nvd_cwe/
weaknesses.rs

1//! A weakness is a mistake or condition that, if left unaddressed, could under the proper
2//! conditions contribute to a cyber-enabled capability being vulnerable to attack, allowing an
3//! adversary to make items function in unintended ways. This complexType is used to describe a
4//! specific type of weakness and provide a variety of information related to it.
5//!
6//! The required Description should be short and limited to the key points that define this
7//! weakness. The optional Extended_Description element provides a place for additional details
8//! important to this weakness, but that are not necessary to convey the fundamental concept behind
9//! the weakness. A number of other optional elements are available, each of which is described in
10//! more detail within the corresponding complexType that it references.
11//!
12//! The required ID attribute provides a unique identifier for the entry. It is considered static
13//! for the lifetime of the entry. If this entry becomes deprecated, the identifier will not be
14//! reused. The required Name attribute is a string that identifies the entry. The name should
15//! focus on the weakness being described and should avoid mentioning the attack that exploits the
16//! weakness or the consequences of exploiting the weakness. All words in the entry name should be
17//! capitalized except for articles and prepositions, unless they begin or end the name. Subsequent
18//! words in a hyphenated chain are also not capitalized. The required Abstraction attribute defines
19//! the abstraction level for this weakness. The required Structure attribute defines the structural
20//! nature of the weakness. The required Status attribute defines the maturity of the information
21//! for this weakness.
22//!
23use crate::content_history::ContentHistory;
24use crate::mapping_notes::MappingNotes;
25use crate::notes::Notes;
26use crate::structured_text::{StructuredCode, StructuredText};
27use serde::{Deserialize, Serialize};
28
29#[derive(Debug, Deserialize, Serialize)]
30#[serde(deny_unknown_fields)]
31pub struct Weaknesses {
32  #[serde(rename(deserialize = "Weakness"))]
33  pub weaknesses: Vec<Weakness>,
34}
35#[derive(Debug, Deserialize, Serialize)]
36#[serde(rename(deserialize = "Weakness"))]
37#[serde(deny_unknown_fields)]
38pub struct Weakness {
39  #[serde(rename(deserialize = "@ID"))]
40  pub id: i32,
41  #[serde(rename(deserialize = "@Name"))]
42  pub name: String,
43  #[serde(rename(deserialize = "@Abstraction"))]
44  pub abstraction: String,
45  #[serde(rename(deserialize = "@Structure"))]
46  pub structure: String,
47  #[serde(rename(deserialize = "@Status"))]
48  pub status: String,
49  #[serde(rename(deserialize = "Description"))]
50  pub description: String,
51  #[serde(rename(deserialize = "Extended_Description"))]
52  pub extended_description: Option<StructuredText>,
53  #[serde(rename(deserialize = "Related_Weaknesses"))]
54  pub related_weaknesses: Option<RelatedWeaknesses>,
55  #[serde(rename(deserialize = "Demonstrative_Examples"))]
56  pub demonstrative_examples: Option<DemonstrativeExamples>,
57  #[serde(rename(deserialize = "Weakness_Ordinalities"))]
58  pub weakness_ordinalities: Option<WeaknessOrdinalities>,
59  #[serde(rename(deserialize = "Applicable_Platforms"))]
