Stage/vuls - vuls - Gitea: Git with a cup of tea

Stage/vuls

Author	SHA1	Message	Date
Kota Kanbe	6bceddeeda	chore: update goval-dictionary (#1323 ) * chore: update goval-dictionary * fix errs	2021-10-20 11:10:33 +09:00
Kota Kanbe	8659668177	fix(cpescan): bug in NvdVendorProductMatch (#1320 ) * fix(cpescan): bug in NvdVendorProductMatch * update go mod	2021-10-13 12:55:01 +09:00
Kota Kanbe	aac5ef1438	feat: update-trivy (#1316 ) * feat: update-trivy * add v2 parser * implement v2 * refactor * feat: add show version to future-vuls * add test case for v2 * trivy v0.20.0 * support --list-all-pkgs * fix lint err * add test case for jar * add a test case for gemspec in container * remove v1 parser and change Library struct * Changed the field name in the model struct LibraryScanner * add comment * fix comment * fix comment * chore * add struct tag	2021-10-08 17:22:06 +09:00
Kota Kanbe	9ef8cee36e	refactor(exploitdb): use pipeline effectively (#1314 ) https://github.com/vulsio/go-exploitdb/pull/64	2021-10-01 09:10:49 +09:00
Kota Kanbe	77808a2c05	feat(go-cve): add error handling (#1313 )	2021-09-30 12:42:43 +09:00
MaineK00n	177e553d12	feat(go-exploitdb): add error handling (#1310 ) * feat(go-exploitdb): add error handling * chore: rename * go get -u go-exploitdb Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-09-30 11:33:18 +09:00
MaineK00n	40f8272a28	feat(go-msfdb): add error handling and support http mode (#1308 ) * feat(go-msfdb): add error handling * feat(go-msfdb): support http mode * go get -u go-msfdb Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-09-30 11:16:41 +09:00
MaineK00n	a7eb1141ae	feat(gost): add error handling (#1311 ) * feat(gost): add error handling * go get -u gost Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-09-30 10:51:41 +09:00
Kota Kanbe	f047a6fe0c	breaking-change: Update vuls-dictionaries (#1307 ) * chore: udpate dictionaries * update gost * chore: update gost * chore(go-cve-dict): use v0.8.1 * chore: change linter from golint to revive * chore(linter): set revive config * chore: fix commands and update golangci-lint version * fix: lint errs * chore: update gost Co-authored-by: MaineK00n <mainek00n.1229@gmail.com>	2021-09-21 05:10:29 +09:00
MaineK00n	7f15a86d6a	chore: change repository owner (#1306 )	2021-09-16 11:05:37 +09:00
Kota Kanbe	da1e515253	breaking-change(goval): change-redis-architecture (#1305 ) https://github.com/kotakanbe/goval-dictionary/pull/145	2021-09-15 08:25:14 +09:00
MaineK00n	591786fde6	feat(oval): support new goval-dictionary model (#1280 ) * feat(oval): support new goval-dictionary model * chore: fix lint err * chore: set len of slice to 0 * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * feat(report): do not add duplicate CveContent * chore: goval-dictionary update * chore: go mod tidy * fix(oval): preload Advisory.Cves for Ubuntu https://github.com/kotakanbe/goval-dictionary/pull/152 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>	2021-09-13 10:19:59 +09:00
Kota Kanbe	4a72295de7	feat(saas): support for library-only scanning (#1300 )	2021-09-10 15:38:35 +09:00
Kota Kanbe	3e67f04fe4	breaking-change(cpescan): Improve Cpe scan (#1290 ) * chore(cpescan): enable to pass useJvn to detector.DetectCpeURIsCves() * review comment * chore: go mod update go-cve * feat(cpescan): set JvnVendorProductMatch to confidence If detected by JVN * add NvdExactVersionMatch andd NvdRoughVersionMatch * add confidence-over option to report * sort CveContetens * fix integration-test	2021-09-07 16:18:59 +09:00
Kota Kanbe	b9416ae062	fix(report): too many SQL variables (#1296 ) * fix(report): too many SQL variables https://github.com/kotakanbe/go-cve-dictionary/pull/210 * fix lint err	2021-09-01 10:42:19 +09:00
Kota Kanbe	1003f62212	chore: update go-cve-dictionary (#1292 )	2021-08-26 13:45:40 +09:00
Kota Kanbe	9b18e1f9f0	breaking-change(go-exploitdb): support new go-exploitdb (#1288 )	2021-08-20 08:00:57 +09:00
Kota Kanbe	24f790f474	feat(go-cve): update go-cve-dictionary (#1287 ) diff: `a31a3152c1...5043255`	2021-08-19 05:34:03 +09:00
