breaking-change(go-cve-dict): support new go-cve-dictionary

[MaineK00n]

What did you implement:

In the new go-cve-dictionary, the DB is split and the type of the CveDetail field is changed.
For vuls, the major change is that the type of the CveDetail fields (Nvd, Jvn) will be changed, and they will be returned as slices instead of only one. This requires CveContents(map[string]CveContent) to be map[string][]CveContent.

Refs vulsio/go-cve-dictionary#192

Type of change

• New feature (non-breaking change which adds functionality)

How Has This Been Tested?

$ vuls scan --config integration/int-config.toml cpe_vendor_product_match
$ vuls report --format-json --refresh-cve --results-dir=(pwd)/integration/results  --config=(pwd)/integration/int-config.toml
$ cat cpe_vendor_product_match.json
{
    "jsonVersion": 4,
    "lang": "en",
    "serverUUID": "",
    "serverName": "cpe_vendor_product_match",
    "family": "pseudo",
    "release": "",
    "container": {
        "containerID": "",
        "name": "",
        "image": "",
        "type": "",
        "uuid": ""
    },
    "platform": {
        "name": "other",
        "instanceID": ""
    },
    "scannedAt": "2021-08-13T17:08:49.211373726+09:00",
    "scanMode": "fast mode",
    "scannedVersion": "v0.15.13",
    "scannedRevision": "build-20210813_162726_ce64aeb",
    "scannedBy": "lize",
    "scannedVia": "pseudo",
    "scannedIpv4Addrs": [
        "192.168.0.65",
        "192.168.0.54",
        "172.18.0.1",
        "172.17.0.1"
    ],
    "scannedIpv6Addrs": [
        "2400:4051:4be1:be00:8bcf:4133:acf1:c459",
        "2400:4051:4be1:be00:a17c:a9c:c891:9b53",
        "2400:4051:4be1:be00:f7ef:5f10:b2ab:9b49",
        "2400:4051:4be1:be00:4fa7:c394:44c:66a9"
    ],
    "reportedAt": "2021-08-13T17:43:19.881327197+09:00",
    "reportedVersion": "v0.15.13",
    "reportedRevision": "build-20210813_171008_ce64aeb",
    "reportedBy": "lize",
    "errors": [],
    "warnings": [],
    "scannedCves": {
        "CVE-2020-9307": {
            "cveID": "CVE-2020-9307",
            "confidences": [
                {
                    "score": 10,
                    "detectionMethod": "CpeVendorProductMatch"
                }
            ],
            "cveContents": {
                "jvn": [
                    {
                        "type": "jvn",
                        "cveID": "CVE-2020-9307",
                        "title": "Hitachi ABB Power Grids 製 AFS シリーズにサービス運用妨害 (DoS) の脆弱性",
                        "summary": "Hitachi ABB Power Grids 製 AFS シリーズの複数製品に、サービス運用妨害 (DoS) の脆弱性が存在します。\n\nHitachi ABB Power Grids が提供する AFS スイッチには、不正な HSR (High-Availability Seamless Redundancy) フレームを受信するとシステム内で無限ループが発生し、HSR リングネットワークで用いられるポートでの通信が不可能となる、サービス運用妨害 (DoS) の脆弱性 (CWE-835) が存在します。",
                        "cvss2Score": 6.1,
                        "cvss2Vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                        "cvss2Severity": "Medium",
                        "cvss3Score": 6.5,
                        "cvss3Vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "cvss3Severity": "Medium",
                        "sourceLink": "https://jvndb.jvn.jp/ja/contents/2021/JVNDB-2021-001210.html",
                        "references": [
                            {
                                "link": "http://jvn.jp/cert/JVNVU99449207",
                                "source": "JVN"
                            },
                            {
                                "link": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9307",
                                "source": "CVE"
                            },
                            {
                                "link": "https://cwe.mitre.org/data/definitions/835.html"
                            },
                            {
                                "link": "https://nvd.nist.gov/vuln/detail/CVE-2020-9307",
                                "source": "NVD"
                            },
                            {
                                "link": "https://us-cert.cisa.gov/ics/advisories/icsa-21-075-03",
                                "source": "ICS-CERT ADVISORY"
                            }
                        ],
                        "published": "2021-03-18T15:50:00+09:00",
                        "lastModified": "2021-03-18T15:50:00+09:00"
                    }
                ],
                "nvd": [
                    {
                        "type": "nvd",
                        "cveID": "CVE-2020-9307",
                        "title": "",
                        "summary": "Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts).",
                        "cvss2Score": 6.1,
                        "cvss2Vector": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                        "cvss2Severity": "MEDIUM",
                        "cvss3Score": 6.5,
                        "cvss3Vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "cvss3Severity": "MEDIUM",
                        "sourceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-9307",
                        "references": [
                            {
                                "link": "https://www.belden.com/dfsmedia/f1e38517e0cd4caa8b1acb6619890f5e/12276-source/options/view",
                                "source": "CONFIRM",