60  pub applicable_platforms: Option<ApplicablePlatforms>,
61  #[serde(rename(deserialize = "Background_Details"))]
62  pub background_details: Option<BackgroundDetails>,
63  #[serde(rename(deserialize = "Modes_Of_Introduction"))]
64  pub modes_of_introduction: Option<ModesOfIntroduction>,
65  #[serde(rename(deserialize = "Likelihood_Of_Exploit"))]
66  pub likelihood_of_exploit: Option<String>,
67  #[serde(rename(deserialize = "Alternate_Terms"))]
68  pub alternate_terms: Option<AlternateTerms>,
69  #[serde(rename(deserialize = "Common_Consequences"))]
70  pub common_consequences: Option<CommonConsequences>,
71  #[serde(rename(deserialize = "Detection_Methods"))]
72  pub detection_methods: Option<DetectionMethods>,
73  #[serde(rename(deserialize = "Potential_Mitigations"))]
74  pub potential_mitigations: Option<PotentialMitigations>,
75  #[serde(rename(deserialize = "Observed_Examples"))]
76  pub observed_examples: Option<ObservedExamples>,
77  #[serde(rename(deserialize = "Related_Attack_Patterns"))]
78  pub related_attack_patterns: Option<RelatedAttackPatterns>,
79  #[serde(rename(deserialize = "References"))]
80  pub references: Option<References>,
81  #[serde(rename(deserialize = "Content_History"))]
82  pub content_history: ContentHistory,
83  #[serde(rename(deserialize = "Exploitation_Factors"))]
84  pub exploitation_factors: Option<ExploitationFactors>,
85  #[serde(rename(deserialize = "Functional_Areas"))]
86  pub functional_areas: Option<FunctionalAreas>,
87  #[serde(rename(deserialize = "Affected_Resources"))]
88  pub affected_resources: Option<AffectedResources>,
89  #[serde(rename(deserialize = "Taxonomy_Mappings"))]
90  pub taxonomy_mappings: Option<TaxonomyMappings>,
91  #[serde(rename(deserialize = "Notes"))]
92  pub notes: Option<Notes>,
93  #[serde(rename(deserialize = "Mapping_Notes"))]
94  pub mapping_notes: MappingNotes,
95}
96#[derive(Debug, Deserialize, Serialize, PartialEq)]
97#[serde(deny_unknown_fields)]
98pub enum RelatedNature {
99  ChildOf,
100  ParentOf,
101  StartsWith,
102  CanFollow,
103  CanPrecede,
104  RequiredBy,
105  Requires,
106  CanAlsoBe,
107  PeerOf,
108}
109#[derive(Debug, Deserialize, Serialize)]
110#[serde(deny_unknown_fields)]
111pub struct WeaknessOrdinalities {
112  #[serde(rename(deserialize = "$value"))]
113  pub weakness_ordinalities: Vec<WeaknessOrdinality>,
114}
115
116#[derive(Debug, Deserialize, Serialize)]
117#[serde(deny_unknown_fields)]
118pub struct WeaknessOrdinality {
119  #[serde(rename(deserialize = "Ordinality"))]
120  pub ordinality: Option<String>,
121  #[serde(rename(deserialize = "Description"))]
122  pub description: Option<String>,
123}
124
125#[derive(Debug, Deserialize, Serialize)]
126#[serde(rename(deserialize = "Related_Weaknesses"))]
127#[serde(deny_unknown_fields)]
128pub struct RelatedWeaknesses {
129  #[serde(rename(deserialize = "Related_Weakness"), default)]
130  pub related_weaknesses: Vec<RelatedWeakness>,
131}
132#[derive(Debug, Deserialize, Serialize)]
133#[serde(rename(deserialize = "Related_Weakness"))]
134#[serde(deny_unknown_fields)]
135pub struct RelatedWeakness {
136  #[serde(rename(deserialize = "@Nature"))]
137  pub nature: RelatedNature,
138  #[serde(rename(deserialize = "@CWE_ID"))]
139  pub cwe_id: i64,
140  #[serde(rename(deserialize = "@View_ID"))]
141  pub view_id: i64,
142  #[serde(rename(deserialize = "@Chain_ID"))]
