go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers-sdk/v1/upstream/mvd/mvd.proto (about) 1 // Copyright (c) Mondoo, Inc. 2 // SPDX-License-Identifier: BUSL-1.1 3 4 syntax = "proto3"; 5 6 import "cvss/cvss.proto"; 7 8 package mondoo.mvd.v1; 9 option go_package = "go.mondoo.com/cnquery/providers-sdk/v1/upstream/mvde/mvd"; 10 11 message Platform { 12 string name = 1; 13 string release = 2; 14 string arch = 3; 15 string title = 4; 16 string build = 6; 17 map<string, string> labels = 22; 18 } 19 20 message Package { 21 string ID = 6; 22 string name = 1; 23 string version = 2; 24 string arch = 5; 25 26 string description = 20; 27 string format = 23; 28 string origin = 24; 29 string available = 22; 30 string status = 21; 31 string namespace = 25; 32 int32 score = 26; 33 bool affected = 27; 34 } 35 36 service AdvisoryScanner { 37 rpc AnalyseAsset(AnalyseAssetRequest) returns (VulnReport); 38 rpc IsEol(Platform) returns (PlatformEolInfo); 39 } 40 41 message AnalyseAssetRequest { 42 Platform platform = 1; 43 repeated Package packages = 2; 44 string kernelVersion = 3; 45 } 46 47 message VulnReport { 48 Platform platform = 1; 49 repeated Package packages = 2; 50 repeated Advisory advisories = 3; 51 ReportStats stats = 4; 52 string published = 5; 53 } 54 55 message Advisory { 56 reserved 21; 57 58 string ID = 1; 59 string Mrn = 2; 60 string title = 3; 61 string description = 4; 62 63 repeated Package fixed = 5; 64 repeated Package affected = 6; 65 repeated Reference refs = 7; 66 repeated CVE cves = 20; 67 repeated FixedPlatform fixedPlatforms = 30; 68 69 int32 score = 25; 70 mondoo.mvd.cvss.v1.Cvss worstScore = 31; 71 float vendorscore = 26; 72 73 AdvisoryState state = 27; 74 75 string published = 23; 76 string modified = 24; 77 78 repeated string supersedence = 28; 79 bool unscored = 29; 80 } 81 82 enum AdvisoryState { 83 RELEASED = 0; 84 PENDING = 1; 85 IGNORED = 2; 86 NOT_AFFECTED = 3; 87 } 88 89 message Reference { 90 string ID = 1; 91 string url = 2; 92 string source = 3; 93 string title = 4; 94 } 95 96 message FixedPlatform { 97 string ID = 6; 98 string name = 1; 99 string release = 2; 100 string arch = 3; 101 string namespace = 4; 102 string build = 5; 103 string patchName = 7; 104 } 105 106 message ReportStats { 107 int32 score = 1; 108 bool affected = 2; 109 bool unscored = 3; 110 ReportStatsAdvisories advisories = 16; 111 ReportStatsCves cves = 17; 112 ReportStatsPackages packages = 18; 113 ReportStatsExploits exploits = 19; 114 } 115 116 message ReportStatsAdvisories { 117 int32 total = 1; 118 int32 critical = 2; 119 int32 high = 3; 120 int32 medium = 4; 121 int32 low = 5; 122 int32 none = 6; 123 int32 unknown = 7; 124 } 125 126 message ReportStatsCves { 127 int32 total = 1; 128 int32 critical = 2; 129 int32 high = 3; 130 int32 medium = 4; 131 int32 low = 5; 132 int32 none = 6; 133 int32 unknown = 7; 134 } 135 136 message ReportStatsPackages { 137 int32 total = 1; 138 int32 affected = 2; 139 int32 critical = 3; 140 int32 high = 4; 141 int32 medium = 5; 142 int32 low = 6; 143 int32 none = 7; 144 int32 unknown = 8; 145 } 146 147 message ReportStatsExploits { 148 int32 total = 1; 149 } 150 151 message CVE { 152 string ID = 1; 153 string Mrn = 2; 154 string summary = 3; 155 156 float score = 4; 157 mondoo.mvd.cvss.v1.Cvss worstScore = 7; 158 159 bool unscored = 6; 160 CveState state = 5; 161 162 repeated mondoo.mvd.cvss.v1.Cvss cvss = 20; 163 164 string cwe = 21; 165 string published = 22; 166 string modified = 23; 167 string url = 24; 168 } 169 170 enum CveState { 171 PUBLIC = 0; 172 INVALID = 1; 173 RESERVED = 2; 174 REPLACED_BY = 4; 175 SPLIT_FROM = 5; 176 MERGED_TO = 6; 177 REJECTED = 7; 178 } 179 180 message PlatformEolInfo { 181 Platform platform = 1; 182 string DocsUrl = 2; 183 string ProductUrl = 3; 184 string ReleaseDate = 4; 185 string EolDate = 5; 186 }