                                "tags": [
                                    "Vendor Advisory"
                                ]
                            },
                            {
                                "link": "https://www.belden.com/security",
                                "source": "MISC",
                                "tags": [
                                    "Vendor Advisory"
                                ]
                            }
                        ],
                        "cweIDs": [
                            "CWE-835"
                        ],
                        "published": "2021-02-11T21:15:00Z",
                        "lastModified": "2021-02-23T18:53:00Z"
                    }
                ]
            },
            "alertDict": {
                "ja": null,
                "en": null
            },
            "cpeURIs": [
                "cpe:/a:hitachi_abb_power_grids:afs660"
            ]
        }
    },
    "runningKernel": {
        "release": "",
        "version": "",
        "rebootRequired": false
    },
    "packages": {},
    "cweDict": {
        "835": {
            "en": {
                "cweID": "835",
                "name": "Loop with Unreachable Exit Condition ('Infinite Loop')",
                "description": "The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.",
                "extendedDescription": "If the loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory."
            },
            "owaspTopTen2017": "",
            "cweTopTwentyfive2019": "",
            "sansTopTwentyfive": ""
        }
    },
    "config": {
        "scan": {
            "logDir": "/var/log/vuls",
            "resultsDir": "/home/mainek00n/github/github.com/MaineK00n/vuls/results",
            "default": {},
            "servers": {
                "cpe_vendor_product_match": {
                    "serverName": "cpe_vendor_product_match",
                    "cpeNames": [
                        "cpe:/a:hitachi_abb_power_grids:afs660"
                    ],
                    "type": "pseudo",
                    "wordpress": {},
                    "portscan": {}
                }
            },
            "cveDict": {
                "Name": "cveDict",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/cve.sqlite3",
                "DebugSQL": false
            },
            "ovalDict": {
                "Name": "ovalDict",
                "Type": "sqlite3",
                "SQLite3Path": "/home/mainek00n/github/github.com/MaineK00n/vuls/oval.master.sqlite3",
                "DebugSQL": false
            },
            "gost": {
                "Name": "gost",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/gost.sqlite3",
                "DebugSQL": false
            },
            "exploit": {
                "Name": "exploit",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/go-exploitdb.sqlite3",
                "DebugSQL": false
            },
            "metasploit": {
                "Name": "metasploit",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/go-msfdb.sqlite3",
                "DebugSQL": false
            }
        },
        "report": {
            "logDir": "/var/log/vuls",
            "resultsDir": "/home/mainek00n/github/github.com/MaineK00n/vuls/integration/results",
            "default": {},
            "servers": {
                "cpe_vendor_product_match": {
                    "serverName": "cpe_vendor_product_match",
                    "cpeNames": [
                        "cpe:/a:hitachi_abb_power_grids:afs660"
                    ],
                    "type": "pseudo",
                    "wordpress": {},
                    "portscan": {}
                }
            },
            "cveDict": {
                "Name": "cveDict",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/cve.sqlite3",
                "DebugSQL": false
            },
            "ovalDict": {
                "Name": "ovalDict",
                "Type": "sqlite3",
                "SQLite3Path": "/home/mainek00n/github/github.com/MaineK00n/vuls/oval.master.sqlite3",
                "DebugSQL": false
            },
            "gost": {
                "Name": "gost",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/gost.sqlite3",
                "DebugSQL": false
            },
            "exploit": {
                "Name": "exploit",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/go-exploitdb.sqlite3",
                "DebugSQL": false
            },
            "metasploit": {
                "Name": "metasploit",
                "Type": "sqlite3",
                "SQLite3Path": "/usr/share/vuls-data/go-msfdb.sqlite3",
                "DebugSQL": false
            },
            "trivyCacheDBDir": "/home/mainek00n/.cache/trivy",
            "refreshCve": true,
            "lang": "en"
        }
    }
}

Checklist:

You don't have to satisfy all of the following.

• Write tests
• Write documentation
• Check that there aren't other open pull requests for the same issue/feature
• Format your source code by make fmt
• Pass the test by make test
• Provide verification config / commands
• Enable "Allow edits from maintainers" for this PR
• Update the messages below

Is this ready for review?: NO

Reference

• breaking-change(db): separate Nvd and Jvn vulsio/go-cve-dictionary#192