@ThreadSafe
public final class CveDB
extends java.lang.Object
implements java.lang.AutoCloseable
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
DB_ECOSYSTEM_CACHE
Resource location for SQL file containing updates to the ecosystem cache.
|
Constructor and Description |
---|
CveDB(Settings settings)
Creates a new CveDB object and opens the database connection.
|
Modifier and Type | Method and Description |
---|---|
void |
addCpe(java.lang.String cpe,
java.lang.String vendor,
java.lang.String product)
This method is only referenced in unused code and will likely break on
MySQL if ever used due to the MERGE statement.
|
void |
cleanupDatabase()
It is possible that orphaned rows may be generated during database
updates.
|
void |
close()
Closes the database connection.
|
boolean |
dataExists()
Checks to see if data exists so that analysis can be performed.
|
void |
defrag()
If the database is using an H2 file based database calling
defrag() will de-fragment the database. |
void |
deleteUnusedCpe()
This method is only referenced in unused code.
|
protected void |
finalize()
Cleans up the object and ensures that "close" has been called.
|
java.util.Set<CpePlus> |
getCPEs(java.lang.String vendor,
java.lang.String product)
Searches the CPE entries in the database and retrieves all entries for a
given vendor and product combination.
|
DatabaseProperties |
getDatabaseProperties()
Get the value of databaseProperties.
|
java.util.Map<java.lang.String,Vulnerability> |
getknownExploitedVulnerabilities()
Returns a map of known exploited vulnerabilities.
|
java.util.Properties |
getProperties()
Returns a set of properties.
|
java.util.Set<Pair<java.lang.String,java.lang.String>> |
getVendorProductList()
Returns the entire list of vendor/product combinations.
|
java.util.Set<Pair<java.lang.String,java.lang.String>> |
getVendorProductListForNode()
Returns the entire list of vendor/product combinations filtered for just
Node JS related products.
|
java.util.List<Vulnerability> |
getVulnerabilities(us.springett.parsers.cpe.Cpe cpe)
Retrieves the vulnerabilities associated with the specified CPE.
|
Vulnerability |
getVulnerability(java.lang.String cve)
Gets a vulnerability for the provided CVE.
|
Vulnerability |
getVulnerability(java.lang.String cve,
java.sql.Connection conn)
Gets a vulnerability for the provided CVE.
|
boolean |
isOpen()
Returns whether the database connection is open or closed.
|
void |
open()
Opens the database connection pool.
|
void |
persistEcosystemCache()
Persist the EcosystemCache into the database.
|
void |
saveProperty(java.lang.String key,
java.lang.String value)
Saves a property to the database.
|
int |
updateEcosystemCache()
Updates the EcoSystem Cache.
|
void |
updateKnownExploitedVulnerabilities(java.util.List<Vulnerability> vulnerabilities)
Merges the list of known exploited vulnerabilities into the database.
|
void |
updateVulnerability(io.github.jeremylong.openvulnerability.client.nvd.DefCveItem cve,
java.lang.String baseEcosystem)
Updates the vulnerability within the database.
|
public static final java.lang.String DB_ECOSYSTEM_CACHE
public CveDB(Settings settings) throws DatabaseException
settings
- the configured settingsDatabaseException
- thrown if there is an exception opening the
database.public int updateEcosystemCache()
public void open()
public void close()
close
in interface java.lang.AutoCloseable
public boolean isOpen()
protected void finalize() throws java.lang.Throwable
finalize
in class java.lang.Object
java.lang.Throwable
- thrown if there is a problempublic DatabaseProperties getDatabaseProperties()
public java.util.Set<CpePlus> getCPEs(java.lang.String vendor, java.lang.String product)
vendor
- the identified vendor name of the dependency being analyzedproduct
- the identified name of the product of the dependency being
analyzedpublic java.util.Set<Pair<java.lang.String,java.lang.String>> getVendorProductList() throws DatabaseException
DatabaseException
- thrown when there is an error retrieving the
data from the DBpublic java.util.Set<Pair<java.lang.String,java.lang.String>> getVendorProductListForNode() throws DatabaseException
DatabaseException
- thrown when there is an error retrieving the
data from the DBpublic java.util.Properties getProperties()
public void saveProperty(java.lang.String key, java.lang.String value)
key
- the property keyvalue
- the property valuepublic java.util.List<Vulnerability> getVulnerabilities(us.springett.parsers.cpe.Cpe cpe) throws DatabaseException
cpe
- the CPE to retrieve vulnerabilities forDatabaseException
- thrown if there is an exception retrieving datapublic Vulnerability getVulnerability(java.lang.String cve) throws DatabaseException
cve
- the CVE to lookupDatabaseException
- if an exception occurspublic Vulnerability getVulnerability(java.lang.String cve, java.sql.Connection conn) throws DatabaseException
cve
- the CVE to lookupconn
- already active database connectionDatabaseException
- if an exception occurspublic void updateVulnerability(io.github.jeremylong.openvulnerability.client.nvd.DefCveItem cve, java.lang.String baseEcosystem)
cve
- the vulnerability from the NVD CVE Data Feed to add to the
databasebaseEcosystem
- the ecosystem the CVE belongs to; this is based off
of things like the CVE descriptionDatabaseException
- is thrown if the databasepublic void updateKnownExploitedVulnerabilities(java.util.List<Vulnerability> vulnerabilities) throws DatabaseException, java.sql.SQLException
vulnerabilities
- the list of known exploited vulnerabilitiesDatabaseException
- thrown if there is an exception... duh..java.sql.SQLException
- thrown if there is an exception... duh..public boolean dataExists()
true
if data exists; otherwise false
public void cleanupDatabase()
public void persistEcosystemCache()
public void defrag()
defrag()
will de-fragment the database.public void deleteUnusedCpe()
Deletes unused dictionary entries from the database.
public void addCpe(java.lang.String cpe, java.lang.String vendor, java.lang.String product)
Merges CPE entries into the database.
cpe
- the CPE identifiervendor
- the CPE vendorproduct
- the CPE productpublic java.util.Map<java.lang.String,Vulnerability> getknownExploitedVulnerabilities()
Copyright© 2012-21 Jeremy Long. All Rights Reserved.