Class NvdCveAnalyzer
java.lang.Object
org.owasp.dependencycheck.analyzer.AbstractAnalyzer
org.owasp.dependencycheck.analyzer.NvdCveAnalyzer
- All Implemented Interfaces:
Analyzer
NvdCveAnalyzer is a utility class that takes a project dependency and
attempts to discern if there is an associated CVEs. It uses the the
identifiers found by other analyzers to lookup the CVE data.
- Author:
- Jeremy Long
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected voidanalyzeDependency(Dependency dependency, Engine engine) Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.Returns the analysis phase that this analyzer should run in.protected StringReturns the setting key to determine if the analyzer is enabled.getName()Returns the name of this analyzer.Methods inherited from class AbstractAnalyzer
analyze, close, closeAnalyzer, getSettings, initialize, isEnabled, prepare, prepareAnalyzer, setEnabled, supportsParallelProcessing
-
Constructor Details
-
NvdCveAnalyzer
public NvdCveAnalyzer()
-
-
Method Details
-
analyzeDependency
Analyzes a dependency and attempts to determine if there are any CPE identifiers for this dependency.- Specified by:
analyzeDependencyin classAbstractAnalyzer- Parameters:
dependency- The Dependency to analyzeengine- The analysis engine- Throws:
AnalysisException- thrown if there is an issue analyzing the dependency
-
getName
-
getAnalysisPhase
Returns the analysis phase that this analyzer should run in.- Returns:
- the analysis phase that this analyzer should run in.
-
getAnalyzerEnabledSettingKey
Returns the setting key to determine if the analyzer is enabled.
- Specified by:
getAnalyzerEnabledSettingKeyin classAbstractAnalyzer- Returns:
- the key for the analyzer's enabled property
-