mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-05 20:40:16 -08:00
9c6f077818
* feat(cli): add --filter option * feat(opa): support OPA * test(opa): add a test case with OPA * test: update a mock * chore(mod): update dependencies * chore(filter): add example Rego files * chore(README): update * chore(rego): apply opa fmt * refactor: replace filter with policy * chore(policy): update rego files * fix(vulnerability): evaluate each vulnerability * chore(README): update * Update README.md Co-authored-by: Itay Shakury <itay@itaysk.com> * Update README.md Co-authored-by: Itay Shakury <itay@itaysk.com> * chore(README): update a TOC link * fix: replace allow with ignore * chore(README): update Co-authored-by: Itay Shakury <itay@itaysk.com>
68 lines
1.0 KiB
Go
68 lines
1.0 KiB
Go
package vulnerability
|
|
|
|
const (
|
|
module = `
|
|
package lib.trivy
|
|
|
|
parse_cvss_vector_v3(cvss) = vector {
|
|
s := split(cvss, "/")
|
|
vector := {
|
|
"AttackVector": attack_vector[s[1]],
|
|
"AttackComplexity": attack_complexity[s[2]],
|
|
"PrivilegesRequired": privileges_required[s[3]],
|
|
"UserInteraction": user_interaction[s[4]],
|
|
"Scope": scope[s[5]],
|
|
"Confidentiality": confidentiality[s[6]],
|
|
"Integrity": integrity[s[7]],
|
|
"Availability": availability[s[8]],
|
|
}
|
|
}
|
|
|
|
attack_vector := {
|
|
"AV:N": "Network",
|
|
"AV:A": "Adjacent",
|
|
"AV:L": "Local",
|
|
"AV:P": "Physical",
|
|
}
|
|
|
|
attack_complexity := {
|
|
"AC:L": "Low",
|
|
"AC:H": "High",
|
|
}
|
|
|
|
privileges_required := {
|
|
"PR:N": "None",
|
|
"PR:L": "Low",
|
|
"PR:H": "High",
|
|
}
|
|
|
|
user_interaction := {
|
|
"UI:N": "None",
|
|
"UI:R": "Required",
|
|
}
|
|
|
|
scope := {
|
|
"S:U": "Unchanged",
|
|
"S:C": "Changed",
|
|
}
|
|
|
|
confidentiality := {
|
|
"C:N": "None",
|
|
"C:L": "Low",
|
|
"C:H": "High",
|
|
}
|
|
|
|
integrity := {
|
|
"I:N": "None",
|
|
"I:L": "Low",
|
|
"I:H": "High",
|
|
}
|
|
|
|
availability := {
|
|
"A:N": "None",
|
|
"A:L": "Low",
|
|
"A:H": "High",
|
|
}
|
|
`
|
|
)
|