zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/pkg/extensions/search/cve/model/models.go

zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/pkg/extensions/search/cve/model/models.go (about)

     1  package model
     2  
     3  import (
     4  	"time"
     5  
     6  	godigest "github.com/opencontainers/go-digest"
     7  )
     8  
     9  type ImageCVESummary struct {
    10  	Count       int
    11  	MaxSeverity string
    12  }
    13  
    14  //nolint:tagliatelle // graphQL schema
    15  type CVE struct {
    16  	ID          string    `json:"Id"`
    17  	Description string    `json:"Description"`
    18  	Severity    string    `json:"Severity"`
    19  	Title       string    `json:"Title"`
    20  	PackageList []Package `json:"PackageList"`
    21  }
    22  
    23  //nolint:tagliatelle // graphQL schema
    24  type Package struct {
    25  	Name             string `json:"Name"`
    26  	InstalledVersion string `json:"InstalledVersion"`
    27  	FixedVersion     string `json:"FixedVersion"`
    28  }
    29  
    30  const (
    31  	unScanned = iota
    32  	none
    33  	unknown
    34  	low
    35  	medium
    36  	high
    37  	critical
    38  )
    39  
    40  // Values from https://www.first.org/cvss/v3.0/specification-document
    41  const (
    42  	SeverityNotScanned = ""         // scanning was not done or was not complete
    43  	SeverityNone       = "NONE"     // no vulnerabilities were detected at all
    44  	SeverityUnknown    = "UNKNOWN"  // coresponds to CVSS 3 score NONE
    45  	SeverityLow        = "LOW"      // coresponds to CVSS 3 score LOW
    46  	SeverityMedium     = "MEDIUM"   // coresponds to CVSS 3 score MEDIUM
    47  	SeverityHigh       = "HIGH"     // coresponds to CVSS 3 score HIGH
    48  	SeverityCritical   = "CRITICAL" // coresponds to CVSS 3 score CRITICAL
    49  )
    50  
    51  func severityInt(severity string) int {
    52  	sevMap := map[string]int{
    53  		SeverityNotScanned: unScanned,
    54  		SeverityNone:       none,
    55  		SeverityUnknown:    unknown,
    56  		SeverityLow:        low,
    57  		SeverityMedium:     medium,
    58  		SeverityHigh:       high,
    59  		SeverityCritical:   critical,
    60  	}
    61  
    62  	severityInt, ok := sevMap[severity]
    63  
    64  	if !ok {
    65  		// In the unlikely case the key is not in the map we
    66  		// return the unknown severity level
    67  		return unknown
    68  	}
    69  
    70  	return severityInt
    71  }
    72  
    73  func CompareSeverities(sev1, sev2 string) int {
    74  	return severityInt(sev2) - severityInt(sev1)
    75  }
    76  
    77  type Descriptor struct {
    78  	Digest    godigest.Digest
    79  	MediaType string
    80  }
    81  
    82  type DescriptorInfo struct {
    83  	Descriptor
    84  
    85  	Timestamp time.Time
    86  }
    87  
    88  type TagInfo struct {
    89  	Tag        string
    90  	Descriptor Descriptor
    91  	Manifests  []DescriptorInfo
    92  	Timestamp  time.Time
    93  }