/
nvd_types.go
106 lines (102 loc) · 4.14 KB
/
nvd_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package vulndb
import "github.com/l3montree-dev/flawfix/internal/utils"
type nvdCpeMatch struct {
Vulnerable bool `json:"vulnerable"`
Criteria string `json:"criteria"`
VersionEndIncluding string `json:"versionEndExcluding"`
VersionStartIncluding string `json:"versionStartIncluding"`
MatchCriteriaID string `json:"matchCriteriaId"`
}
type nvdCVE struct {
ID string `json:"id"`
SourceIdentifier string `json:"sourceIdentifier"`
Published string `json:"published"`
LastModified string `json:"lastModified"`
VulnStatus string `json:"vulnStatus"`
Descriptions []struct {
Lang string `json:"lang"`
Value string `json:"value"`
} `json:"descriptions"`
CISAExploitAdd *utils.Date `json:"cisaExploitAdd"`
CISAActionDue *utils.Date `json:"cisaActionDue"`
CISARequiredAction string `json:"cisaRequiredAction"`
CISAVulnerabilityName string `json:"cisaVulnerabilityName"`
Metrics struct {
CvssMetricV31 []struct {
Source string `json:"source"`
Type string `json:"type"`
CvssData struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AttackVector string `json:"attackVector"`
AttackComplexity string `json:"attackComplexity"`
PrivilegesRequired string `json:"privilegesRequired"`
UserInteraction string `json:"userInteraction"`
Scope string `json:"scope"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
BaseSeverity string `json:"baseSeverity"`
} `json:"cvssData"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
} `json:"cvssMetricV31"`
CvssMetricV2 []struct {
Source string `json:"source"`
Type string `json:"type"`
CvssData struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AccessVector string `json:"accessVector"`
AccessComplexity string `json:"accessComplexity"`
Authentication string `json:"authentication"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
} `json:"cvssData"`
BaseSeverity string `json:"baseSeverity"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
AcInsufInfo bool `json:"acInsufInfo"`
ObtainAllPrivilege bool `json:"obtainAllPrivilege"`
ObtainUserPrivilege bool `json:"obtainUserPrivilege"`
ObtainOtherPrivilege bool `json:"obtainOtherPrivilege"`
UserInteractionRequired bool `json:"userInteractionRequired"`
} `json:"cvssMetricV2"`
} `json:"metrics"`
Weaknesses []struct {
Source string `json:"source"`
Type string `json:"type"`
Description []struct {
Lang string `json:"lang"`
Value string `json:"value"`
} `json:"description"`
} `json:"weaknesses"`
Configurations []struct {
Nodes []struct {
Operator string `json:"operator"`
Negate bool `json:"negate"`
CpeMatch []nvdCpeMatch `json:"cpeMatch"`
} `json:"nodes"`
} `json:"configurations"`
References []struct {
URL string `json:"url"`
Source string `json:"source"`
Tags []string `json:"tags"`
} `json:"references"`
}
// this is the response from the NIST API
// https://services.nvd.nist.gov/rest/json/cves/2.0
type nistResponse struct {
ResultsPerPage int `json:"resultsPerPage"`
StartIndex int `json:"startIndex"`
TotalResults int `json:"totalResults"`
Format string `json:"format"`
Version string `json:"version"`
Timestamp string `json:"timestamp"`
Vulnerabilities []struct {
Cve nvdCVE `json:"cve"`
} `json:"vulnerabilities"`
}