99 lines
3 KiB
JavaScript
99 lines
3 KiB
JavaScript
|
/**
|
||
|
* Service which provides helper methods for working with the vulnerability system.
|
||
|
*/
|
||
|
angular.module('quay').factory('VulnerabilityService', ['Config', function(Config) {
|
||
|
var vulnService = {};
|
||
|
|
||
|
// NOTE: This objects are used directly in the external-notification-data service, so make sure
|
||
|
// to update that code if the format here is changed.
|
||
|
vulnService.LEVELS = {
|
||
|
'Unknown': {
|
||
|
'title': 'Unknown',
|
||
|
'index': '6',
|
||
|
'level': 'info',
|
||
|
|
||
|
'description': 'Unknown is either a security problem that has not been assigned ' +
|
||
|
'to a priority yet or a priority that our system did not recognize',
|
||
|
'banner_required': false
|
||
|
},
|
||
|
|
||
|
'Negligible': {
|
||
|
'title': 'Negligible',
|
||
|
'index': '5',
|
||
|
'level': 'info',
|
||
|
|
||
|
'description': 'Negligible is technically a security problem, but is only theoretical ' +
|
||
|
'in nature, requires a very special situation, has almost no install base, ' +
|
||
|
'or does no real damage.',
|
||
|
'banner_required': false
|
||
|
},
|
||
|
|
||
|
'Low': {
|
||
|
'title': 'Low',
|
||
|
'index': '4',
|
||
|
'level': 'warning',
|
||
|
|
||
|
'description': 'Low is a security problem, but is hard to exploit due to environment, ' +
|
||
|
'requires a user-assisted attack, a small install base, or does very ' +
|
||
|
'little damage.',
|
||
|
'banner_required': false
|
||
|
},
|
||
|
|
||
|
'Medium': {
|
||
|
'title': 'Medium',
|
||
|
'value': 'Medium',
|
||
|
'index': '3',
|
||
|
'level': 'warning',
|
||
|
|
||
|
'description': 'Medium is a real security problem, and is exploitable for many people. ' +
|
||
|
'Includes network daemon denial of service attacks, cross-site scripting, ' +
|
||
|
'and gaining user privileges.',
|
||
|
'banner_required': false
|
||
|
},
|
||
|
|
||
|
'High': {
|
||
|
'title': 'High',
|
||
|
'value': 'High',
|
||
|
'index': '2',
|
||
|
'level': 'warning',
|
||
|
|
||
|
'description': 'High is a real problem, exploitable for many people in a default installation. ' +
|
||
|
'Includes serious remote denial of services, local root privilege escalations, ' +
|
||
|
'or data loss.',
|
||
|
'banner_required': false
|
||
|
},
|
||
|
|
||
|
'Critical': {
|
||
|
'title': 'Critical',
|
||
|
'value': 'Critical',
|
||
|
'index': '1',
|
||
|
'level': 'error',
|
||
|
|
||
|
'description': 'Critical is a world-burning problem, exploitable for nearly all people in ' +
|
||
|
'a installation of the package. Includes remote root privilege escalations, ' +
|
||
|
'or massive data loss.',
|
||
|
'banner_required': true
|
||
|
},
|
||
|
|
||
|
'Defcon1': {
|
||
|
'title': 'Defcon 1',
|
||
|
'value': 'Defcon1',
|
||
|
'index': '0',
|
||
|
'level': 'error',
|
||
|
|
||
|
'description': 'Defcon1 is a Critical problem which has been manually highlighted ' +
|
||
|
'by the Quay team. It requires immediate attention.',
|
||
|
'banner_required': true
|
||
|
}
|
||
|
};
|
||
|
|
||
|
vulnService.getLevels = function() {
|
||
|
return Object.keys(vulnService.LEVELS).map(function(key) {
|
||
|
return vulnService.LEVELS[key];
|
||
|
});
|
||
|
};
|
||
|
|
||
|
return vulnService;
|
||
|
}]);
|
||
|
|