/** * @fileoverview NVD (National Vulnerability Database) API 2.0 Client * @module @nahisaho/musubix-security/cve/nvd-client * @trace REQ-CVE-001, DES-CVE-001 */ import type { CVE, CVESearchQuery } from '../types/cve.js'; /** * NVD API client options */ export interface NVDClientOptions { /** NVD API key (optional, increases rate limit from 5 to 50 req/30s) */ apiKey?: string; /** Base URL for NVD API */ baseUrl?: string; /** Request timeout in milliseconds (default: 30000) */ timeout?: number; /** Maximum retry attempts (default: 3) */ maxRetries?: number; /** Initial retry delay in milliseconds (default: 1000) */ retryDelay?: number; } /** * CVE search result with pagination */ export interface CVESearchResult { /** Total number of results */ totalResults: number; /** Results per page */ resultsPerPage: number; /** Start index */ startIndex: number; /** CVE entries */ cves: CVE[]; /** Response timestamp */ timestamp: Date; } /** * NVD API error */ export declare class NVDAPIError extends Error { readonly statusCode?: number | undefined; readonly retryable: boolean; constructor(message: string, statusCode?: number | undefined, retryable?: boolean); } /** * NVD API 2.0 Client * @see https://nvd.nist.gov/developers/vulnerabilities * @trace REQ-CVE-001, DES-CVE-001 */ export declare class NVDClient { private readonly baseUrl; private readonly apiKey?; private readonly timeout; private readonly maxRetries; private readonly retryDelay; constructor(options?: NVDClientOptions); /** * Check if API key is configured */ hasApiKey(): boolean; /** * Get a single CVE by ID * @param cveId CVE identifier (e.g., "CVE-2021-44228") */ getCVE(cveId: string): Promise; /** * Search CVEs by keyword * @param keyword Search keyword * @param options Additional search options */ searchByKeyword(keyword: string, options?: CVESearchQuery): Promise; /** * Search CVEs by CPE (Common Platform Enumeration) * @param cpe CPE 2.3 URI * @param options Additional search options */ searchByCPE(cpe: string, options?: CVESearchQuery): Promise; /** * Search CVEs by CWE ID * @param cweId CWE identifier (e.g., "CWE-79") * @param options Additional search options */ searchByCWE(cweId: string, options?: CVESearchQuery): Promise; /** * Search CVEs by date range * @param startDate Start date * @param endDate End date * @param options Additional search options */ searchByDateRange(startDate: Date, endDate: Date, options?: CVESearchQuery): Promise; /** * Search CVEs by CVSS score range * @param minScore Minimum CVSS score * @param maxScore Maximum CVSS score * @param options Additional search options */ searchByCVSSRange(minScore: number, maxScore: number, options?: CVESearchQuery): Promise; /** * Get recently modified CVEs * @param daysBack Number of days to look back (default: 7) * @param options Additional search options */ getRecentlyModified(daysBack?: number, options?: CVESearchQuery): Promise; /** * Apply search options to URL */ private applySearchOptions; /** * Execute search and return results */ private executeSearch; /** * Make HTTP request with retry logic */ private makeRequest; /** * Transform NVD API response to CVE type */ private transformVulnerability; /** * Normalize CVE ID format */ private normalizeCVEId; /** * Format date for NVD API */ private formatDate; /** * Get CVSS severity string from score */ private getSeverityFromScore; /** * Sleep for specified milliseconds */ private sleep; } //# sourceMappingURL=nvd-client.d.ts.map