Class CveItemOperator
- java.lang.Object
-
- org.owasp.dependencycheck.data.nvdcve.CveItemOperator
-
public class CveItemOperator extends java.lang.ObjectUtility for processing DefCveItem in order to extract key values like textual description and ecosystem type.- Author:
- skjolber
-
-
Constructor Summary
Constructors Constructor Description CveItemOperator(java.lang.String cpeStartsWithFilter)Constructs a new CVE Item Operator utility.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.StringextractDescription(io.github.jeremylong.openvulnerability.client.nvd.DefCveItem cve)Extracts the english description from the CVE object.java.lang.StringextractEcosystem(java.lang.String baseEcosystem, VulnerableSoftware parsedCpe)Attempts to determine the ecosystem based on the vendor, product and targetSw.booleanisRejected(java.lang.String description)Determines if the CVE entry is rejected.
-
-
-
Method Detail
-
extractDescription
public java.lang.String extractDescription(io.github.jeremylong.openvulnerability.client.nvd.DefCveItem cve)
Extracts the english description from the CVE object.- Parameters:
cve- the CVE data- Returns:
- the English descriptions from the CVE object
-
extractEcosystem
public java.lang.String extractEcosystem(java.lang.String baseEcosystem, VulnerableSoftware parsedCpe)Attempts to determine the ecosystem based on the vendor, product and targetSw.- Parameters:
baseEcosystem- the base ecosystemparsedCpe- the CPE identifier- Returns:
- the ecosystem if one is identified
-
isRejected
public boolean isRejected(java.lang.String description)
Determines if the CVE entry is rejected.- Parameters:
description- the CVE description- Returns:
trueif the CVE was rejected; otherwisefalse
-
-