143  pub chain_id: Option<i64>,
144  #[serde(rename(deserialize = "@Ordinal"))]
145  pub ordinal: Option<String>,
146}
147
148#[derive(Debug, Deserialize, Serialize)]
149#[serde(deny_unknown_fields)]
150pub struct TaxonomyMappings {
151  #[serde(rename(deserialize = "$value"))]
152  pub taxonomy_mappings: Vec<TaxonomyMapping>,
153}
154#[derive(Debug, Deserialize, Serialize)]
155#[serde(deny_unknown_fields)]
156pub struct TaxonomyMapping {
157  #[serde(rename(deserialize = "@Taxonomy_Name"))]
158  pub taxonomy_name: String,
159  #[serde(rename(deserialize = "Entry_ID"))]
160  pub entry_id: Option<String>,
161  #[serde(rename(deserialize = "Entry_Name"))]
162  pub entry_name: Option<String>,
163  #[serde(rename(deserialize = "Mapping_Fit"))]
164  pub mapping_fit: Option<String>,
165}
166
167#[derive(Debug, Deserialize, Serialize)]
168#[serde(deny_unknown_fields)]
169pub struct FunctionalAreas {
170  #[serde(rename(deserialize = "$value"))]
171  pub functional_areas: Vec<String>,
172}
173
174#[derive(Debug, Deserialize, Serialize)]
175#[serde(deny_unknown_fields)]
176pub struct AffectedResources {
177  #[serde(rename(deserialize = "$value"))]
178  pub affected_resources: Vec<String>,
179}
180
181#[derive(Debug, Deserialize, Serialize)]
182#[serde(deny_unknown_fields)]
183pub struct References {
184  #[serde(rename(deserialize = "$value"))]
185  pub references: Vec<Reference>,
186}
187
188#[derive(Debug, Deserialize, Serialize)]
189#[serde(deny_unknown_fields)]
190pub struct Reference {
191  #[serde(rename(deserialize = "@External_Reference_ID"))]
192  pub external_reference_id: String,
193  #[serde(rename(deserialize = "@Section"))]
194  pub section: Option<String>,
195}
196
197#[derive(Debug, Deserialize, Serialize)]
198#[serde(deny_unknown_fields)]
199pub struct RelatedAttackPatterns {
200  #[serde(rename(deserialize = "$value"))]
201  pub related_attack_patterns: Vec<RelatedAttackPattern>,
202}
203
204#[derive(Debug, Deserialize, Serialize)]
205#[serde(deny_unknown_fields)]
206pub struct RelatedAttackPattern {
207  #[serde(rename(deserialize = "@CAPEC_ID"))]
208  pub caped_id: i64,
209}
210
211#[derive(Debug, Deserialize, Serialize)]
212#[serde(deny_unknown_fields)]
213pub struct ObservedExamples {
214  #[serde(rename(deserialize = "$value"))]
215  pub observed_examples: Vec<ObservedExample>,
216}
217#[derive(Debug, Deserialize, Serialize)]
218#[serde(deny_unknown_fields)]
219pub struct ObservedExample {
220  #[serde(rename(deserialize = "Reference"))]
221  pub reference: String,
222  #[serde(rename(deserialize = "Description"))]
223  pub description: String,
224  #[serde(rename(deserialize = "Link"))]
225  pub link: String,
226}
227
228#[derive(Debug, Deserialize, Serialize)]
229#[serde(deny_unknown_fields)]
230pub struct DemonstrativeExamples {
231  #[serde(rename(deserialize = "Demonstrative_Example"))]
232  pub examples: Vec<DemonstrativeExample>,
233}
234
235#[derive(Debug, Deserialize, Serialize)]
236#[serde(deny_unknown_fields)]
237pub struct DemonstrativeExample {
238  #[serde(rename(deserialize = "@Demonstrative_Example_ID"))]
239  pub demonstrative_example_id: Option<String>,
240  #[serde(rename(deserialize = "$value"))]
241  pub children: Vec<DemonstrativeExampleChild>,
242}
243
244#[derive(Debug, Deserialize, Serialize)]
