From 2342dfa0ac169e49fa227f05529707a09a88bf35 Mon Sep 17 00:00:00 2001
From: Paul Duncan <pabs@pablotron.org>
Date: Fri, 18 Mar 2022 00:46:00 -0400
Subject: nvdmirror: add cisa kevc url

---
 nvdmirror/syncconfig.go | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'nvdmirror/syncconfig.go')

diff --git a/nvdmirror/syncconfig.go b/nvdmirror/syncconfig.go
index 5da067d..9cb5397 100644
--- a/nvdmirror/syncconfig.go
+++ b/nvdmirror/syncconfig.go
@@ -18,6 +18,9 @@ type SyncConfig struct {
   // CPE 2.3 dictionary URL.
   Cpe23DictUrl string
 
+  // CISA known exploited vulnerabilities catalog (KEVC) URL.
+  CisaKevcUrl string
+
   // User agent string.  Set to "" for default user agent string.
   UserAgent string
 
@@ -28,11 +31,12 @@ type SyncConfig struct {
 	IdleConnTimeout time.Duration
 }
 
-// NVD URLs
+// Default configuration (NVD and CISA URLs).
 var DefaultConfig = SyncConfig {
   Cve11BaseUrl: "https://nvd.nist.gov/feeds/json/cve/1.1",
   CpeMatch10BaseUrl: "https://nvd.nist.gov/feeds/json/cpematch/1.0",
   Cpe23DictUrl: "https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz",
+  CisaKevcUrl: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
   UserAgent: "cvez/0.1.0",
 }
 
@@ -78,6 +82,15 @@ func (me SyncConfig) GetCpeDictUrl() string {
   }
 }
 
+// Get CISA KEVC URL.
+func (me SyncConfig) GetCisaKevcUrl() string {
+  if len(me.CisaKevcUrl) > 0 {
+    return me.CisaKevcUrl
+  } else {
+    return DefaultConfig.CisaKevcUrl
+  }
+}
+
 // get meta URL map.
 func (me SyncConfig) getMetaUrls() map[string]string {
   // calculate total number of years
-- 
cgit v1.2.3