Added NVD CPE details

pkg/types/types.go

@@ -95,6 +95,7 @@ type VulnerabilityDetail struct {
 	Description      string     `json:",omitempty"`
 	PublishedDate    *time.Time `json:",omitempty"`
 	LastModifiedDate *time.Time `json:",omitempty"`
+	CPEDetails       string     `json:",omitempty"`
 }
 
 type AdvisoryDetail struct {

pkg/vulnsrc/nvd/nvd.go

@@ -92,7 +92,6 @@ func (vs VulnSrc) commit(tx *bolt.Tx, items []Item) error {
 
 		publishedDate, _ := time.Parse("2006-01-02T15:04Z", item.PublishedDate)
 		lastModifiedDate, _ := time.Parse("2006-01-02T15:04Z", item.LastModifiedDate)
-
 		vuln := types.VulnerabilityDetail{
 			CvssScore:        item.Impact.BaseMetricV2.CvssV2.BaseScore,
 			CvssVector:       item.Impact.BaseMetricV2.CvssV2.VectorString,
@@ -107,7 +106,12 @@ func (vs VulnSrc) commit(tx *bolt.Tx, items []Item) error {
 			PublishedDate:    &publishedDate,
 			LastModifiedDate: &lastModifiedDate,
 		}
-
+		if item.Configurations != nil {
+			configurationString, err := json.Marshal(item.Configurations)
+			if err == nil {
+				vuln.CPEDetails = string(configurationString)
+			}
+		}
 		if err := vs.dbc.PutVulnerabilityDetail(tx, cveID, vulnerability.Nvd, vuln); err != nil {
 			return err
 		}

pkg/vulnsrc/nvd/nvd_test.go

@@ -41,6 +41,7 @@ func TestVulnSrc_Update(t *testing.T) {
 				References:       []string{"https://source.android.com/security/bulletin/2020-01-01"},
 				LastModifiedDate: utils.MustTimeParse("2020-01-01T01:01:00Z"),
 				PublishedDate:    utils.MustTimeParse("2001-01-01T01:01:00Z"),
+				CPEDetails:       `{"CVE_data_version":"4.0","nodes":[{"cpe_match":[{"cpe23Uri":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","vulnerable":true},{"cpe23Uri":"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","vulnerable":true},{"cpe23Uri":"cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*","vulnerable":true},{"cpe23Uri":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","vulnerable":true}],"operator":"OR"}]}`,
 			},
 		},
 		{

pkg/vulnsrc/nvd/types.go

@@ -5,6 +5,7 @@ type NVD struct {
 }
 
 type Item struct {
+	Configurations   interface{}
 	Cve              Cve
 	Impact           Impact
 	LastModifiedDate string `json:"lastModifiedDate"`