nvd

package module

v0.0.0-...-6fc4a62 Latest Latest Go to latest Published: Jan 1, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/guilhem/go-nvd

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func LatestCVEsIDs() ([]string, error)
type CVE
- func (c *CVE) Vulnerable(vendor, product string) bool
type CVETime
- func (t CVETime) MarshalJSON() ([]byte, error)
- func (t *CVETime) UnmarshalJSON(data []byte) error
type Description
type NVDClient
- func NewNVDClient(APIKey string) (*NVDClient, error)
- func (c *NVDClient) CVEbyID(vulnID string) (*CVE, error)
type NVDResponse
type Vulnerabilities

Constants ¶

View Source

const (
	RSSFeed        = "https://nvd.nist.gov/download/nvd-rss-analyzed.xml"
	CVEURLBase     = "https://nvd.nist.gov/feeds/json/cve/1.1/"
	NVDAPIEndpoint = "https://services.nvd.nist.gov/rest/json/cves/2.0"
	PageSize       = 2000 // maximum page size with the 2.0 API is 2000

	CVEPathDefault = "cve_jsons"
)

View Source

const CVETimeFormat = "2006-01-02T15:04:05.000"

Variables ¶

This section is empty.

Functions ¶

func LatestCVEsIDs ¶

func LatestCVEsIDs() ([]string, error)

Types ¶

type CVE ¶

type CVE struct {
	ID               string        `json:"id"`
	SourceIdentifier string        `json:"sourceIdentifier"`
	Published        CVETime       `json:"published"`
	LastModified     CVETime       `json:"lastModified"`
	VulnStatus       string        `json:"vulnStatus"`
	Descriptions     []Description `json:"descriptions"`
	Metrics          struct {
		CvssMetricV2 []struct {
			Source   string `json:"source"`
			Type     string `json:"type"`
			CvssData struct {
				Version               string  `json:"version"`
				VectorString          string  `json:"vectorString"`
				AccessVector          string  `json:"accessVector"`
				AccessComplexity      string  `json:"accessComplexity"`
				Authentication        string  `json:"authentication"`
				ConfidentialityImpact string  `json:"confidentialityImpact"`
				IntegrityImpact       string  `json:"integrityImpact"`
				AvailabilityImpact    string  `json:"availabilityImpact"`
				BaseScore             float64 `json:"baseScore"`
			} `json:"cvssData"`
			BaseSeverity            string  `json:"baseSeverity"`
			ExploitabilityScore     float64 `json:"exploitabilityScore"`
			ImpactScore             float64 `json:"impactScore"`
			AcInsufInfo             bool    `json:"acInsufInfo"`
			ObtainAllPrivilege      bool    `json:"obtainAllPrivilege"`
			ObtainUserPrivilege     bool    `json:"obtainUserPrivilege"`
			ObtainOtherPrivilege    bool    `json:"obtainOtherPrivilege"`
			UserInteractionRequired bool    `json:"userInteractionRequired"`
		} `json:"cvssMetricV2"`
	} `json:"metrics"`
	Weaknesses []struct {
		Source      string `json:"source"`
		Type        string `json:"type"`
		Description []struct {
			Lang  string `json:"lang"`
			Value string `json:"value"`
		} `json:"description"`
	} `json:"weaknesses"`
	Configurations []struct {
		Nodes []struct {
			Operator string `json:"operator"`
			Negate   bool   `json:"negate"`
			CpeMatch []struct {
				Vulnerable      bool   `json:"vulnerable"`
				Criteria        string `json:"criteria"`
				MatchCriteriaID string `json:"matchCriteriaId"`
			} `json:"cpeMatch"`
		} `json:"nodes"`
	} `json:"configurations"`
	References []struct {
		URL    string `json:"url"`
		Source string `json:"source"`
	} `json:"references"`
}

func (*CVE) Vulnerable ¶

func (c *CVE) Vulnerable(vendor, product string) bool

type CVETime ¶

type CVETime time.Time

func (CVETime) MarshalJSON ¶

func (t CVETime) MarshalJSON() ([]byte, error)

func (*CVETime) UnmarshalJSON ¶

func (t *CVETime) UnmarshalJSON(data []byte) error

type Description ¶

type Description struct {
	Lang  string `json:"lang"`
	Value string `json:"value"`
}

type NVDClient ¶

type NVDClient struct {
	API *url.URL
	Key string
	// contains filtered or unexported fields
}

func NewNVDClient ¶

func NewNVDClient(APIKey string) (*NVDClient, error)

func (*NVDClient) CVEbyID ¶

func (c *NVDClient) CVEbyID(vulnID string) (*CVE, error)

Download one "page" of the CVE data using the 2.0 API Pages are offset based, this assumes the default (and maximum) page size of PageSize Maintaining the recommended 6 seconds betweens calls is left to the caller. See https://nvd.nist.gov/developers/vulnerabilities

type NVDResponse ¶

type NVDResponse struct {
	ResultsPerPage  int               `json:"resultsPerPage"`
	StartIndex      int               `json:"startIndex"`
	TotalResults    int               `json:"totalResults"`
	Format          string            `json:"format"`
	Version         string            `json:"version"`
	Timestamp       string            `json:"timestamp"`
	Vulnerabilities []Vulnerabilities `json:"vulnerabilities"`
}

type Vulnerabilities ¶

type Vulnerabilities struct {
	CVE CVE `json:"cve"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL