zotregistry.dev/zot@v1.4.4-0.20240314164342-eec277e14d20/pkg/extensions/search/cve/model/models.go (about)

     1  package model
     2  
     3  import (
     4  	"strings"
     5  	"time"
     6  
     7  	godigest "github.com/opencontainers/go-digest"
     8  	"golang.org/x/exp/slices"
     9  )
    10  
    11  type ImageCVESummary struct {
    12  	Count         int
    13  	UnknownCount  int
    14  	LowCount      int
    15  	MediumCount   int
    16  	HighCount     int
    17  	CriticalCount int
    18  	MaxSeverity   string
    19  }
    20  
    21  //nolint:tagliatelle // graphQL schema
    22  type CVE struct {
    23  	ID          string    `json:"Id"`
    24  	Description string    `json:"Description"`
    25  	Severity    string    `json:"Severity"`
    26  	Title       string    `json:"Title"`
    27  	Reference   string    `json:"Reference"`
    28  	PackageList []Package `json:"PackageList"`
    29  }
    30  
    31  func (cve *CVE) ContainsStr(str string) bool {
    32  	str = strings.ToUpper(str)
    33  
    34  	return strings.Contains(strings.ToUpper(cve.Title), str) ||
    35  		strings.Contains(strings.ToUpper(cve.ID), str) ||
    36  		strings.Contains(strings.ToUpper(cve.Severity), str) ||
    37  		strings.Contains(strings.ToUpper(cve.Reference), str) ||
    38  		strings.Contains(strings.ToUpper(cve.Description), str) ||
    39  		slices.ContainsFunc(cve.PackageList, func(pack Package) bool {
    40  			return strings.Contains(strings.ToUpper(pack.Name), str) ||
    41  				strings.Contains(strings.ToUpper(pack.FixedVersion), str) ||
    42  				strings.Contains(strings.ToUpper(pack.InstalledVersion), str) ||
    43  				strings.Contains(strings.ToUpper(pack.PackagePath), str)
    44  		})
    45  }
    46  
    47  //nolint:tagliatelle // graphQL schema
    48  type Package struct {
    49  	Name             string `json:"Name"`
    50  	PackagePath      string `json:"PackagePath"`
    51  	InstalledVersion string `json:"InstalledVersion"`
    52  	FixedVersion     string `json:"FixedVersion"`
    53  }
    54  
    55  const (
    56  	unScanned = iota
    57  	none
    58  	unknown
    59  	low
    60  	medium
    61  	high
    62  	critical
    63  )
    64  
    65  // Values from https://www.first.org/cvss/v3.0/specification-document
    66  const (
    67  	SeverityNotScanned = ""         // scanning was not done or was not complete
    68  	SeverityNone       = "NONE"     // no vulnerabilities were detected at all
    69  	SeverityUnknown    = "UNKNOWN"  // coresponds to CVSS 3 score NONE
    70  	SeverityLow        = "LOW"      // coresponds to CVSS 3 score LOW
    71  	SeverityMedium     = "MEDIUM"   // coresponds to CVSS 3 score MEDIUM
    72  	SeverityHigh       = "HIGH"     // coresponds to CVSS 3 score HIGH
    73  	SeverityCritical   = "CRITICAL" // coresponds to CVSS 3 score CRITICAL
    74  )
    75  
    76  func severityInt(severity string) int {
    77  	sevMap := map[string]int{
    78  		SeverityNotScanned: unScanned,
    79  		SeverityNone:       none,
    80  		SeverityUnknown:    unknown,
    81  		SeverityLow:        low,
    82  		SeverityMedium:     medium,
    83  		SeverityHigh:       high,
    84  		SeverityCritical:   critical,
    85  	}
    86  
    87  	severityInt, ok := sevMap[severity]
    88  
    89  	if !ok {
    90  		// In the unlikely case the key is not in the map we
    91  		// return the unknown severity level
    92  		return unknown
    93  	}
    94  
    95  	return severityInt
    96  }
    97  
    98  func CompareSeverities(sev1, sev2 string) int {
    99  	return severityInt(sev2) - severityInt(sev1)
   100  }
   101  
   102  type Descriptor struct {
   103  	Digest    godigest.Digest
   104  	MediaType string
   105  }
   106  
   107  type DescriptorInfo struct {
   108  	Descriptor
   109  
   110  	Timestamp time.Time
   111  }
   112  
   113  type TagInfo struct {
   114  	Tag        string
   115  	Descriptor Descriptor
   116  	Manifests  []DescriptorInfo
   117  	Timestamp  time.Time
   118  }