245#[serde(deny_unknown_fields, rename_all(serialize = "snake_case"))]
246pub enum DemonstrativeExampleChild {
247  #[serde(rename(deserialize = "Title_Text"))]
248  TitleText(String),
249  #[serde(rename(deserialize = "Intro_Text"))]
250  IntroText(StructuredText),
251  #[serde(rename(deserialize = "Body_Text"))]
252  BodyText(StructuredText),
253  #[serde(rename(deserialize = "Example_Code"))]
254  ExampleCode(StructuredCode),
255  #[serde(rename(deserialize = "References"))]
256  References {
257    #[serde(rename(deserialize = "$value"))]
258    children: Vec<Reference>,
259  },
260}
261#[derive(Debug, Deserialize, Serialize)]
262#[serde(deny_unknown_fields)]
263pub struct PotentialMitigations {
264  #[serde(rename(deserialize = "$value"))]
265  pub potential_mitigations: Vec<PotentialMitigation>,
266}
267
268#[derive(Debug, Deserialize, Serialize)]
269#[serde(deny_unknown_fields)]
270pub struct PotentialMitigation {
271  #[serde(rename(deserialize = "@Mitigation_ID"))]
272  pub mitigation_id: Option<String>,
273  #[serde(rename(deserialize = "$value"))]
274  pub children: Vec<PotentialMitigationChild>,
275}
276
277#[derive(Debug, Deserialize, Serialize)]
278#[serde(deny_unknown_fields, rename_all(serialize = "snake_case"))]
279pub enum PotentialMitigationChild {
280  #[serde(rename(deserialize = "Phase"))]
281  Phase(String),
282  #[serde(rename(deserialize = "Strategy"))]
283  Strategy(String),
284  #[serde(rename(deserialize = "Description"))]
285  Description(StructuredText),
286  #[serde(rename(deserialize = "Effectiveness"))]
287  Effectiveness(String),
288  #[serde(rename(deserialize = "Effectiveness_Notes"))]
289  EffectivenessNotes(StructuredText),
290}
291
292#[derive(Debug, Deserialize, Serialize)]
293#[serde(deny_unknown_fields)]
294pub struct DetectionMethods {
295  #[serde(rename(deserialize = "$value"))]
296  pub detection_methods: Vec<DetectionMethod>,
297}
298
299#[derive(Debug, Deserialize, Serialize)]
300#[serde(deny_unknown_fields)]
301pub struct DetectionMethod {
302  #[serde(rename(deserialize = "@Detection_Method_ID"))]
303  pub detection_method_id: Option<String>,
304  #[serde(rename(deserialize = "$value"))]
305  pub children: Vec<DetectionMethodChild>,
306}
307
308#[derive(Debug, Deserialize, Serialize)]
309#[serde(deny_unknown_fields, rename_all(serialize = "snake_case"))]
310pub enum DetectionMethodChild {
311  #[serde(rename(deserialize = "Method"))]
312  Method(String),
313  #[serde(rename(deserialize = "Description"))]
314  Description(StructuredText),
315  #[serde(rename(deserialize = "Effectiveness"))]
316  Effectiveness(String),
317  #[serde(rename(deserialize = "Effectiveness_Notes"))]
318  EffectivenessNotes(String),
319}
320
321#[derive(Debug, Deserialize, Serialize)]
322#[serde(deny_unknown_fields)]
323pub struct CommonConsequences {
324  #[serde(rename(deserialize = "$value"))]
325  pub common_consequences: Vec<Consequence>,
326}
327
328#[derive(Debug, Deserialize, Serialize)]
329#[serde(deny_unknown_fields)]
330pub struct Consequence {
331  #[serde(rename(deserialize = "$value"))]
332  pub children: Vec<ConsequenceChild>,
333}
334
335#[derive(Debug, Deserialize, Serialize)]
336#[serde(deny_unknown_fields, rename_all(deserialize = "PascalCase"))]
337pub enum ConsequenceChild {
338  #[serde(rename(deserialize = "Scope"))]
339  Scope(String),
