Struct Enrichment

Source

pub struct Enrichment {
    pub kev: BTreeSet<String>,
    pub epss: BTreeMap<String, f32>,
    pub cvss: BTreeMap<String, f32>,
}

Expand description

CVE → exploit signals, used to annotate findings.

Fields§

§kev: BTreeSet<String>

CVE ids present in the CISA KEV catalog.

§epss: BTreeMap<String, f32>

CVE → EPSS probability (0.0–1.0).

§cvss: BTreeMap<String, f32>

CVE → CVSS base score (0.0–10.0) recovered from NVD, used to backfill the severity and the numeric score of advisories that carry no CVSS of their own. Empty on the offline (*_file) path.

Implementations§

Source §

impl Enrichment

Source

pub fn from_files( kev_path: Option<&Path>, epss_path: Option<&Path>, ) -> Result<Self, String>

Load from local files (offline): KEV catalog JSON and/or EPSS CSV (cve,epss,…). A None path contributes no data. The NVD CVSS backfill is network-only, so it is empty here.

Source

pub fn apply(&self, findings: &mut [VulnFinding])

Annotate each finding from its CVE aliases: kev if any alias is in the catalog, epss to the maximum score across its aliases. For findings that scan as unknown, backfill both the severity and the numeric CVSS score from the worst NVD score across its aliases (never downgrading a severity the advisory already carries).

Trait Implementations§

Source §

impl Clone for Enrichment

Source §

fn clone(&self) -> Enrichment

Returns a duplicate of the value. Read more

1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Source §

impl Debug for Enrichment

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl Default for Enrichment

Source §

fn default() -> Enrichment

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl UnwindSafe for Enrichment

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> CloneToUninit for T
where T: Clone,

Source §

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §