github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 00:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug fixes/replaced CVE datastore (lucene->H2)

Browse Source 
Former-commit-id: 58386fc80bd3a9dca8bc486c56037efa91b1b81e
This commit is contained in:
Jeremy Long
2013-01-06 12:04:27 -05:00
parent dec2536e3e
commit ae4b5464c7
105 changed files with 1890 additions and 10065 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
lib/com/db4o/db4o-all/8.0.249.16098/db4o-all-8.0.249.16098-javadoc.jar
View File

Binary file not shown.

BIN
lib/com/db4o/db4o-all/8.0.249.16098/db4o-all-8.0.249.16098.jar
View File

Binary file not shown.

9
lib/com/db4o/db4o-all/8.0.249.16098/db4o-all-8.0.249.16098.pom
View File

@@ -1,9 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<modelVersion>4.0.0</modelVersion>
<groupId>com.db4o</groupId>
<artifactId>db4o-all</artifactId>
<version>8.0.249.16098</version>
<description>POM was created from install:install-file</description>
</project>

22
pom.xml
View File

@@ -66,22 +66,6 @@ along with DependencyCheck. If not, see <http://www.gnu.org/licenses/>.
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
</properties>
<!-- used to make db4o available as a lib: http://blog.dub.podval.org/2010/01/maven-in-project-repository.html -->
<repositories>
<repository>
<id>lib</id>
<name>lib</name>
<releases>
<enabled>true</enabled>
<checksumPolicy>ignore</checksumPolicy>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
<url>file://${project.basedir}/lib</url>
</repository>
</repositories>
<build>
<resources>
<resource>
@@ -471,9 +455,9 @@ along with DependencyCheck. If not, see <http://www.gnu.org/licenses/>.
</exclusions>
</dependency>
<dependency>
<groupId>com.db4o</groupId>
<artifactId>db4o-all</artifactId>
<version>8.0.249.16098</version>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>1.3.170</version>
</dependency>
<!--
<dependency>

34
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/EntrySaveDelegate.java → src/main/java/org/codesecure/dependencycheck/data/nvdcve/CorruptDatabaseException.java
View File

@@ -16,27 +16,33 @@
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.IOException;
import org.apache.lucene.index.CorruptIndexException;
import org.codesecure.dependencycheck.data.nvdcve.generated.VulnerabilityType;
package org.codesecure.dependencycheck.data.nvdcve;
/**
*
* An interface used to define the save function used when parsing the NVD CVE
* XML file.
* An exception used to indicate the db4o database is corrupt.
* This could be due to invalid data or a complete failure of the db.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public interface EntrySaveDelegate {
class CorruptDatabaseException extends DatabaseException {
private static final long serialVersionUID = 1L;
/**
* Saves a CVE Entry into the Lucene index.
* Creates an CorruptDatabaseException
*
* @param vulnerability a CVE entry.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
* @param msg the exception message
*/
void saveEntry(VulnerabilityType vulnerability) throws CorruptIndexException, IOException;
public CorruptDatabaseException(String msg) {
super(msg);
}
/**
* Creates an CorruptDatabaseException
*
* @param msg the exception message
* @param ex the cause of the exception
*/
public CorruptDatabaseException(String msg, Exception ex) {
super(msg, ex);
}
}

444
src/main/java/org/codesecure/dependencycheck/data/nvdcve/CveDB.java Normal file
View File

@@ -0,0 +1,444 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.codesecure.dependencycheck.data.cpe.Entry;
import org.codesecure.dependencycheck.dependency.Reference;
import org.codesecure.dependencycheck.dependency.Vulnerability;
import org.codesecure.dependencycheck.dependency.VulnerableSoftware;
import org.codesecure.dependencycheck.utils.Settings;
/**
* The database holding information about the NVD CVE data.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class CveDB {
//<editor-fold defaultstate="collapsed" desc="Constants to create, maintain, and retrieve data from the CVE Database">
/**
* SQL Statement to create an index on the reference table
*/
public static final String CREATE_INDEX_IDXREFERENCE = "CREATE INDEX IF NOT EXISTS idxReference ON reference(cveid)";
/**
* SQL Statement to create an index on the software for finding CVE entries based on CPE data
*/
public static final String CREATE_INDEX_IDXSOFTWARE = "CREATE INDEX IF NOT EXISTS idxSoftware ON software(product, vendor, version)";
/**
* SQL Statement to create an index for retrieving software by CVEID
*/
public static final String CREATE_INDEX_IDXSOFTWARECVE = "CREATE INDEX IF NOT EXISTS idxSoftwareCve ON software(cveid)";
/**
* SQL Statement to create an index on the vulnerability table
*/
public static final String CREATE_INDEX_IDXVULNERABILITY = "CREATE INDEX IF NOT EXISTS idxVulnerability ON vulnerability(cveid)";
/**
* SQL Statement to create the reference table
*/
public static final String CREATE_TABLE_REFERENCE = "CREATE TABLE IF NOT EXISTS reference (cveid CHAR(13), "
+ "name varchar(1000), url varchar(1000), source varchar(255))";
/**
* SQL Statement to create the software table
*/
public static final String CREATE_TABLE_SOFTWARE = "CREATE TABLE IF NOT EXISTS software (cveid CHAR(13), cpe varchar(500), "
+ "vendor varchar(255), product varchar(255), version varchar(50), previousVersion varchar(50))";
/**
* SQL Statement to create the vulnerability table
*/
public static final String CREATE_TABLE_VULNERABILITY = "CREATE TABLE IF NOT EXISTS vulnerability "
+ "(cveid CHAR(13) PRIMARY KEY, description varchar(8000))";
/**
* SQL Statement to delete references by CVEID
*/
public static final String DELETE_REFERENCE = "DELETE FROM reference WHERE cveid = ?";
/**
* SQL Statement to delete software by CVEID
*/
public static final String DELETE_SOFTWARE = "DELETE FROM software WHERE cveid = ?";
/**
* SQL Statement to delete a vulnerability by CVEID
*/
public static final String DELETE_VULNERABILITY = "DELETE FROM vulnerability WHERE cveid = ?";
/**
* SQL Statement to insert a new reference
*/
public static final String INSERT_REFERENCE = "INSERT INTO reference (cveid, name, url, source) VALUES (?, ?, ?, ?)";
/**
* SQL Statement to insert a new software
*/
public static final String INSERT_SOFTWARE = "INSERT INTO software (cveid, cpe, vendor, product, version, previousVersion) "
+ "VALUES (?, ?, ?, ?, ?, ?)";
/**
* SQL Statement to insert a new vulnerability
*/
public static final String INSERT_VULNERABILITY = "INSERT INTO vulnerability (cveid, description) VALUES (?, ?)";
/**
* SQL Statement to find CVE entries based on CPE data
*/
public static final String SELECT_CVE_FROM_SOFTWARE = "SELECT cveid FROM software WHERE Vendor = ? AND Product = ? AND "
+ "(version = '-' OR previousVersion IS NOT NULL OR version=?)";
/**
* SQL Statement to select references by CVEID
*/
public static final String SELECT_REFERENCE = "SELECT source, name, url FROM reference WHERE cveid = ?";
/**
* SQL Statement to select software by CVEID
*/
public static final String SELECT_SOFTWARE = "SELECT cpe, previousVersion FROM software WHERE cveid = ?";
/**
* SQL Statement to select a vulnerability by CVEID
*/
public static final String SELECT_VULNERABILITY = "SELECT cveid, description FROM vulnerability WHERE cveid = ?";
//</editor-fold>
//<editor-fold defaultstate="collapsed" desc="Collection of CallableStatements to work with the DB">
/**
* delete reference - parameters (cveid)
*/
private CallableStatement deleteReferences = null;
/**
* delete software - parameters (cveid)
*/
private CallableStatement deleteSoftware = null;
/**
* delete vulnerability - parameters (cveid)
*/
private CallableStatement deleteVulnerabilities = null;
/**
* insert reference - parameters (cveid, name, url, source)
*/
private CallableStatement insertReference = null;
/**
* insert software - parameters (cveid, cpe, vendor, product, version, previousVersion)
*/
private CallableStatement insertSoftware = null;
/**
* insert vulnerability - parameters (cveid, description)
*/
private CallableStatement insertVulnerability = null;
/**
* select cve from software - parameters (vendor, product, version)
*/
private CallableStatement selectCveFromSoftware = null;
/**
* select vulnerability - parameters (cveid)
*/
private CallableStatement selectVulnerability = null;
/**
* select reference - parameters (cveid)
*/
private CallableStatement selectReferences = null;
/**
* select software - parameters (cveid)
*/
private CallableStatement selectSoftware = null;
//</editor-fold>
/**
* Database connection
*/
protected Connection conn = null;
/**
* Opens the database connection. If the database does not exist, it will
* create a new one.
*
* @throws IOException thrown if there is an IO Exception
* @throws SQLException thrown if there is a SQL Exception
* @throws DatabaseException thrown if there is an error initializing a new database
*/
public void open() throws IOException, SQLException, DatabaseException {
String fileName = CveDB.getDataDirectory().getCanonicalPath()
+ File.separator
+ "cve";
File f = new File(fileName);
boolean createTables = !f.exists();
String connStr = "jdbc:h2:file:" + fileName;
conn = DriverManager.getConnection(connStr, "sa", "");
if (createTables) {
createTables();
}
buildStatements();
}
/**
* Cleansup the object and ensures that "close" has been called.
* @throws Throwable thrown if there is a problem
*/
@Override
protected void finalize() throws Throwable {
close();
super.finalize(); //not necessary if extending Object.
}
/**
* Closes the DB4O database. Close should be called on
* this object when it is done being used.
*/
public void close() {
if (conn != null) {
try {
conn.close();
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
}
conn = null;
}
}
/**
* Retrieves the vulnerabilities associated with the specified CPE cpe.
*
* @param cpeStr the CPE cpe name
* @return a list of Vulnerabilities
* @throws DatabaseException thrown if there is an exception retrieving data
*/
public List<Vulnerability> getVulnerablilities(String cpeStr) throws DatabaseException {
ResultSet rs = null;
final Entry cpe = new Entry();
try {
cpe.parseName(cpeStr);
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
}
List<Vulnerability> vulnerabilities = new ArrayList<Vulnerability>();
try {
selectCveFromSoftware.setString(1, cpe.getVendor());
selectCveFromSoftware.setString(2, cpe.getProduct());
selectCveFromSoftware.setString(3, cpe.getVersion());
rs = selectCveFromSoftware.executeQuery();
while (rs.next()) {
Vulnerability v = getVulnerability(rs.getString("cveid"));
vulnerabilities.add(v);
}
} catch (SQLException ex) {
throw new DatabaseException("Exception retrieving vulnerability for " + cpeStr, ex);
} finally {
if (rs != null) {
try {
rs.close();
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
return vulnerabilities;
}
private Vulnerability getVulnerability(String cve) throws DatabaseException {
ResultSet rsV = null;
ResultSet rsR = null;
ResultSet rsS = null;
Vulnerability vuln = null;
try {
selectVulnerability.setString(1, cve);
rsV = selectVulnerability.executeQuery();
if (rsV.next()) {
vuln = new Vulnerability();
vuln.setName(cve);
vuln.setDescription(rsV.getString(2));
selectReferences.setString(1, cve);
rsR = selectReferences.executeQuery();
while (rsR.next()) {
vuln.addReference(rsR.getString(1), rsR.getString(2), rsR.getString(3));
}
selectSoftware.setString(1, cve);
rsS = selectSoftware.executeQuery();
while (rsS.next()) {
String cpe = rsS.getString(1);
String prevVers = rsS.getString(2);
if (prevVers == null) {
vuln.addVulnerableSoftware(cpe);
} else {
vuln.addVulnerableSoftware(cpe, prevVers);
}
}
}
} catch (SQLException ex) {
throw new DatabaseException("Error retrieving " + cve, ex);
} finally {
if (rsV != null) {
try {
rsV.close();
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
}
}
if (rsR != null) {
try {
rsR.close();
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
}
}
if (rsS != null) {
try {
rsS.close();
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
return vuln;
}
/**
* Updates the vulnerability within the database. If the vulnerability does not
* exist it will be added.
*
* @param vuln the vulnerability to add to the database
* @throws DatabaseException is thrown if the database
*/
public void updateVulnerability(Vulnerability vuln) throws DatabaseException {
try {
// first delete any existing vulnerabilty info.
deleteReferences.setString(1, vuln.getName());
deleteReferences.execute();
deleteSoftware.setString(1, vuln.getName());
deleteSoftware.execute();
deleteVulnerabilities.setString(1, vuln.getName());
deleteVulnerabilities.execute();
insertVulnerability.setString(1, vuln.getName());
insertVulnerability.setString(2, vuln.getDescription());
insertVulnerability.execute();
insertReference.setString(1, vuln.getName());
for (Reference r : vuln.getReferences()) {
insertReference.setString(2, r.getName());
insertReference.setString(3, r.getUrl());
insertReference.setString(4, r.getSource());
insertReference.execute();
}
insertSoftware.setString(1, vuln.getName());
for (VulnerableSoftware s : vuln.getVulnerableSoftware()) {
//cveid, cpe, vendor, product, version, previousVersion
insertSoftware.setString(2, s.getName());
insertSoftware.setString(3, s.getVendor());
insertSoftware.setString(4, s.getProduct());
insertSoftware.setString(5, s.getVersion());
if (s.hasPreviousVersion()) {
insertSoftware.setString(6, s.getPreviousVersion());
} else {
insertSoftware.setNull(6, java.sql.Types.VARCHAR);
}
insertSoftware.execute();
}
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
throw new DatabaseException("Error updating '" + vuln.getName() + "'", ex);
}
}
/**
* Retrieves the directory that the JAR file exists in so that
* we can ensure we always use a common data directory.
*
* @return the data directory for this index.
* @throws IOException is thrown if an IOException occurs of course...
*/
public static File getDataDirectory() throws IOException {
String fileName = Settings.getString(Settings.KEYS.CVE_INDEX);
String filePath = CveDB.class.getProtectionDomain().getCodeSource().getLocation().getPath();
String decodedPath = URLDecoder.decode(filePath, "UTF-8");
File exePath = new File(decodedPath);
if (exePath.getName().toLowerCase().endsWith(".jar")) {
exePath = exePath.getParentFile();
} else {
exePath = new File(".");
}
File path = new File(exePath.getCanonicalFile() + File.separator + fileName);
path = new File(path.getCanonicalPath());
if (!path.exists()) {
if (!path.mkdirs()) {
throw new IOException("Unable to create NVD CVE Data directory");
}
}
return path;
}
/**
* Creates the database structure (tables and indexes) to store the CVE data
*
* @throws SQLException thrown if there is a sql exception
* @throws DatabaseException thrown if there is a database exception
*/
protected void createTables() throws SQLException, DatabaseException {
Statement statement = null;
try {
statement = conn.createStatement();
statement.execute(CREATE_TABLE_VULNERABILITY);
statement.execute(CREATE_TABLE_REFERENCE);
statement.execute(CREATE_TABLE_SOFTWARE);
statement.execute(CREATE_INDEX_IDXSOFTWARE);
statement.execute(CREATE_INDEX_IDXREFERENCE);
statement.execute(CREATE_INDEX_IDXVULNERABILITY);
statement.execute(CREATE_INDEX_IDXSOFTWARECVE);
} finally {
if (statement != null) {
try {
statement.close();
} catch (SQLException ex) {
Logger.getLogger(CveDB.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
}
/**
* Builds the CallableStatements used by the application.
* @throws DatabaseException
*/
private void buildStatements() throws DatabaseException {
try {
deleteReferences = conn.prepareCall(DELETE_REFERENCE);
deleteSoftware = conn.prepareCall(DELETE_SOFTWARE);
deleteVulnerabilities = conn.prepareCall(DELETE_VULNERABILITY);
insertReference = conn.prepareCall(INSERT_REFERENCE);
insertSoftware = conn.prepareCall(INSERT_SOFTWARE);
insertVulnerability = conn.prepareCall(INSERT_VULNERABILITY);
selectCveFromSoftware = conn.prepareCall(SELECT_CVE_FROM_SOFTWARE);
selectVulnerability = conn.prepareCall(SELECT_VULNERABILITY);
selectReferences = conn.prepareCall(SELECT_REFERENCE);
selectSoftware = conn.prepareCall(SELECT_SOFTWARE);
} catch (SQLException ex) {
throw new DatabaseException("Unable to prepare statements", ex);
}
}
}

31
src/main/java/org/codesecure/dependencycheck/data/nvdcve/Fields.java → src/main/java/org/codesecure/dependencycheck/data/nvdcve/DatabaseException.java
View File

@@ -19,27 +19,28 @@
package org.codesecure.dependencycheck.data.nvdcve;
/**
* Fields is a collection of field names used within the Lucene index for NVD
* VULNERABLE_CPE entries.
* An exception thrown if an operation against the database fails.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public abstract class Fields {
public class DatabaseException extends Exception {
/**
* The key for the name field.
* Creates an DatabaseException
*
* @param msg the exception message
*/
public static final String CVE_ID = "cve";
public DatabaseException(String msg) {
super(msg);
}
/**
* The key for the vulnerable cpes field.
* Creates an DatabaseException
*
* @param msg the exception message
* @param ex the cause of the exception
*/
public static final String VULNERABLE_CPE = "cpe";
/**
* The key for the description field.
*/
public static final String DESCRIPTION = "description";
/**
* The key for the xml field. Stores the entire NVD VULNERABLE_CPE Entry.
*/
public static final String XML = "xml";
public DatabaseException(String msg, Exception ex) {
super(msg, ex);
}
}

132
src/main/java/org/codesecure/dependencycheck/data/nvdcve/Index.java
View File

@@ -1,132 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve;
import java.io.*;
import java.net.URLDecoder;
import java.util.*;
import org.apache.lucene.analysis.Analyzer;
import org.apache.lucene.analysis.core.KeywordAnalyzer;
import org.apache.lucene.analysis.miscellaneous.PerFieldAnalyzerWrapper;
import org.apache.lucene.analysis.standard.StandardAnalyzer;
import org.apache.lucene.queryparser.classic.QueryParser;
import org.apache.lucene.store.Directory;
import org.apache.lucene.store.FSDirectory;
import org.apache.lucene.util.Version;
import org.codesecure.dependencycheck.data.lucene.AbstractIndex;
import org.codesecure.dependencycheck.utils.Settings;
/**
* The Index class is used to utilize and maintain the NVD CVE Index.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class Index extends AbstractIndex {
/**
* Returns the directory that holds the NVD CVE Index. Note, this
* returns the path where the class or jar file exists.
*
* @return the Directory containing the NVD CVE Index.
* @throws IOException is thrown if an IOException occurs.
*/
public Directory getDirectory() throws IOException {
File path = getDataDirectory();
Directory dir = FSDirectory.open(path);
return dir;
}
/**
* Retrieves the directory that the JAR file exists in so that
* we can ensure we always use a common data directory.
*
* @return the data directory for this index.
* @throws IOException is thrown if an IOException occurs of course...
*/
protected File getDataDirectory() throws IOException {
String fileName = Settings.getString(Settings.KEYS.CVE_INDEX);
String filePath = Index.class.getProtectionDomain().getCodeSource().getLocation().getPath();
String decodedPath = URLDecoder.decode(filePath, "UTF-8");
File exePath = new File(decodedPath);
if (exePath.getName().toLowerCase().endsWith(".jar")) {
exePath = exePath.getParentFile();
} else {
exePath = new File(".");
}
File path = new File(exePath.getCanonicalFile() + File.separator + fileName);
path = new File(path.getCanonicalPath());
if (!path.exists()) {
if (!path.mkdirs()) {
throw new IOException("Unable to create NVD CVE Data directory");
}
}
return path;
}
/**
* Creates an Analyzer for the NVD VULNERABLE_CPE Index.
*
* @return the VULNERABLE_CPE Analyzer.
*/
@SuppressWarnings("unchecked")
public Analyzer createIndexingAnalyzer() {
Map fieldAnalyzers = new HashMap();
fieldAnalyzers.put(Fields.CVE_ID, new KeywordAnalyzer());
fieldAnalyzers.put(Fields.VULNERABLE_CPE, new KeywordAnalyzer());
PerFieldAnalyzerWrapper wrapper = new PerFieldAnalyzerWrapper(
new StandardAnalyzer(Version.LUCENE_40), fieldAnalyzers);
return wrapper;
}
/**
* Creates an Analyzer for the NVD VULNERABLE_CPE Index.
*
* @return the VULNERABLE_CPE Analyzer.
*/
@SuppressWarnings("unchecked")
public Analyzer createSearchingAnalyzer() {
Map fieldAnalyzers = new HashMap();
fieldAnalyzers.put(Fields.CVE_ID, new KeywordAnalyzer());
fieldAnalyzers.put(Fields.VULNERABLE_CPE, new KeywordAnalyzer());
PerFieldAnalyzerWrapper wrapper = new PerFieldAnalyzerWrapper(
new StandardAnalyzer(Version.LUCENE_40), fieldAnalyzers);
return wrapper;
}
/**
* Creates the Lucene QueryParser used when querying the index
* @return a QueryParser
*/
public QueryParser createQueryParser() {
return new QueryParser(Version.LUCENE_40, Fields.VULNERABLE_CPE, getSearchingAnalyzer());
}
/**
* Resets the searching analyzers
*/
protected void resetSearchingAnalyzer() {
//do nothing
}
}

101
src/main/java/org/codesecure/dependencycheck/data/nvdcve/NvdCveAnalyzer.java
View File

@@ -18,26 +18,15 @@
*/
package org.codesecure.dependencycheck.data.nvdcve;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.sql.SQLException;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.apache.lucene.document.Document;
import org.apache.lucene.index.Term;
import org.apache.lucene.search.*;
import org.codesecure.dependencycheck.analyzer.AnalysisException;
import org.codesecure.dependencycheck.analyzer.AnalysisPhase;
import org.codesecure.dependencycheck.data.nvdcve.generated.VulnerabilityReferenceType;
import org.codesecure.dependencycheck.data.nvdcve.generated.VulnerabilityType;
import org.codesecure.dependencycheck.dependency.Dependency;
import org.codesecure.dependencycheck.dependency.Vulnerability;
import org.codesecure.dependencycheck.dependency.Identifier;
import org.codesecure.dependencycheck.dependency.Reference;
/**
* NvdCveAnalyzer is a utility class that takes a project dependency and
@@ -55,37 +44,39 @@ public class NvdCveAnalyzer implements org.codesecure.dependencycheck.analyzer.A
/**
* The CVE Index.
*/
protected Index cve = null;
protected CveDB cveDB = null;
/**
* Opens the data source.
*
* @throws IOException when the Lucene directory to be querried does not
* exist or is corrupt.
* @throws SQLException thrown wwhen there is a SQL Exception
* @throws IOException thrown when there is an IO Exception
* @throws DatabaseException thrown when there is a database exceptions
*/
public void open() throws IOException {
cve = new Index();
cve.open();
public void open() throws SQLException, IOException, DatabaseException {
cveDB = new CveDB();
cveDB.open();
}
/**
* Closes the data source.
*/
public void close() {
cve.close();
cveDB.close();
cveDB = null;
}
/**
* Returns the status of the data source - is the index open.
* Returns the status of the data source - is the database open.
*
* @return true or false.
*/
public boolean isOpen() {
return (cve == null) ? false : cve.isOpen();
return (cveDB != null);
}
/**
* Ensures that the Lucene index is closed.
* Ensures that the CVE Database is closed.
*
* @throws Throwable when a throwable is thrown.
*/
@@ -110,41 +101,12 @@ public class NvdCveAnalyzer implements org.codesecure.dependencycheck.analyzer.A
if ("cpe".equals(id.getType())) {
try {
String value = id.getValue();
Term term1 = new Term(Fields.VULNERABLE_CPE, value);
Query query1 = new TermQuery(term1);
//need to get the cpe:/a:vendor:product - some CVEs are referenced very broadly.
//find the index of the colon after the product of the cpe value
//cpe:/a:microsoft:anti-cross_site_scripting_library:3.1
int pos = value.indexOf(":", 7) + 1;
pos = value.indexOf(":", pos);
String productVendor = value.substring(0, pos);
Term term2 = new Term(Fields.VULNERABLE_CPE, productVendor);
Query query2 = new TermQuery(term2);
BooleanQuery query = new BooleanQuery();
query.add(query1, BooleanClause.Occur.SHOULD);
query.add(query2, BooleanClause.Occur.SHOULD);
TopDocs docs = cve.search(query, MAX_QUERY_RESULTS);
for (ScoreDoc d : docs.scoreDocs) {
Document doc = cve.getDocument(d.doc);
String xml = doc.get(Fields.XML);
Vulnerability vuln;
try {
vuln = parseVulnerability(xml);
dependency.addVulnerability(vuln);
} catch (JAXBException ex) {
Logger.getLogger(NvdCveAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
dependency.addAnalysisException(new AnalysisException("Unable to retrieve vulnerability data", ex));
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(NvdCveAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
dependency.addAnalysisException(new AnalysisException("Unable to retrieve vulnerability data - utf-8", ex));
}
List<Vulnerability> vulns = cveDB.getVulnerablilities(value);
for (Vulnerability v : vulns) {
dependency.addVulnerability(v);
}
} catch (IOException ex) {
Logger.getLogger(NvdCveAnalyzer.class.getName()).log(Level.SEVERE, null, ex);
throw new AnalysisException("Exception occured while determining CVEs", ex);
} catch (DatabaseException ex) {
throw new AnalysisException(ex);
}
}
}
@@ -195,29 +157,4 @@ public class NvdCveAnalyzer implements org.codesecure.dependencycheck.analyzer.A
public void initialize() throws Exception {
this.open();
}
private Vulnerability parseVulnerability(String xml) throws JAXBException, UnsupportedEncodingException {
JAXBContext jaxbContext = JAXBContext.newInstance(VulnerabilityType.class);
Unmarshaller unmarshaller = jaxbContext.createUnmarshaller();
ByteArrayInputStream input = new ByteArrayInputStream(xml.getBytes("UTF-8"));
VulnerabilityType cvedata = (VulnerabilityType) unmarshaller.unmarshal(input);
if (cvedata == null) {
return null;
}
Vulnerability vuln = new Vulnerability();
vuln.setName(cvedata.getId());
vuln.setDescription(cvedata.getSummary());
if (cvedata.getReferences() != null) {
for (VulnerabilityReferenceType r : cvedata.getReferences()) {
Reference ref = new Reference();
ref.setName(r.getReference().getValue());
ref.setSource(r.getSource());
ref.setUrl(r.getReference().getHref());
vuln.addReference(ref);
}
}
return vuln;
}
}

63
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/AccessComplexityEnumType.java
View File

@@ -1,63 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for accessComplexityEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="accessComplexityEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="HIGH"/>
* &lt;enumeration value="MEDIUM"/>
* &lt;enumeration value="LOW"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "accessComplexityEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum AccessComplexityEnumType {
HIGH,
MEDIUM,
LOW;
public String value() {
return name();
}
public static AccessComplexityEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/AccessComplexityType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for accessComplexityType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="accessComplexityType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>accessComplexityEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "accessComplexityType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class AccessComplexityType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected AccessComplexityEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link AccessComplexityEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public AccessComplexityEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link AccessComplexityEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(AccessComplexityEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

63
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/AccessVectorEnumType.java
View File

@@ -1,63 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for accessVectorEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="accessVectorEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="LOCAL"/>
* &lt;enumeration value="ADJACENT_NETWORK"/>
* &lt;enumeration value="NETWORK"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "accessVectorEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum AccessVectorEnumType {
LOCAL,
ADJACENT_NETWORK,
NETWORK;
public String value() {
return name();
}
public static AccessVectorEnumType fromValue(String v) {
return valueOf(v);
}
}

124
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/AccessVectorType.java
View File

@@ -1,124 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for accessVectorType complex type.
*
* <p>The following schema fragment specifies the expected content contained within this class.
*
* <pre>
* &lt;complexType name="accessVectorType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>accessVectorEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "accessVectorType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class AccessVectorType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected AccessVectorEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return
* possible object is
* {@link AccessVectorEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public AccessVectorEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value
* allowed object is
* {@link AccessVectorEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(AccessVectorEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return
* possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value
* allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

174
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/AssociatedExploitLocationType.java
View File

@@ -1,174 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for associatedExploitLocationType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="associatedExploitLocationType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="physical-access" type="{http://www.w3.org/2001/XMLSchema}boolean" minOccurs="0"/>
* &lt;element name="voluntarily-interact" type="{http://www.w3.org/2001/XMLSchema}boolean" minOccurs="0"/>
* &lt;element name="dialup" type="{http://www.w3.org/2001/XMLSchema}boolean" minOccurs="0"/>
* &lt;element name="unknown" type="{http://www.w3.org/2001/XMLSchema}boolean" minOccurs="0"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "associatedExploitLocationType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4", propOrder = {
"physicalAccess",
"voluntarilyInteract",
"dialup",
"unknown"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class AssociatedExploitLocationType {
@XmlElement(name = "physical-access", defaultValue = "false")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean physicalAccess;
@XmlElement(name = "voluntarily-interact", defaultValue = "false")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean voluntarilyInteract;
@XmlElement(defaultValue = "false")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean dialup;
@XmlElement(defaultValue = "false")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean unknown;
/**
* Gets the value of the physicalAccess property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Boolean isPhysicalAccess() {
return physicalAccess;
}
/**
* Sets the value of the physicalAccess property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setPhysicalAccess(Boolean value) {
this.physicalAccess = value;
}
/**
* Gets the value of the voluntarilyInteract property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Boolean isVoluntarilyInteract() {
return voluntarilyInteract;
}
/**
* Sets the value of the voluntarilyInteract property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setVoluntarilyInteract(Boolean value) {
this.voluntarilyInteract = value;
}
/**
* Gets the value of the dialup property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Boolean isDialup() {
return dialup;
}
/**
* Sets the value of the dialup property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setDialup(Boolean value) {
this.dialup = value;
}
/**
* Gets the value of the unknown property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Boolean isUnknown() {
return unknown;
}
/**
* Sets the value of the unknown property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setUnknown(Boolean value) {
this.unknown = value;
}
}

63
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/AuthenticationEnumType.java
View File

@@ -1,63 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for authenticationEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="authenticationEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="MULTIPLE_INSTANCES"/>
* &lt;enumeration value="SINGLE_INSTANCE"/>
* &lt;enumeration value="NONE"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "authenticationEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum AuthenticationEnumType {
MULTIPLE_INSTANCES,
SINGLE_INSTANCE,
NONE;
public String value() {
return name();
}
public static AuthenticationEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/AuthenticationType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for authenticationType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="authenticationType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>authenticationEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "authenticationType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class AuthenticationType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected AuthenticationEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link AuthenticationEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public AuthenticationEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link AuthenticationEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(AuthenticationEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

376
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/BaseMetricsType.java
View File

@@ -1,376 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.math.BigDecimal;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.datatype.XMLGregorianCalendar;
/**
* <p>Java class for baseMetricsType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="baseMetricsType">
* &lt;complexContent>
* &lt;extension base="{http://scap.nist.gov/schema/cvss-v2/0.2}metricsType">
* &lt;sequence>
* &lt;element name="score" type="{http://scap.nist.gov/schema/cvss-v2/0.2}zeroToTenDecimalType" minOccurs="0"/>
* &lt;element name="exploit-subscore" type="{http://scap.nist.gov/schema/cvss-v2/0.2}zeroToTenDecimalType" minOccurs="0"/>
* &lt;element name="impact-subscore" type="{http://scap.nist.gov/schema/cvss-v2/0.2}zeroToTenDecimalType" minOccurs="0"/>
* &lt;group ref="{http://scap.nist.gov/schema/cvss-v2/0.2}baseVectorsGroup"/>
* &lt;element name="source" type="{http://www.w3.org/2001/XMLSchema}anyURI"/>
* &lt;element name="generated-on-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
* &lt;/sequence>
* &lt;/extension>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "baseMetricsType", propOrder = {
"score",
"exploitSubscore",
"impactSubscore",
"accessVector",
"accessComplexity",
"authentication",
"confidentialityImpact",
"integrityImpact",
"availabilityImpact",
"source",
"generatedOnDatetime"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class BaseMetricsType
extends MetricsType {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal score;
@XmlElement(name = "exploit-subscore")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal exploitSubscore;
@XmlElement(name = "impact-subscore")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal impactSubscore;
@XmlElement(name = "access-vector")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected AccessVectorType accessVector;
@XmlElement(name = "access-complexity")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected AccessComplexityType accessComplexity;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected AuthenticationType authentication;
@XmlElement(name = "confidentiality-impact")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaType confidentialityImpact;
@XmlElement(name = "integrity-impact")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaType integrityImpact;
@XmlElement(name = "availability-impact")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaType availabilityImpact;
@XmlElement(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String source;
@XmlElement(name = "generated-on-datetime")
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar generatedOnDatetime;
/**
* Gets the value of the score property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getScore() {
return score;
}
/**
* Sets the value of the score property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setScore(BigDecimal value) {
this.score = value;
}
/**
* Gets the value of the exploitSubscore property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getExploitSubscore() {
return exploitSubscore;
}
/**
* Sets the value of the exploitSubscore property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setExploitSubscore(BigDecimal value) {
this.exploitSubscore = value;
}
/**
* Gets the value of the impactSubscore property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getImpactSubscore() {
return impactSubscore;
}
/**
* Sets the value of the impactSubscore property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setImpactSubscore(BigDecimal value) {
this.impactSubscore = value;
}
/**
* Gets the value of the accessVector property.
*
* @return possible object is
* {@link AccessVectorType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public AccessVectorType getAccessVector() {
return accessVector;
}
/**
* Sets the value of the accessVector property.
*
* @param value allowed object is
* {@link AccessVectorType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setAccessVector(AccessVectorType value) {
this.accessVector = value;
}
/**
* Gets the value of the accessComplexity property.
*
* @return possible object is
* {@link AccessComplexityType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public AccessComplexityType getAccessComplexity() {
return accessComplexity;
}
/**
* Sets the value of the accessComplexity property.
*
* @param value allowed object is
* {@link AccessComplexityType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setAccessComplexity(AccessComplexityType value) {
this.accessComplexity = value;
}
/**
* Gets the value of the authentication property.
*
* @return possible object is
* {@link AuthenticationType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public AuthenticationType getAuthentication() {
return authentication;
}
/**
* Sets the value of the authentication property.
*
* @param value allowed object is
* {@link AuthenticationType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setAuthentication(AuthenticationType value) {
this.authentication = value;
}
/**
* Gets the value of the confidentialityImpact property.
*
* @return possible object is
* {@link CiaType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaType getConfidentialityImpact() {
return confidentialityImpact;
}
/**
* Sets the value of the confidentialityImpact property.
*
* @param value allowed object is
* {@link CiaType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setConfidentialityImpact(CiaType value) {
this.confidentialityImpact = value;
}
/**
* Gets the value of the integrityImpact property.
*
* @return possible object is
* {@link CiaType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaType getIntegrityImpact() {
return integrityImpact;
}
/**
* Sets the value of the integrityImpact property.
*
* @param value allowed object is
* {@link CiaType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setIntegrityImpact(CiaType value) {
this.integrityImpact = value;
}
/**
* Gets the value of the availabilityImpact property.
*
* @return possible object is
* {@link CiaType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaType getAvailabilityImpact() {
return availabilityImpact;
}
/**
* Sets the value of the availabilityImpact property.
*
* @param value allowed object is
* {@link CiaType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setAvailabilityImpact(CiaType value) {
this.availabilityImpact = value;
}
/**
* Gets the value of the source property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSource() {
return source;
}
/**
* Sets the value of the source property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSource(String value) {
this.source = value;
}
/**
* Gets the value of the generatedOnDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getGeneratedOnDatetime() {
return generatedOnDatetime;
}
/**
* Sets the value of the generatedOnDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setGeneratedOnDatetime(XMLGregorianCalendar value) {
this.generatedOnDatetime = value;
}
}

156
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CceParameterType.java
View File

@@ -1,156 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* <p>Java class for cceParameterType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="cceParameterType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="value" type="{http://www.w3.org/2001/XMLSchema}string" maxOccurs="unbounded"/>
* &lt;/sequence>
* &lt;attribute name="identifier" type="{http://www.w3.org/2001/XMLSchema}token" />
* &lt;attribute name="operator" type="{http://www.w3.org/2001/XMLSchema}token" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "cceParameterType", namespace = "http://scap.nist.gov/schema/cce/0.1", propOrder = {
"values"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CceParameterType {
@XmlElement(name = "value", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<String> values;
@XmlAttribute
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "token")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String identifier;
@XmlAttribute
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "token")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String operator;
/**
* Gets the value of the values property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the values property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getValues().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link String }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<String> getValues() {
if (values == null) {
values = new ArrayList<String>();
}
return this.values;
}
/**
* Gets the value of the identifier property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getIdentifier() {
return identifier;
}
/**
* Sets the value of the identifier property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setIdentifier(String value) {
this.identifier = value;
}
/**
* Gets the value of the operator property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getOperator() {
return operator;
}
/**
* Sets the value of the operator property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setOperator(String value) {
this.operator = value;
}
}

215
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CceType.java
View File

@@ -1,215 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* <p>Java class for cceType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="cceType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="definition" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
* &lt;element name="parameter" type="{http://scap.nist.gov/schema/cce/0.1}cceParameterType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="technical-mechanisms" type="{http://www.w3.org/2001/XMLSchema}string" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="references" type="{http://scap.nist.gov/schema/scap-core/0.1}referenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute name="id" use="required" type="{http://scap.nist.gov/schema/cce/0.1}cceNamePatternType" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "cceType", namespace = "http://scap.nist.gov/schema/cce/0.1", propOrder = {
"definition",
"parameters",
"technicalMechanisms",
"references"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CceType {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String definition;
@XmlElement(name = "parameter")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<CceParameterType> parameters;
@XmlElement(name = "technical-mechanisms")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<String> technicalMechanisms;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<ReferenceType> references;
@XmlAttribute(required = true)
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String id;
/**
* Gets the value of the definition property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getDefinition() {
return definition;
}
/**
* Sets the value of the definition property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setDefinition(String value) {
this.definition = value;
}
/**
* Gets the value of the parameters property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the parameters property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getParameters().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link CceParameterType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<CceParameterType> getParameters() {
if (parameters == null) {
parameters = new ArrayList<CceParameterType>();
}
return this.parameters;
}
/**
* Gets the value of the technicalMechanisms property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the technicalMechanisms property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getTechnicalMechanisms().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link String }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<String> getTechnicalMechanisms() {
if (technicalMechanisms == null) {
technicalMechanisms = new ArrayList<String>();
}
return this.technicalMechanisms;
}
/**
* Gets the value of the references property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the references property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getReferences().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link ReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<ReferenceType> getReferences() {
if (references == null) {
references = new ArrayList<ReferenceType>();
}
return this.references;
}
/**
* Gets the value of the id property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getId() {
return id;
}
/**
* Sets the value of the id property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setId(String value) {
this.id = value;
}
}

153
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CheckReferenceType.java
View File

@@ -1,153 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* Data type for the check element, a checking system specification URI, string
* content, and an optional external file reference. The checking system
* specification should be the URI for a particular version of OVAL or a related
* system testing language, and the content will be an identifier of a test
* written in that language. The external file reference could be used to point
* to the file in which the content test identifier is defined.
*
* <p>Java class for checkReferenceType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="checkReferenceType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;attribute name="system" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" />
* &lt;attribute name="href" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" />
* &lt;attribute name="name" type="{http://www.w3.org/2001/XMLSchema}token" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "checkReferenceType", namespace = "http://scap.nist.gov/schema/scap-core/0.1")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CheckReferenceType {
@XmlAttribute(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String system;
@XmlAttribute(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String href;
@XmlAttribute
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "token")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String name;
/**
* Gets the value of the system property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSystem() {
return system;
}
/**
* Sets the value of the system property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSystem(String value) {
this.system = value;
}
/**
* Gets the value of the href property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getHref() {
return href;
}
/**
* Sets the value of the href property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setHref(String value) {
this.href = value;
}
/**
* Gets the value of the name property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setName(String value) {
this.name = value;
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CheckSearchType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* <p>Java class for checkSearchType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="checkSearchType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;attribute name="system" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" />
* &lt;attribute name="name" type="{http://www.w3.org/2001/XMLSchema}token" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "checkSearchType", namespace = "http://scap.nist.gov/schema/scap-core/0.1")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CheckSearchType {
@XmlAttribute(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String system;
@XmlAttribute
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "token")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String name;
/**
* Gets the value of the system property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSystem() {
return system;
}
/**
* Sets the value of the system property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSystem(String value) {
this.system = value;
}
/**
* Gets the value of the name property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setName(String value) {
this.name = value;
}
}

63
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CiaEnumType.java
View File

@@ -1,63 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for ciaEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="ciaEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="NONE"/>
* &lt;enumeration value="PARTIAL"/>
* &lt;enumeration value="COMPLETE"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "ciaEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum CiaEnumType {
NONE,
PARTIAL,
COMPLETE;
public String value() {
return name();
}
public static CiaEnumType fromValue(String v) {
return valueOf(v);
}
}

65
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CiaRequirementEnumType.java
View File

@@ -1,65 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for ciaRequirementEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="ciaRequirementEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="LOW"/>
* &lt;enumeration value="MEDIUM"/>
* &lt;enumeration value="HIGH"/>
* &lt;enumeration value="NOT_DEFINED"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "ciaRequirementEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum CiaRequirementEnumType {
LOW,
MEDIUM,
HIGH,
NOT_DEFINED;
public String value() {
return name();
}
public static CiaRequirementEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CiaRequirementType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for ciaRequirementType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="ciaRequirementType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>ciaRequirementEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "ciaRequirementType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CiaRequirementType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaRequirementEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link CiaRequirementEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaRequirementEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link CiaRequirementEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(CiaRequirementEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CiaType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for ciaType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="ciaType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>ciaEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "ciaType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CiaType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link CiaEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link CiaEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(CiaEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

69
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CollateralDamagePotentialEnumType.java
View File

@@ -1,69 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for collateralDamagePotentialEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="collateralDamagePotentialEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="NONE"/>
* &lt;enumeration value="LOW"/>
* &lt;enumeration value="LOW_MEDIUM"/>
* &lt;enumeration value="MEDIUM_HIGH"/>
* &lt;enumeration value="HIGH"/>
* &lt;enumeration value="NOT_DEFINED"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "collateralDamagePotentialEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum CollateralDamagePotentialEnumType {
NONE,
LOW,
LOW_MEDIUM,
MEDIUM_HIGH,
HIGH,
NOT_DEFINED;
public String value() {
return name();
}
public static CollateralDamagePotentialEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CollateralDamagePotentialType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for collateralDamagePotentialType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="collateralDamagePotentialType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>collateralDamagePotentialEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "collateralDamagePotentialType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CollateralDamagePotentialType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CollateralDamagePotentialEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link CollateralDamagePotentialEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CollateralDamagePotentialEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link CollateralDamagePotentialEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(CollateralDamagePotentialEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

65
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/ConfidenceEnumType.java
View File

@@ -1,65 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for confidenceEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="confidenceEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="UNCONFIRMED"/>
* &lt;enumeration value="UNCORROBORATED"/>
* &lt;enumeration value="CONFIRMED"/>
* &lt;enumeration value="NOT_DEFINED"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "confidenceEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum ConfidenceEnumType {
UNCONFIRMED,
UNCORROBORATED,
CONFIRMED,
NOT_DEFINED;
public String value() {
return name();
}
public static ConfidenceEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/ConfidenceType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for confidenceType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="confidenceType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>confidenceEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "confidenceType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class ConfidenceType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected ConfidenceEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link ConfidenceEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public ConfidenceEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link ConfidenceEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(ConfidenceEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

63
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CveStatus.java
View File

@@ -1,63 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for cveStatus.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="cveStatus">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="CANDIDATE"/>
* &lt;enumeration value="ENTRY"/>
* &lt;enumeration value="DEPRECATED"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "cveStatus", namespace = "http://scap.nist.gov/schema/cve/0.1")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum CveStatus {
CANDIDATE,
ENTRY,
DEPRECATED;
public String value() {
return name();
}
public static CveStatus fromValue(String v) {
return valueOf(v);
}
}

178
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CveType.java
View File

@@ -1,178 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* <p>Java class for cveType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="cveType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="status" type="{http://scap.nist.gov/schema/cve/0.1}cveStatus" minOccurs="0"/>
* &lt;element name="description" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
* &lt;element name="references" type="{http://scap.nist.gov/schema/scap-core/0.1}referenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute name="id" use="required" type="{http://scap.nist.gov/schema/cve/0.1}cveNamePatternType" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "cveType", namespace = "http://scap.nist.gov/schema/cve/0.1", propOrder = {
"status",
"description",
"references"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CveType {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CveStatus status;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String description;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<ReferenceType> references;
@XmlAttribute(required = true)
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String id;
/**
* Gets the value of the status property.
*
* @return possible object is
* {@link CveStatus }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CveStatus getStatus() {
return status;
}
/**
* Sets the value of the status property.
*
* @param value allowed object is
* {@link CveStatus }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setStatus(CveStatus value) {
this.status = value;
}
/**
* Gets the value of the description property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getDescription() {
return description;
}
/**
* Sets the value of the description property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setDescription(String value) {
this.description = value;
}
/**
* Gets the value of the references property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the references property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getReferences().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link ReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<ReferenceType> getReferences() {
if (references == null) {
references = new ArrayList<ReferenceType>();
}
return this.references;
}
/**
* Gets the value of the id property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getId() {
return id;
}
/**
* Sets the value of the id property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setId(String value) {
this.id = value;
}
}

59
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CvssImpactType.java
View File

@@ -1,59 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for cvssImpactType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="cvssImpactType">
* &lt;complexContent>
* &lt;restriction base="{http://scap.nist.gov/schema/cvss-v2/0.2}cvssType">
* &lt;sequence>
* &lt;element name="base_metrics" type="{http://scap.nist.gov/schema/cvss-v2/0.2}baseMetricsType"/>
* &lt;element name="environmental_metrics" type="{http://scap.nist.gov/schema/cvss-v2/0.2}environmentalMetricsType" minOccurs="0"/>
* &lt;element name="temporal_metrics" type="{http://scap.nist.gov/schema/cvss-v2/0.2}temporalMetricsType" minOccurs="0"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "cvssImpactType")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CvssImpactType
extends CvssType {
}

170
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CvssType.java
View File

@@ -1,170 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlSeeAlso;
import javax.xml.bind.annotation.XmlType;
/**
* "This schema was intentionally designed to avoid mixing classes and
* attributes between CVSS version 1, CVSS version 2, and future versions.
* Scores in the CVSS system are interdependent. The temporal score is a
* multiplier of the base score. The environmental score, in turn, is a
* multiplier of the temporal score. The ability to transfer these scores
* independently is provided on the assumption that the user understands the
* business logic. For any given metric, it is preferred that the score, as a
* minimum is provided, however the score can be re-created from the metrics or
* the multiplier and any scores they are dependent on."
*
* <p>Java class for cvssType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="cvssType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="base_metrics" type="{http://scap.nist.gov/schema/cvss-v2/0.2}baseMetricsType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="environmental_metrics" type="{http://scap.nist.gov/schema/cvss-v2/0.2}environmentalMetricsType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="temporal_metrics" type="{http://scap.nist.gov/schema/cvss-v2/0.2}temporalMetricsType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "cvssType", propOrder = {
"baseMetrics",
"environmentalMetrics",
"temporalMetrics"
})
@XmlSeeAlso({
CvssImpactType.class
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CvssType {
@XmlElement(name = "base_metrics")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<BaseMetricsType> baseMetrics;
@XmlElement(name = "environmental_metrics")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<EnvironmentalMetricsType> environmentalMetrics;
@XmlElement(name = "temporal_metrics")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<TemporalMetricsType> temporalMetrics;
/**
* Gets the value of the baseMetrics property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the baseMetrics property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getBaseMetrics().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link BaseMetricsType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<BaseMetricsType> getBaseMetrics() {
if (baseMetrics == null) {
baseMetrics = new ArrayList<BaseMetricsType>();
}
return this.baseMetrics;
}
/**
* Gets the value of the environmentalMetrics property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the environmentalMetrics property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getEnvironmentalMetrics().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link EnvironmentalMetricsType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<EnvironmentalMetricsType> getEnvironmentalMetrics() {
if (environmentalMetrics == null) {
environmentalMetrics = new ArrayList<EnvironmentalMetricsType>();
}
return this.environmentalMetrics;
}
/**
* Gets the value of the temporalMetrics property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the temporalMetrics property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getTemporalMetrics().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link TemporalMetricsType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<TemporalMetricsType> getTemporalMetrics() {
if (temporalMetrics == null) {
temporalMetrics = new ArrayList<TemporalMetricsType>();
}
return this.temporalMetrics;
}
}

86
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/CweReferenceType.java
View File

@@ -1,86 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* <p>Java class for cweReferenceType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="cweReferenceType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;attribute name="id" use="required" type="{http://scap.nist.gov/schema/scap-core/0.1}cweNamePatternType" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "cweReferenceType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class CweReferenceType {
@XmlAttribute(required = true)
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String id;
/**
* Gets the value of the id property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getId() {
return id;
}
/**
* Sets the value of the id property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setId(String value) {
this.id = value;
}
}

291
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/EnvironmentalMetricsType.java
View File

@@ -1,291 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.math.BigDecimal;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.datatype.XMLGregorianCalendar;
/**
* <p>Java class for environmentalMetricsType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="environmentalMetricsType">
* &lt;complexContent>
* &lt;extension base="{http://scap.nist.gov/schema/cvss-v2/0.2}metricsType">
* &lt;sequence>
* &lt;element name="score" type="{http://scap.nist.gov/schema/cvss-v2/0.2}zeroToTenDecimalType" minOccurs="0"/>
* &lt;group ref="{http://scap.nist.gov/schema/cvss-v2/0.2}environmentalVectorsGroup"/>
* &lt;element name="source" type="{http://www.w3.org/2001/XMLSchema}anyURI"/>
* &lt;element name="generated-on-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
* &lt;/sequence>
* &lt;/extension>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "environmentalMetricsType", propOrder = {
"score",
"collateralDamagePotential",
"targetDistribution",
"confidentialityRequirement",
"integrityRequirement",
"availabilityRequirement",
"source",
"generatedOnDatetime"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class EnvironmentalMetricsType
extends MetricsType {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal score;
@XmlElement(name = "collateral-damage-potential")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CollateralDamagePotentialType collateralDamagePotential;
@XmlElement(name = "target-distribution")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected TargetDistributionType targetDistribution;
@XmlElement(name = "confidentiality-requirement")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaRequirementType confidentialityRequirement;
@XmlElement(name = "integrity-requirement")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaRequirementType integrityRequirement;
@XmlElement(name = "availability-requirement")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CiaRequirementType availabilityRequirement;
@XmlElement(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String source;
@XmlElement(name = "generated-on-datetime")
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar generatedOnDatetime;
/**
* Gets the value of the score property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getScore() {
return score;
}
/**
* Sets the value of the score property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setScore(BigDecimal value) {
this.score = value;
}
/**
* Gets the value of the collateralDamagePotential property.
*
* @return possible object is
* {@link CollateralDamagePotentialType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CollateralDamagePotentialType getCollateralDamagePotential() {
return collateralDamagePotential;
}
/**
* Sets the value of the collateralDamagePotential property.
*
* @param value allowed object is
* {@link CollateralDamagePotentialType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setCollateralDamagePotential(CollateralDamagePotentialType value) {
this.collateralDamagePotential = value;
}
/**
* Gets the value of the targetDistribution property.
*
* @return possible object is
* {@link TargetDistributionType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public TargetDistributionType getTargetDistribution() {
return targetDistribution;
}
/**
* Sets the value of the targetDistribution property.
*
* @param value allowed object is
* {@link TargetDistributionType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setTargetDistribution(TargetDistributionType value) {
this.targetDistribution = value;
}
/**
* Gets the value of the confidentialityRequirement property.
*
* @return possible object is
* {@link CiaRequirementType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaRequirementType getConfidentialityRequirement() {
return confidentialityRequirement;
}
/**
* Sets the value of the confidentialityRequirement property.
*
* @param value allowed object is
* {@link CiaRequirementType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setConfidentialityRequirement(CiaRequirementType value) {
this.confidentialityRequirement = value;
}
/**
* Gets the value of the integrityRequirement property.
*
* @return possible object is
* {@link CiaRequirementType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaRequirementType getIntegrityRequirement() {
return integrityRequirement;
}
/**
* Sets the value of the integrityRequirement property.
*
* @param value allowed object is
* {@link CiaRequirementType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setIntegrityRequirement(CiaRequirementType value) {
this.integrityRequirement = value;
}
/**
* Gets the value of the availabilityRequirement property.
*
* @return possible object is
* {@link CiaRequirementType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CiaRequirementType getAvailabilityRequirement() {
return availabilityRequirement;
}
/**
* Sets the value of the availabilityRequirement property.
*
* @param value allowed object is
* {@link CiaRequirementType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setAvailabilityRequirement(CiaRequirementType value) {
this.availabilityRequirement = value;
}
/**
* Gets the value of the source property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSource() {
return source;
}
/**
* Sets the value of the source property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSource(String value) {
this.source = value;
}
/**
* Gets the value of the generatedOnDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getGeneratedOnDatetime() {
return generatedOnDatetime;
}
/**
* Sets the value of the generatedOnDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setGeneratedOnDatetime(XMLGregorianCalendar value) {
this.generatedOnDatetime = value;
}
}

