View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2018 Steve Springett. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.data.nodeaudit;
19  
20  
21  
22  import io.github.jeremylong.openvulnerability.client.nvd.CvssV3;
23  import java.io.Serializable;
24  import java.util.List;
25  import javax.annotation.concurrent.ThreadSafe;
26  
27  /**
28   * The response from NPM Audit API will respond with 0 or more advisories. This
29   * class defines the Advisory objects returned.
30   *
31   * @author Steve Springett
32   */
33  @ThreadSafe
34  public class Advisory implements Serializable {
35  
36      /**
37       * Serial version UID.
38       */
39      private static final long serialVersionUID = -6157232800626565475L;
40  
41      /**
42       * The github_advisory_id of the advisory as issued by GHSA-hosted NPM Audit API.
43       */
44      private String ghsaId;
45  
46      /**
47       * The timestamp of which the advisory was created.
48       */
49      private String created;
50  
51      /**
52       * The timestamp of the last update to the advisory.
53       */
54      private String updated;
55  
56      /**
57       * The title/name of the advisory.
58       */
59      private String title;
60  
61      /**
62       * A detailed description of the advisory.
63       */
64      private String overview;
65  
66      /**
67       * Recommendations for mitigation. Typically involves updating to a newer
68       * release.
69       */
70      private String recommendation;
71  
72      /**
73       * The name of the individual or organization that found the issue.
74       */
75      private String foundBy;
76  
77      /**
78       * The name of the individual or organization that reported the issue.
79       */
80      private String reportedBy;
81  
82      /**
83       * The name of the Node module the advisory is for.
84       */
85      private String moduleName;
86  
87      /**
88       * The version of the Node module.
89       */
90      private String version;
91  
92      /**
93       * The optional CVE(s) associated with this advisory.
94       */
95      private List<String> cves;
96  
97      /**
98       * A string representation of the versions containing the vulnerability.
99       */
100     private String vulnerableVersions;
101 
102     /**
103      * A string representation of the versions that have been patched.
104      */
105     private String patchedVersions;
106 
107     /**
108      * The references names in the advisory. This field contains MarkDown
109      * (including \n, *, and other characters)
110      */
111     private String references;
112 
113     /**
114      * The access of the advisory.
115      */
116     private String access;
117 
118     /**
119      * The severity of the advisory.
120      */
121     private String severity;
122 
123     /**
124      * The CWEs of the advisory.
125      */
126     private List<String> cwes;
127 
128     /**
129      * The CVSSv3 of the advisory.
130      */
131     private CvssV3 cvssV3;
132 
133     public String getCreated() {
134         return created;
135     }
136 
137     public void setCreated(String created) {
138         this.created = created;
139     }
140 
141     public String getUpdated() {
142         return updated;
143     }
144 
145     public void setUpdated(String updated) {
146         this.updated = updated;
147     }
148 
149     public String getTitle() {
150         return title;
151     }
152 
153     public void setTitle(String title) {
154         this.title = title;
155     }
156 
157     public String getOverview() {
158         return overview;
159     }
160 
161     public void setOverview(String overview) {
162         this.overview = overview;
163     }
164 
165     public String getRecommendation() {
166         return recommendation;
167     }
168 
169     public void setRecommendation(String recommendation) {
170         this.recommendation = recommendation;
171     }
172 
173     public String getFoundBy() {
174         return foundBy;
175     }
176 
177     public void setFoundBy(String foundBy) {
178         this.foundBy = foundBy;
179     }
180 
181     public String getReportedBy() {
182         return reportedBy;
183     }
184 
185     public void setReportedBy(String reportedBy) {
186         this.reportedBy = reportedBy;
187     }
188 
189     public String getModuleName() {
190         return moduleName;
191     }
192 
193     public void setModuleName(String moduleName) {
194         this.moduleName = moduleName;
195     }
196 
197     public String getVersion() {
198         return version;
199     }
200 
201     public void setVersion(String version) {
202         this.version = version;
203     }
204 
205     public List<String> getCves() {
206         return cves;
207     }
208 
209     public void setCves(List<String> cves) {
210         this.cves = cves;
211     }
212 
213     public String getVulnerableVersions() {
214         return vulnerableVersions;
215     }
216 
217     public void setVulnerableVersions(String vulnerableVersions) {
218         this.vulnerableVersions = vulnerableVersions;
219     }
220 
221     public String getPatchedVersions() {
222         return patchedVersions;
223     }
224 
225     public void setPatchedVersions(String patchedVersions) {
226         this.patchedVersions = patchedVersions;
227     }
228 
229     public String getReferences() {
230         return references;
231     }
232 
233     public void setReferences(String references) {
234         this.references = references;
235     }
236 
237     public String getAccess() {
238         return access;
239     }
240 
241     public void setAccess(String access) {
242         this.access = access;
243     }
244 
245     public String getSeverity() {
246         return severity;
247     }
248 
249     public void setSeverity(String severity) {
250         this.severity = severity;
251     }
252 
253     public List<String> getCwes() {
254         return cwes;
255     }
256 
257     public void setCwes(List<String> cwes) {
258         this.cwes = cwes;
259     }
260 
261     public String getGhsaId() {
262         return ghsaId;
263     }
264 
265     public void setGhsaId(String ghsaId) {
266         this.ghsaId = ghsaId;
267     }
268 
269     public CvssV3 getCvssV3() {
270         return cvssV3;
271     }
272 
273     public void setCvssV3(CvssV3 cvssV3) {
274         this.cvssV3 = cvssV3;
275     }
276 }