Class CpeIdentifier

java.lang.Object
org.owasp.dependencycheck.dependency.naming.CpeIdentifier
All Implemented Interfaces:
Serializable, Comparable<Identifier>, Identifier
public class CpeIdentifier extends Object implements Identifier
A CPE Identifier for a dependency object.
Author:
Jeremy Long
See Also:

  • Constructor Details

    • CpeIdentifier

      public CpeIdentifier(us.springett.parsers.cpe.Cpe cpe, Confidence confidence)
      Constructs a new CPE Identifier from a CPE object with the given confidence.
      Parameters:
      cpe - the CPE value
      confidence - the confidence in the identifiers match

    • CpeIdentifier

      public CpeIdentifier(us.springett.parsers.cpe.Cpe cpe, String url, Confidence confidence)
      Constructs a new CPE Identifier from a CPE object with the given confidence.
      Parameters:
      cpe - the CPE value
      url - the URL for the identifier
      confidence - the confidence in the identifiers match

    • CpeIdentifier

      public CpeIdentifier(String vendor, String product, String version, Confidence confidence) throws us.springett.parsers.cpe.exceptions.CpeValidationException
      Constructs a new CPE Identifier from a CPE object with the given confidence.
      Parameters:
      vendor - the vendor
      product - the product name
      version - the version
      confidence - the confidence in the identifiers match
      Throws:
      us.springett.parsers.cpe.exceptions.CpeValidationException - thrown if there is an error converting the vendor, product, and version into a CPE object

  • Method Details

    • getCpe

      public us.springett.parsers.cpe.Cpe getCpe()
      Returns the CPE object.
      Returns:
      the CPE object

    • getConfidence

      public Confidence getConfidence()
      Description copied from interface: Identifier
      Get the value of confidence.
      Specified by:
      getConfidence in interface Identifier
      Returns:
      the value of confidence

    • getNotes

      public String getNotes()
      Description copied from interface: Identifier
      Get the value of notes from suppression notes.
      Specified by:
      getNotes in interface Identifier
      Returns:
      the value of notes

    • getUrl

      public String getUrl()
      Description copied from interface: Identifier
      Get the value of URL.
      Specified by:
      getUrl in interface Identifier
      Returns:
      the value of URL

    • setConfidence

      public void setConfidence(Confidence confidence)
      Set the value of confidence.
      Specified by:
      setConfidence in interface Identifier
      Parameters:
      confidence - the value of confidence

    • setUrl

      public void setUrl(String url)
      Set the value of URL.
      Specified by:
      setUrl in interface Identifier
      Parameters:
      url - the value of URL

    • setNotes

      public void setNotes(String notes)
      Description copied from interface: Identifier
      Set the value of notes.
      Specified by:
      setNotes in interface Identifier
      Parameters:
      notes - new value of notes

    • getValue

      public String getValue()
      Description copied from interface: Identifier
      Get the string representation of the Identifier.
      Specified by:
      getValue in interface Identifier
      Returns:
      the value of notes

    • toString

      public String toString()
      Returns the CPE 2.3 formatted string.
      Overrides:
      toString in class Object
      Returns:
      the CPE 2.3 formatted string

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object

    • compareTo

      public int compareTo(@NonNull Identifier o)
      Specified by:
      compareTo in interface Comparable<Identifier>

    • nvdSearchUrlFor

      public static String nvdSearchUrlFor(us.springett.parsers.cpe.Cpe cpe)
      Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including all populated parts of the given CPE.

      The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).

    • nvdSearchUrlFor

      public static String nvdSearchUrlFor(String vendor, String product, String version) throws us.springett.parsers.cpe.exceptions.CpeValidationException
      Produces an NVD search URL for a given application vendor/product/version combination to find all applicable vulnerabilities.

      The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).

      Throws:
      us.springett.parsers.cpe.exceptions.CpeValidationException

    • nvdProductSearchUrlFor

      public static String nvdProductSearchUrlFor(us.springett.parsers.cpe.Cpe cpe)
      Produces an NVD search URL for a given CPE to find all applicable vulnerabilities, including only the part, vendor, and product of the given CPE (if populated). Discards all other parts/discriminators of the CPE in the generated search.

      The opened link should be sorted in descending order (sortDirection=2) by publish date (sortOrder=3).