340  #[serde(rename(deserialize = "Impact"))]
341  Impact(String),
342  #[serde(rename(deserialize = "Note"))]
343  Note(String),
344  #[serde(rename(deserialize = "Likelihood"))]
345  Likelihood(String),
346}
347
348#[derive(Debug, Deserialize, Serialize)]
349#[serde(deny_unknown_fields)]
350pub struct AlternateTerms {
351  #[serde(rename(deserialize = "$value"))]
352  pub alternate_terms: Vec<AlternateTerm>,
353}
354
355#[derive(Debug, Deserialize, Serialize)]
356#[serde(deny_unknown_fields)]
357pub struct ExploitationFactors {
358  #[serde(rename(deserialize = "$value"))]
359  pub children: Vec<StructuredText>,
360}
361
362#[derive(Debug, Deserialize, Serialize)]
363#[serde(deny_unknown_fields)]
364pub struct AlternateTerm {
365  #[serde(rename(deserialize = "Term"))]
366  pub term: String,
367  #[serde(rename(deserialize = "Description"))]
368  pub description: Option<StructuredText>,
369}
370
371#[derive(Debug, Deserialize, Serialize)]
372#[serde(deny_unknown_fields)]
373pub struct ModesOfIntroduction {
374  #[serde(rename(deserialize = "$value"))]
375  pub introductions: Vec<Introduction>,
376}
377
378#[derive(Debug, Deserialize, Serialize)]
379#[serde(deny_unknown_fields)]
380pub struct Introduction {
381  #[serde(rename(deserialize = "Phase"))]
382  pub phase: String,
383  #[serde(rename(deserialize = "Note"))]
384  pub note: Option<StructuredText>,
385}
386
387#[derive(Debug, Deserialize, Serialize)]
388#[serde(deny_unknown_fields)]
389pub struct BackgroundDetails {
390  #[serde(rename(deserialize = "$value"), default)]
391  pub background_details: Vec<StructuredText>,
392}
393
394#[derive(Debug, Deserialize, Serialize)]
395#[serde(deny_unknown_fields)]
396pub struct ApplicablePlatforms {
397  #[serde(rename(deserialize = "$value"))]
398  pub applicable_platforms: Vec<ApplicablePlatform>,
399}
400
401#[derive(Debug, Deserialize, Serialize)]
402#[serde(deny_unknown_fields, rename_all(serialize = "snake_case"))]
403pub enum ApplicablePlatform {
404  Language {
405    #[serde(rename(deserialize = "@Class"))]
406    class: Option<String>,
407    #[serde(rename(deserialize = "@Name"))]
408    name: Option<String>,
409    #[serde(rename(deserialize = "@Prevalence"))]
410    prevalence: String,
411  },
412  Technology {
413    #[serde(rename(deserialize = "@Name"))]
414    name: Option<String>,
415    #[serde(rename(deserialize = "@Class"))]
416    class: Option<String>,
417    #[serde(rename(deserialize = "@Prevalence"))]
418    prevalence: String,
419  },
420  #[serde(rename(deserialize = "Operating_System"))]
421  OperatingSystem {
422    #[serde(rename(deserialize = "@Name"))]
423    name: Option<String>,
424    #[serde(rename(deserialize = "@Version"))]
425    version: Option<String>,
426    #[serde(rename(deserialize = "@CPE_ID"))]
427    cpe_id: Option<String>,
428    #[serde(rename(deserialize = "@Class"))]
429    class: Option<String>,
430    #[serde(rename(deserialize = "@Prevalence"))]
431    prevalence: String,
432  },
433  #[serde(rename(deserialize = "Architecture"))]
434  Architecture {
435    #[serde(rename(deserialize = "@Name"))]
436    name: Option<String>,
437    #[serde(rename(deserialize = "@Class"))]
438    class: Option<String>,
439    #[serde(rename(deserialize = "@Prevalence"))]
440    prevalence: String,
441  },
442}
nvd_cwe/weaknesses.rs

nvd_cwe/
weaknesses.rs
