cve

package
v0.16.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Bucket    = release.TestBucket
	Directory = "/release/cve/"

	// Regexp to check CVE IDs
	CVEIDRegExp = `^CVE-\d{4}-\d+$`
)

Variables

This section is empty.

Functions

func ValidateID 

func ValidateID(cveID string) error

ValidateID checks if a CVE IS string is valid

Types

type CVE 

type CVE struct {
	ID            string  `json:"id"                 yaml:"id"`                 // CVE ID, eg CVE-2019-1010260
	Title         string  `json:"title"              yaml:"title"`              // Title of the vulnerability
	Description   string  `json:"description"        yaml:"description"`        // Description text of the vulnerability
	TrackingIssue string  `json:"issue"              yaml:"issue"`              // Link to the vulnerability tracking issue (url, optional)
	CVSSVector    string  `json:"vector"             yaml:"vector"`             // Full CVSS vector string, CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
	CVSSScore     float32 `json:"score"              yaml:"score"`              // Numeric CVSS score (eg 6.2)
	CVSSRating    string  `json:"rating"             yaml:"rating"`             // Severity bucket (eg Medium)
	CalcLink      string  `json:"calclink,omitempty" yaml:"calclink,omitempty"` // Link to the CVE calculator (automatic)
	LinkedPRs     []int   `json:"pullrequests"`                                 // List of linked PRs (to remove them from the release notes doc)
}

CVE Information of a linked CVE vulnerability

func (*CVE) ReadRawInterface 

func (cve *CVE) ReadRawInterface(cvedata interface{}) error

ReadRawInterface populates the CVE data struct from the raw array as returned by the YAML parser

func (*CVE) Validate 

func (cve *CVE) Validate() (err error)

Validate checks the data defined in a CVE map is complete and valid

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient() *Client

func (*Client) CheckID 

func (c *Client) CheckID(cve string) error

CheckID checks a CVE ID to verify it is well formed

func (*Client) CopyToTemp 

func (c *Client) CopyToTemp(cve string) (file *os.File, err error)

CopyToTemp copies a CVE entry into a temporary local file

func (*Client) CreateEmptyMap 

func (c *Client) CreateEmptyMap(cve string) (file *os.File, err error)

CreateEmptyMap creates a new, empty CVE data map

func (*Client) Delete 

func (c *Client) Delete(cve string) error

Delete removes a CVE entry from the security bucket location

func (*Client) EntryExists 

func (c *Client) EntryExists(cveID string) (bool, error)

List return a list iof existing CVE entries

func (*Client) Write 

func (c *Client) Write(cve, mapPath string) error

Write writes a map to the bucket

type ClientImplementation 

type ClientImplementation interface {
	CheckBucketPath(string, *ClientOptions) error
	CheckBucketWriteAccess(*ClientOptions) error
	DeleteFile(string, *ClientOptions) error
	CopyFile(string, string, *ClientOptions) error
	CheckID(string) error
	CopyToTemp(string, *ClientOptions) (*os.File, error)
	ValidateCVEMap(string, string, *ClientOptions) error
	CreateEmptyFile(string, *ClientOptions) (*os.File, error)
	EntryExists(string, *ClientOptions) (bool, error)
}

type ClientOptions 

type ClientOptions struct {
	Bucket    string
	Directory string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.