feat(cpescan): Use JVN as a second DB for CPE scan (#1268)
* feat(cpescan): Use JVN as a second DB for CPE scan * feat(tui): display score of detectionmethod * update go.mod
This commit is contained in:
Kota Kanbe
@@ -808,8 +808,11 @@ func (c Confidence) String() string {
|
||||
type DetectionMethod string
|
||||
|
||||
const (
|
||||
// CpeNameMatchStr is a String representation of CpeNameMatch
|
||||
CpeNameMatchStr = "CpeNameMatch"
|
||||
// CpeVersionMatchStr is a String representation of CpeNameMatch
|
||||
CpeVersionMatchStr = "CpeVersionMatch"
|
||||
|
||||
// CpeVendorProductMatchStr is a String representation of CpeNameMatch
|
||||
CpeVendorProductMatchStr = "CpeVendorProductMatch"
|
||||
|
||||
// YumUpdateSecurityMatchStr is a String representation of YumUpdateSecurityMatch
|
||||
YumUpdateSecurityMatchStr = "YumUpdateSecurityMatch"
|
||||
@@ -852,8 +855,8 @@ const (
|
||||
)
|
||||
|
||||
var (
|
||||
// CpeNameMatch is a ranking how confident the CVE-ID was detected correctly
|
||||
CpeNameMatch = Confidence{100, CpeNameMatchStr, 1}
|
||||
// CpeVersionMatch is a ranking how confident the CVE-ID was detected correctly
|
||||
CpeVersionMatch = Confidence{100, CpeVersionMatchStr, 1}
|
||||
|
||||
// YumUpdateSecurityMatch is a ranking how confident the CVE-ID was detected correctly
|
||||
YumUpdateSecurityMatch = Confidence{100, YumUpdateSecurityMatchStr, 2}
|
||||
@@ -887,4 +890,7 @@ var (
|
||||
|
||||
// WpScanMatch is a ranking how confident the CVE-ID was detected correctly
|
||||
WpScanMatch = Confidence{100, WpScanMatchStr, 0}
|
||||
|
||||
// CpeVendorProductMatch is a ranking how confident the CVE-ID was detected correctly
|
||||
CpeVendorProductMatch = Confidence{10, CpeVendorProductMatchStr, 9}
|
||||
)
|
||||
|
||||
@@ -1037,20 +1037,20 @@ func TestAppendIfMissing(t *testing.T) {
|
||||
}{
|
||||
{
|
||||
in: Confidences{
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
},
|
||||
arg: CpeNameMatch,
|
||||
arg: CpeVersionMatch,
|
||||
out: Confidences{
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
},
|
||||
},
|
||||
{
|
||||
in: Confidences{
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
},
|
||||
arg: ChangelogExactMatch,
|
||||
out: Confidences{
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
ChangelogExactMatch,
|
||||
},
|
||||
},
|
||||
@@ -1071,21 +1071,21 @@ func TestSortByConfident(t *testing.T) {
|
||||
{
|
||||
in: Confidences{
|
||||
OvalMatch,
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
},
|
||||
out: Confidences{
|
||||
OvalMatch,
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
},
|
||||
},
|
||||
{
|
||||
in: Confidences{
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
OvalMatch,
|
||||
},
|
||||
out: Confidences{
|
||||
OvalMatch,
|
||||
CpeNameMatch,
|
||||
CpeVersionMatch,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user