forked from aquasecurity/trivy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
module.go
67 lines (57 loc) · 1 KB
/
module.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package vulnerability
const (
module = `
package lib.trivy
parse_cvss_vector_v3(cvss) = vector {
s := split(cvss, "/")
vector := {
"AttackVector": attack_vector[s[1]],
"AttackComplexity": attack_complexity[s[2]],
"PrivilegesRequired": privileges_required[s[3]],
"UserInteraction": user_interaction[s[4]],
"Scope": scope[s[5]],
"Confidentiality": confidentiality[s[6]],
"Integrity": integrity[s[7]],
"Availability": availability[s[8]],
}
}
attack_vector := {
"AV:N": "Network",
"AV:A": "Adjacent",
"AV:L": "Local",
"AV:P": "Physical",
}
attack_complexity := {
"AC:L": "Low",
"AC:H": "High",
}
privileges_required := {
"PR:N": "None",
"PR:L": "Low",
"PR:H": "High",
}
user_interaction := {
"UI:N": "None",
"UI:R": "Required",
}
scope := {
"S:U": "Unchanged",
"S:C": "Changed",
}
confidentiality := {
"C:N": "None",
"C:L": "Low",
"C:H": "High",
}
integrity := {
"I:N": "None",
"I:L": "Low",
"I:H": "High",
}
availability := {
"A:N": "None",
"A:L": "Low",
"A:H": "High",
}
`
)