CveItemOperator (Dependency-Check Core 5.3.2 API)

java.lang.Object
- org.owasp.dependencycheck.data.nvdcve.CveItemOperator

```
public class CveItemOperator
extends Object
```
Utility for processing DefCveItem in order to extract key values like textual description and ecosystem type.

Author:

skjolber

Constructor Summary

Constructors
Constructor and Description

CveItemOperator()

Constructors
Constructor and Description
`CveItemOperator()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`String`	`extractBaseEcosystem(DefCveItem cve, String description)` Analyzes the description to determine if the vulnerability/software is for a specific known ecosystem.The ecosystem can be used later for filtering CPE matches.
`protected String`	`extractBaseEcosystemFromReferences(DefCveItem cve)`
`String`	`extractDescription(DefCveItem cve)` Utility method to extract the "english" description from a given CVE entry.
`String`	`extractEcosystem(String baseEcosystem, VulnerableSoftware parsedCpe)` Attempts to determine the ecosystem based on the vendor, product and targetSw.
`boolean`	`isRejected(String description)` Determines if the CVE description includes the REJECT text indicating that the CVE was requested but ultimately rejected.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CveItemOperator
```
public CveItemOperator()
```
- Method Detail
  - extractDescription
```
public String extractDescription(DefCveItem cve)
```
    Utility method to extract the "english" description from a given CVE entry.
    
    Parameters:
    
    cve - a reference to a CVE object
    
    Returns:
    
    the english description of the CVE entry
  - extractBaseEcosystem
```
public String extractBaseEcosystem(DefCveItem cve,
                                   String description)
```
    Analyzes the description to determine if the vulnerability/software is for a specific known ecosystem.The ecosystem can be used later for filtering CPE matches.
    
    Parameters:
    
    cve - a reference to the CVE
    
    description - the description to analyze
    
    Returns:
    
    the ecosystem if one could be identified; otherwise null
  - extractBaseEcosystemFromReferences
```
protected String extractBaseEcosystemFromReferences(DefCveItem cve)
```
  - extractEcosystem
```
public String extractEcosystem(String baseEcosystem,
                               VulnerableSoftware parsedCpe)
```
    Attempts to determine the ecosystem based on the vendor, product and targetSw.
    
    Parameters:
    
    baseEcosystem - the base ecosystem
    
    parsedCpe - the CPE identifier
    
    Returns:
    
    the ecosystem if one is identified
  - isRejected
```
public boolean isRejected(String description)
```
    Determines if the CVE description includes the ** REJECT ** text indicating that the CVE was requested but ultimately rejected.
    
    Parameters:
    
    description - the CVE text
    
    Returns:
    
    true if the CVE text includes `** REFECT **`; otherwise false

Class CveItemOperator

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CveItemOperator

Method Detail

extractDescription

extractBaseEcosystem

extractBaseEcosystemFromReferences

extractEcosystem

isRejected