mirror of
https://github.com/fleetdm/fleet
synced 2026-05-23 08:58:41 +00:00
812d3c85de
- Improved NVD CPE matching process. - Fixed bug with the 'software/<id>' endpoint not showing the generated_cpe value.
30 lines
752 B
Go
30 lines
752 B
Go
package nvd
|
|
|
|
import (
|
|
"github.com/facebookincubator/nvdtools/wfn"
|
|
"github.com/fleetdm/fleet/v4/server/fleet"
|
|
)
|
|
|
|
type IndexedCPEItem struct {
|
|
ID int `json:"id" db:"rowid"`
|
|
Product string `json:"product" db:"product"`
|
|
Vendor string `json:"vendor" db:"vendor"`
|
|
Deprecated bool `json:"deprecated" db:"deprecated"`
|
|
Weight int `db:"weight"`
|
|
}
|
|
|
|
func (i *IndexedCPEItem) FmtStr(s *fleet.Software) string {
|
|
cpe := wfn.NewAttributesWithAny()
|
|
cpe.Part = "a"
|
|
cpe.Vendor = i.Vendor
|
|
cpe.Product = i.Product
|
|
cpe.Version = sanitizeVersion(s.Version)
|
|
cpe.TargetSW = targetSW(s)
|
|
|
|
// Make sure we don't return a 'match all' CPE
|
|
if cpe.Vendor == wfn.Any || cpe.Product == wfn.Any {
|
|
return ""
|
|
}
|
|
|
|
return cpe.BindToFmtString()
|
|
}
|