Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

breaking-change(cpescan): Improve Cpe scan (#1290)

Browse Source 
* chore(cpescan): enable to pass useJvn to detector.DetectCpeURIsCves()

* review comment

* chore: go mod update go-cve

* feat(cpescan): set JvnVendorProductMatch to confidence If detected by JVN

* add NvdExactVersionMatch andd NvdRoughVersionMatch

* add confidence-over option to report

* sort CveContetens

* fix integration-test
This commit is contained in:
Kota Kanbe
2021-09-07 16:18:59 +09:00
committed by GitHub
parent b9416ae062
commit 3e67f04fe4
24 changed files with 766 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
subcmds/discover.go
View File

@@ -211,6 +211,7 @@ host = "{{$ip}}"
#containerType = "docker" #or "lxd" or "lxc" default: docker
#containersIncluded = ["${running}"]
#containersExcluded = ["container_name_a"]
#confidenceScoreOver = 80
#[servers.{{index $names $i}}.containers.container_name_a]
#cpeNames = [ "cpe:/a:rubyonrails:ruby_on_rails:4.2.1" ]

4
subcmds/report.go
View File

@@ -60,6 +60,7 @@ func (*ReportCmd) Usage() string {
[-log-dir=/path/to/log]
[-refresh-cve]
[-cvss-over=7]
[-confidence-over=80]
[-diff]
[-diff-minus]
[-diff-plus]
@@ -118,6 +119,9 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
f.Float64Var(&config.Conf.CvssScoreOver, "cvss-over", 0,
"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")
f.IntVar(&config.Conf.ConfidenceScoreOver, "confidence-over", 80,
"-confidence-over=40 means reporting Confidence Score 40 and over (default: 80)")
f.BoolVar(&config.Conf.DiffMinus, "diff-minus", false,
"Minus Difference between previous result and current result")

4
subcmds/server.go
View File

@@ -39,6 +39,7 @@ func (*ServerCmd) Usage() string {
[-log-to-file]
[-log-dir=/path/to/log]
[-cvss-over=7]
[-confidence-over=80]
[-ignore-unscored-cves]
[-ignore-unfixed]
[-to-localfile]
@@ -71,6 +72,9 @@ func (p *ServerCmd) SetFlags(f *flag.FlagSet) {
f.Float64Var(&config.Conf.CvssScoreOver, "cvss-over", 0,
"-cvss-over=6.5 means Servering CVSS Score 6.5 and over (default: 0 (means Server all))")
f.IntVar(&config.Conf.ConfidenceScoreOver, "confidence-over", 80,
"-confidence-over=40 means reporting Confidence Score 40 and over (default: 80)")
f.BoolVar(&config.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
"Don't Server the unscored CVEs")

4
subcmds/tui.go
View File

@@ -37,6 +37,7 @@ func (*TuiCmd) Usage() string {
[-refresh-cve]
[-config=/path/to/config.toml]
[-cvss-over=7]
[-confidence-over=80]
[-diff]
[-diff-minus]
[-diff-plus]
@@ -80,6 +81,9 @@ func (p *TuiCmd) SetFlags(f *flag.FlagSet) {
f.Float64Var(&config.Conf.CvssScoreOver, "cvss-over", 0,
"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")
f.IntVar(&config.Conf.ConfidenceScoreOver, "confidence-over", 80,
"-confidence-over=40 means reporting Confidence Score 40 and over (default: 80)")
f.BoolVar(&config.Conf.Diff, "diff", false,
"Plus Difference between previous result and current result")