MaineK00n	fb8749fc5e	fix(cpescan): fix confidence in cpe uri scan (#1286 ) * fix(cpescan): fix confidence in cpe uri scan * feat(cpe): add NA case * chore: use HasNvd, HasJvn instead of len * chore: go-cve-dictionary update	2021-08-19 04:59:09 +09:00
MaineK00n	96c3592db1	breaking-change(go-cve-dict): support new go-cve-dictionary (#1277 ) * feat(model): change CveContents(map[string]CveContent) to map[string][]CveContent * fix(cpescan): use CveIDSource * chore: check Nvd, Jvn data * chore: go-cve-dictionary update * chore: add to cveDetails as is, since CveID is embedded in the response	2021-08-13 18:00:55 +09:00
Kota Kanbe	d65421cf46	fix(cpescan): JVN scan False-Negative on RDB-backend (#1283 ) https://github.com/kotakanbe/go-cve-dictionary/pull/199	2021-08-13 09:58:04 +09:00
MaineK00n	f24240bf90	feat(library): update trivy v0.19.2 (#1278 )	2021-08-02 05:40:57 +09:00
Kota Kanbe	5f4d68cde4	feat(go-msf): update deps (#1275 ) https://github.com/takuzoo3868/go-msfdb/pull/22	2021-07-21 09:13:34 +09:00
Kota Kanbe	543dc99ecd	fix(cpescan): CpeVendorProductMatch not set when Redis Backend (#1273 ) * fix(cpescan): CpeVendorProductMatch not set when Redis Backend * fix(integration): deprecated CPE URI * fix(integration-test): add a test case for CpeVendorProductMatch * fix review * update deps go-cve-dict v0.6.2	2021-07-19 08:43:58 +09:00
Kota Kanbe	f0b3a8b1db	feat(cpescan): Use JVN as a second DB for CPE scan (#1268 ) * feat(cpescan): Use JVN as a second DB for CPE scan * feat(tui): display score of detectionmethod * update go.mod	2021-07-08 12:39:46 +09:00
Norihiro NAKAOKA	0b9ec05181	Support scanning Ubuntu using Gost (#1243 ) * chore: add vuls binary in gitignore * feat(gost): support ubuntu * chore(debian): fix typo * feat(ubuntu): more detail on CveContent * chore: update .gitignore * chore: update gost deps * feat(ubuntu): add test in gost/ubuntu * chore: fix typo * Revert "chore: fix typo" This reverts commit `9f2f1db233`. * docs: update README	2021-07-08 08:31:46 +09:00
Kota Kanbe	23dfe53885	chore: update go-exploitdb (#1262 )	2021-06-28 08:29:16 +09:00
Norihiro NAKAOKA	8e6351a9e4	feat(oval): goval-dictionary update (#1259 ) * feat(oval): err check for GetLastModified * feat(oval): goval-dictionary update	2021-06-25 14:08:50 +09:00
Kota Kanbe	d0559c7719	chore: update gost deps (#1253 )	2021-06-16 18:45:48 +09:00
Kota Kanbe	2a9aebe059	fix(report): improve cpe match logic (#1251 ) * fix(report): improve cpe match logic https://github.com/kotakanbe/go-cve-dictionary/pull/189 * fix vet error	2021-06-11 14:39:41 +09:00
Kota Kanbe	e8e3f4d138	feat(lib): support of Go (go.sum) scan (#1244 ) * chore: update trivy deps * fix(test): fix sort order in json * parse go.sum in scanning * feat(lib): support go.sum	2021-06-03 11:31:37 +09:00
Norihiro NAKAOKA	7eb77f5b51	feat(scan): support external port scanner(nmap) in host machine (#1207 ) * feat(scan): load portscan settings from config.toml * feat(scan): support external port scanner:nmap * style: rename variable * feat(scan): logging apply options * feat(scan): remove spoof ip address option * feat(scan): more validate port scan config * style: change comment * fix: parse port number as uint16 * feat(discover): add portscan section * feat(discover): change default scanTechniques * feat(docker): add nmap and version update * feat(scan): nmap module upgrade * fix: wrap err using %w * feat(scan): print cmd using external port scanner * feat(scan): more details external port scan command * feat(scan): add capability check in validation * fix(scanner): format error * chore: change format	2021-05-26 09:35:28 +09:00
Kota Kanbe	e553f8b4c5	feat(trivy): go mod update trivy v0.17.2 (#1235 ) * feat(trivy): go mod update trivy v0.17.2 * wg.Wait * fix reporting * fix test case * add gemfile.lock of redmine to integration test * fix(test): add Pipfile.lock * add poetry.lock to integration test * add composer.lock to integration test * add integration test case	2021-05-12 18:27:55 +09:00
