Package org.owasp.dependencycheck.dependency.naming

Class CpeIdentifier

  • All Implemented Interfaces:
    java.io.Serializable, java.lang.Comparable<Identifier>, Identifier
    public class CpeIdentifier
extends java.lang.Object
implements Identifier
    A CPE Identifier for a dependency object.
    Author:
    Jeremy Long
    See Also:
    Serialized Form

    • Constructor Summary

      Constructors 
      Constructor Description
      CpeIdentifier​(java.lang.String vendor, java.lang.String product, java.lang.String version, Confidence confidence)
      Constructs a new CPE Identifier from a CPE object with the given confidence.
      CpeIdentifier​(us.springett.parsers.cpe.Cpe cpe, java.lang.String url, Confidence confidence)
      Constructs a new CPE Identifier from a CPE object with the given confidence.
      CpeIdentifier​(us.springett.parsers.cpe.Cpe cpe, Confidence confidence)
      Constructs a new CPE Identifier from a CPE object with the given confidence.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      int compareTo​(@NotNull Identifier o)  
      boolean equals​(java.lang.Object obj)  
      Confidence getConfidence()
      Get the value of confidence.
      us.springett.parsers.cpe.Cpe getCpe()
      Returns the CPE object.
      java.lang.String getNotes()
      Get the value of notes from suppression notes.
      java.lang.String getUrl()
      Get the value of URL.
      java.lang.String getValue()
      Get the string representation of the Identifier.
      int hashCode()  
      static java.lang.String nvdProductSearchUrlFor​(us.springett.parsers.cpe.Cpe cpe)
      Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including only the part, vendor, and product of the given CPE (if populated).
      static java.lang.String nvdSearchUrlFor​(java.lang.String vendor, java.lang.String product, java.lang.String version)
      Produces an NVD search URL for a given application vendor/product/version combination to find all applicable vulnerabilities.
      static java.lang.String nvdSearchUrlFor​(us.springett.parsers.cpe.Cpe cpe)
      Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including all populated parts of the given CPE.
      void setConfidence​(Confidence confidence)
      Set the value of confidence.
      void setNotes​(java.lang.String notes)
      Set the value of notes.
      void setUrl​(java.lang.String url)
      Set the value of URL.
      java.lang.String toString()
      Returns the CPE 2.3 formatted string.

      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    • Constructor Detail

      • CpeIdentifier

        public CpeIdentifier​(us.springett.parsers.cpe.Cpe cpe,
                     Confidence confidence)
        Constructs a new CPE Identifier from a CPE object with the given confidence.
        Parameters:
        cpe - the CPE value
        confidence - the confidence in the identifiers match

      • CpeIdentifier

        public CpeIdentifier​(us.springett.parsers.cpe.Cpe cpe,
                     java.lang.String url,
                     Confidence confidence)
        Constructs a new CPE Identifier from a CPE object with the given confidence.
        Parameters:
        cpe - the CPE value
        url - the URL for the identifier
        confidence - the confidence in the identifiers match

      • CpeIdentifier

        public CpeIdentifier​(java.lang.String vendor,
                     java.lang.String product,
                     java.lang.String version,
                     Confidence confidence)
              throws us.springett.parsers.cpe.exceptions.CpeValidationException
        Constructs a new CPE Identifier from a CPE object with the given confidence.
        Parameters:
        vendor - the vendor
        product - the product name
        version - the version
        confidence - the confidence in the identifiers match
        Throws:
        us.springett.parsers.cpe.exceptions.CpeValidationException - thrown if there is an error converting the vendor, product, and version into a CPE object

    • Method Detail

      • getCpe

        public us.springett.parsers.cpe.Cpe getCpe()
        Returns the CPE object.
        Returns:
        the CPE object

      • getNotes

        public java.lang.String getNotes()
        Description copied from interface: Identifier
        Get the value of notes from suppression notes.
        Specified by:
        getNotes in interface Identifier
        Returns:
        the value of notes

      • getUrl

        public java.lang.String getUrl()
        Description copied from interface: Identifier
        Get the value of URL.
        Specified by:
        getUrl in interface Identifier
        Returns:
        the value of URL

      • setConfidence

        public void setConfidence​(Confidence confidence)
        Set the value of confidence.
        Specified by:
        setConfidence in interface Identifier
        Parameters:
        confidence - the value of confidence

      • setUrl

        public void setUrl​(java.lang.String url)
        Set the value of URL.
        Specified by:
        setUrl in interface Identifier
        Parameters:
        url - the value of URL

      • setNotes

        public void setNotes​(java.lang.String notes)
        Description copied from interface: Identifier
        Set the value of notes.
        Specified by:
        setNotes in interface Identifier
        Parameters:
        notes - new value of notes

      • getValue

        public java.lang.String getValue()
        Description copied from interface: Identifier
        Get the string representation of the Identifier.
        Specified by:
        getValue in interface Identifier
        Returns:
        the value of notes

      • toString

        public java.lang.String toString()
        Returns the CPE 2.3 formatted string.
        Overrides:
        toString in class java.lang.Object
        Returns:
        the CPE 2.3 formatted string

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object

      • equals

        public boolean equals​(java.lang.Object obj)
        Overrides:
        equals in class java.lang.Object

      • compareTo

        public int compareTo​(@NotNull
                     @NotNull Identifier o)
        Specified by:
        compareTo in interface java.lang.Comparable<Identifier>

      • nvdSearchUrlFor

        public static java.lang.String nvdSearchUrlFor​(us.springett.parsers.cpe.Cpe cpe)
        Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including all populated parts of the given CPE.

        The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).

      • nvdSearchUrlFor

        public static java.lang.String nvdSearchUrlFor​(java.lang.String vendor,
                                               java.lang.String product,
                                               java.lang.String version)
                                        throws us.springett.parsers.cpe.exceptions.CpeValidationException
        Produces an NVD search URL for a given application vendor/product/version combination to find all applicable vulnerabilities.

        The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).

        Throws:
        us.springett.parsers.cpe.exceptions.CpeValidationException

      • nvdProductSearchUrlFor

        public static java.lang.String nvdProductSearchUrlFor​(us.springett.parsers.cpe.Cpe cpe)
        Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including only the part, vendor, and product of the given CPE (if populated). Discards all other parts/discriminators of the CPE in the generated search.

        The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).