats) Names added in v0.7.0 

func (ws WpPackageFixStats) Names() (names []string)

Names return a slice of names

type WpPackageFixStatus added in v0.7.0 

type WpPackageFixStatus struct {
	Name    string `json:"name,omitempty"`
	FixedIn string `json:"fixedIn,omitempty"`
}

WpPackageFixStatus is used in Vulninfo.WordPress

type WpPackages added in v0.7.0 

type WpPackages []WpPackage

WpPackages has a list of WpPackage

func (WpPackages) Add added in v0.7.0 

func (g WpPackages) Add(pkg WpPackage) WpPackages

Add adds given arg to the slice and return the slice (immutable)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.