github.com/quay/claircore@v1.5.28/vulnerability.go (about)

     1  package claircore
     2  
     3  import (
     4  	"context"
     5  	"time"
     6  )
     7  
     8  type Vulnerability struct {
     9  	// unique ID of this vulnerability. this will be created as discovered by the library
    10  	// and used for persistence and hash map indexes
    11  	ID string `json:"id"`
    12  	// the updater that discovered this vulnerability
    13  	Updater string `json:"updater"`
    14  	// the name of the vulnerability. for example if the vulnerability exists in a CVE database this
    15  	// would the unique CVE name such as CVE-2017-11722
    16  	Name string `json:"name"`
    17  	// the description of the vulnerability
    18  	Description string `json:"description"`
    19  	// the timestamp when vulnerability was issued
    20  	Issued time.Time `json:"issued"`
    21  	// any links to more details about the vulnerability
    22  	Links string `json:"links"`
    23  	// the severity string retrieved from the security database
    24  	Severity string `json:"severity"`
    25  	// a normalized Severity type providing client guaranteed severity information
    26  	NormalizedSeverity Severity `json:"normalized_severity"`
    27  	// the package information associated with the vulnerability. ideally these fields can be matched
    28  	// to packages discovered by libindex PackageScanner structs.
    29  	Package *Package `json:"package"`
    30  	// the distribution information associated with the vulnerability.
    31  	Dist *Distribution `json:"distribution,omitempty"`
    32  	// the repository information associated with the vulnerability
    33  	Repo *Repository `json:"repository,omitempty"`
    34  	// a string specifying the package version the fix was released in
    35  	FixedInVersion string `json:"fixed_in_version"`
    36  	// Range describes the range of versions that are vulnerable.
    37  	Range *Range `json:"range,omitempty"`
    38  	// ArchOperation indicates how the affected Package's "arch" should be
    39  	// compared.
    40  	ArchOperation ArchOp `json:"arch_op,omitempty"`
    41  }
    42  
    43  // CheckVulnernableFunc takes a vulnerability and an indexRecord and checks if the record is
    44  // vulnerable to the vulnerability, it is by the Querier.AffectedManifests method and allows
    45  // a backdoor to introduce application filtering logic into the DB layer.
    46  type CheckVulnernableFunc func(ctx context.Context, record *IndexRecord, vuln *Vulnerability) (bool, error)