Kota Kanbe	ab0e950800	fix(oracle): extracting only advisory ID from OVAL.title (#1232 )	2021-04-29 12:54:36 +09:00
Kota Kanbe	2d369d0cfe	Fix false positive for Oracle Linux (#1227 ) * fix(oracle): false-positive(handle arch of pkgs) * fix(oracle): false positive kernel-related CVEs * add a test case for ksplice1 * fix(scan): handle uek kernel for Oracle linux * fix(scan): hanlde uek kernel for reboot required * fix(oracle): false-positive for redis-backend	2021-04-27 20:38:45 +09:00
Kota Kanbe	740781af56	feat(logging): add -log-to-file and don't output to file by default (#1209 ) * feat(logging): add -log-to-file and don't output to file by default * update go-cve-dict * fix lint err	2021-04-05 17:41:07 +09:00
Kota Kanbe	9bfe0627ae	refactor: don't use global Config in private func (#1197 ) * refactor: cve_client.go * refactor: don't use global Config in private func * remove import alias for config * refactor: dbclient * refactor: resultDir * refactor: resultsDir * refactor * refactor: gost * refactor: db client * refactor: cveDB * refactor: cvedb * refactor: exploitDB * refactor: remove detector/dbclient.go * refactor: writer * refactor: syslog writer * refactor: ips * refactor: ensureResultDir * refactor: proxy * fix(db): call CloseDB * add integration test * feat(report): sort array in json * sort func for json diff * add build-int to makefile * add int-rds-redis to makefile * fix: test case, makefile * fix makefile * show cve count after diff * make diff * diff -c * sort exploits in json for diff * sort metasploit, exploit	2021-04-01 13:36:24 +09:00
Kota Kanbe	56017e57a0	feat(trivy): update trivy (#1196 )	2021-03-12 09:31:48 +09:00
segatomo	2d075079f1	fix(log): remove log output of opening and migrating db (#1191 ) * fix(log): remove log output of opening and migrating db * fix(log): remove log output of opening and migrating db	2021-03-05 16:16:10 +09:00
Kota Kanbe	1d0c5dea9f	fix(ubuntu): Fix deferred packages not showing as affected (#1187 ) * fix(ubuntu): Fix deferred packages not showing as affected https://github.com/kotakanbe/goval-dictionary/pull/122 * chore: Go version up	2021-03-02 07:50:35 +09:00
Kota Kanbe	51099f42c3	fix(tui): runtime panic when tui with docker-base-setup (#1148 ) * fix(tui): runtime panic when tui with docker-base-setup * pass test case	2021-01-26 09:40:26 +09:00
Kota Kanbe	1100c133ba	feat(config): Default values for WordPress scanning to be set in config.toml (#1140 ) * chore: update go mod * fix(wordpress): set default if defined in config.toml	2021-01-21 06:22:25 +09:00
Kota Kanbe	554b6345a2	chore: go mod update (#1127 )	2021-01-14 08:12:47 +09:00
Kota Kanbe	b5506a1368	chore: go mod update (#1125 )	2021-01-13 11:56:35 +09:00
Kota Kanbe	0b55f94828	Improve implementation around config (#1122 ) * refactor config * fix saas config * feat(config): scanmodule for each server in config.toml * feat(config): enable to specify containersOnly in config.toml * add new keys of config.toml to discover.go * fix summary output, logging	2021-01-13 08:46:27 +09:00
Kota Kanbe	d7a613b710	chore: go mod update (#1118 )	2021-01-07 08:02:29 +09:00
Kota Kanbe	b13f93a2d3	feat(scan): support dnf modules (#1114 ) * feat(scan): support dnf modules * change dnf module list --installed to --enabled * chore: refactor * feat(report): detect logic for dnf modularity label * fix func name * chore: update go mods	2021-01-06 11:36:41 +09:00
Kota Kanbe	fb1fbf8f95	feat(report): Add NVD as a source for mitigations, primarySrc URL and Patch URL (#1097 ) * feat(report): Add NVD as a src for mitigations. * feat(report): display "Vendor Advisory" URL in NVD * feat(report): display patch urls in report, tui	2020-12-24 08:37:10 +09:00
Kota Kanbe	43ed904db1	fix(deps): update dependencies (#1094 ) * fix(dpes): update dependencies * update go ver * update go ver * update go * update go	2020-12-15 04:32:23 +09:00
sadayuki-matsuno	9497365758	update pkg (#1087 )	2020-12-04 15:57:02 +09:00

1 2 3 4 5

231 Commits