Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(trivy): go mod update trivy v0.17.2 (#1235)

Browse Source 
* feat(trivy): go mod update trivy v0.17.2

* wg.Wait

* fix reporting

* fix test case

* add gemfile.lock of redmine to integration test

* fix(test): add Pipfile.lock

* add poetry.lock to integration test

* add composer.lock to integration test

* add integration test case
This commit is contained in:
Kota Kanbe
2021-05-12 18:27:55 +09:00
committed by GitHub
parent 47652ef0fb
commit e553f8b4c5
27 changed files with 22061 additions and 50334 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
detector/detector.go
View File

@@ -78,12 +78,10 @@ func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error) {
return nil, xerrors.Errorf("Failed to detect WordPress Cves: %w", err)
}
logging.Log.Infof("Fill CVE detailed with gost")
if err := gost.FillCVEsWithRedHat(&r, config.Conf.Gost); err != nil {
return nil, xerrors.Errorf("Failed to fill with gost: %w", err)
}
logging.Log.Infof("Fill CVE detailed with go-cve-dictionary")
if err := FillCvesWithNvdJvn(&r, config.Conf.CveDict, config.Conf.LogOpts); err != nil {
return nil, xerrors.Errorf("Failed to fill with CVE: %w", err)
}
@@ -92,13 +90,13 @@ func Detect(rs []models.ScanResult, dir string) ([]models.ScanResult, error) {
if err != nil {
return nil, xerrors.Errorf("Failed to fill with exploit: %w", err)
}
logging.Log.Infof("%s: %d exploits are detected", r.FormatServerName(), nExploitCve)
logging.Log.Infof("%s: %d PoC are detected", r.FormatServerName(), nExploitCve)
nMetasploitCve, err := FillWithMetasploit(&r, config.Conf.Metasploit)
if err != nil {
return nil, xerrors.Errorf("Failed to fill with metasploit: %w", err)
}
logging.Log.Infof("%s: %d modules are detected", r.FormatServerName(), nMetasploitCve)
logging.Log.Infof("%s: %d exploits are detected", r.FormatServerName(), nMetasploitCve)
FillCweDict(&r)
@@ -244,7 +242,7 @@ func DetectWordPressCves(r *models.ScanResult, wpCnf config.WpScanConf) error {
if len(r.WordPressPackages) == 0 {
return nil
}
logging.Log.Infof("Detect WordPress CVE. pkgs: %d ", len(r.WordPressPackages))
logging.Log.Infof("%s: Detect WordPress CVE. pkgs: %d ", r.ServerInfo(), (r.WordPressPackages))
n, err := detectWordPressCves(r, wpCnf)
if err != nil {
return xerrors.Errorf("Failed to detect WordPress CVE: %w", err)