67
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/ExploitabilityEnumType.java
View File

@@ -1,67 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for exploitabilityEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="exploitabilityEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="UNPROVEN"/>
* &lt;enumeration value="PROOF_OF_CONCEPT"/>
* &lt;enumeration value="FUNCTIONAL"/>
* &lt;enumeration value="HIGH"/>
* &lt;enumeration value="NOT_DEFINED"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "exploitabilityEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum ExploitabilityEnumType {
UNPROVEN,
PROOF_OF_CONCEPT,
FUNCTIONAL,
HIGH,
NOT_DEFINED;
public String value() {
return name();
}
public static ExploitabilityEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/ExploitabilityType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for exploitabilityType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="exploitabilityType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>exploitabilityEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "exploitabilityType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class ExploitabilityType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected ExploitabilityEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link ExploitabilityEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public ExploitabilityEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link ExploitabilityEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(ExploitabilityEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

86
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/FactRefType.java
View File

@@ -1,86 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
/**
* The fact-ref element appears as a child of a logical-test element. It is
* simply a reference to a CPE Name that always evaluates to a Boolean result.
*
* <p>Java class for FactRefType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="FactRefType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;attribute name="name" use="required" type="{http://cpe.mitre.org/language/2.0}namePattern" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "FactRefType", namespace = "http://cpe.mitre.org/language/2.0")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class FactRefType {
@XmlAttribute(required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String name;
/**
* Gets the value of the name property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setName(String value) {
this.name = value;
}
}

67
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/FixActionDescriptionEnumType.java
View File

@@ -1,67 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for fixActionDescriptionEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="fixActionDescriptionEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="PATCH"/>
* &lt;enumeration value="SOFTWARE_UPDATE"/>
* &lt;enumeration value="CONFIGURATION_CHANGE"/>
* &lt;enumeration value="POLICY_CHANGE"/>
* &lt;enumeration value="EXTERNAL_MITIGATION"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "fixActionDescriptionEnumType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum FixActionDescriptionEnumType {
PATCH,
SOFTWARE_UPDATE,
CONFIGURATION_CHANGE,
POLICY_CHANGE,
EXTERNAL_MITIGATION;
public String value() {
return name();
}
public static FixActionDescriptionEnumType fromValue(String v) {
return valueOf(v);
}
}

493
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/FixActionType.java
View File

@@ -1,493 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* A single fix action should only cover a single patch application, software
* update, configuration change, or external fix. Dependencies should be
* documented by using the "next_fix_action" element to point to a recursive
* list of fix actions.
*
* <p>Java class for fixActionType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="fixActionType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element ref="{http://scap.nist.gov/schema/patch/0.1}patch" minOccurs="0"/>
* &lt;element name="configuration-remediation" type="{http://scap.nist.gov/schema/vulnerability/0.4}vulnerabilityReferenceType" minOccurs="0"/>
* &lt;element name="software-update" type="{http://scap.nist.gov/schema/scap-core/0.1}cpeNamePatternType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="notes" type="{http://www.w3.org/2001/XMLSchema}string" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="deprecated-by" type="{http://scap.nist.gov/schema/scap-core/0.1}cpeNamePatternType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="next-fix-action" type="{http://scap.nist.gov/schema/vulnerability/0.4}fixActionType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="fix-action-tool-configuration" type="{http://scap.nist.gov/schema/vulnerability/0.4}toolConfigurationType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="applicable-configuration" type="{http://cpe.mitre.org/language/2.0}PlatformType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="effectiveness" type="{http://scap.nist.gov/schema/vulnerability/0.4}fixEffectivenessEnumType" minOccurs="0"/>
* &lt;element name="applicable-check" type="{http://scap.nist.gov/schema/scap-core/0.1}checkReferenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute name="fix_action_description" use="required" type="{http://scap.nist.gov/schema/vulnerability/0.4}fixActionDescriptionEnumType" />
* &lt;attribute name="fix_action_type" use="required" type="{http://scap.nist.gov/schema/vulnerability/0.4}fixActionTypeEnumType" />
* &lt;attribute name="id" use="required" type="{http://www.w3.org/2001/XMLSchema}token" />
* &lt;attribute name="source" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "fixActionType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4", propOrder = {
"patch",
"configurationRemediation",
"softwareUpdates",
"notes",
"deprecatedBies",
"nextFixActions",
"fixActionToolConfigurations",
"applicableConfigurations",
"effectiveness",
"applicableChecks"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class FixActionType {
@XmlElement(namespace = "http://scap.nist.gov/schema/patch/0.1")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Patch patch;
@XmlElement(name = "configuration-remediation")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected VulnerabilityReferenceType configurationRemediation;
@XmlElement(name = "software-update")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<String> softwareUpdates;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<String> notes;
@XmlElement(name = "deprecated-by")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<String> deprecatedBies;
@XmlElement(name = "next-fix-action")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<FixActionType> nextFixActions;
@XmlElement(name = "fix-action-tool-configuration")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<ToolConfigurationType> fixActionToolConfigurations;
@XmlElement(name = "applicable-configuration")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<PlatformType> applicableConfigurations;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected FixEffectivenessEnumType effectiveness;
@XmlElement(name = "applicable-check")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<CheckReferenceType> applicableChecks;
@XmlAttribute(name = "fix_action_description", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected FixActionDescriptionEnumType fixActionDescription;
@XmlAttribute(name = "fix_action_type", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected FixActionTypeEnumType fixActionType;
@XmlAttribute(required = true)
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "token")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String id;
@XmlAttribute(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String source;
/**
* Gets the value of the patch property.
*
* @return possible object is
* {@link Patch }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Patch getPatch() {
return patch;
}
/**
* Sets the value of the patch property.
*
* @param value allowed object is
* {@link Patch }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setPatch(Patch value) {
this.patch = value;
}
/**
* Gets the value of the configurationRemediation property.
*
* @return possible object is
* {@link VulnerabilityReferenceType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public VulnerabilityReferenceType getConfigurationRemediation() {
return configurationRemediation;
}
/**
* Sets the value of the configurationRemediation property.
*
* @param value allowed object is
* {@link VulnerabilityReferenceType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setConfigurationRemediation(VulnerabilityReferenceType value) {
this.configurationRemediation = value;
}
/**
* Gets the value of the softwareUpdates property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the softwareUpdates property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getSoftwareUpdates().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link String }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<String> getSoftwareUpdates() {
if (softwareUpdates == null) {
softwareUpdates = new ArrayList<String>();
}
return this.softwareUpdates;
}
/**
* Gets the value of the notes property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the notes property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getNotes().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link String }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<String> getNotes() {
if (notes == null) {
notes = new ArrayList<String>();
}
return this.notes;
}
/**
* Gets the value of the deprecatedBies property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the deprecatedBies property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getDeprecatedBies().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link String }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<String> getDeprecatedBies() {
if (deprecatedBies == null) {
deprecatedBies = new ArrayList<String>();
}
return this.deprecatedBies;
}
/**
* Gets the value of the nextFixActions property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the nextFixActions property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getNextFixActions().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link FixActionType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<FixActionType> getNextFixActions() {
if (nextFixActions == null) {
nextFixActions = new ArrayList<FixActionType>();
}
return this.nextFixActions;
}
/**
* Gets the value of the fixActionToolConfigurations property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the fixActionToolConfigurations property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getFixActionToolConfigurations().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link ToolConfigurationType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<ToolConfigurationType> getFixActionToolConfigurations() {
if (fixActionToolConfigurations == null) {
fixActionToolConfigurations = new ArrayList<ToolConfigurationType>();
}
return this.fixActionToolConfigurations;
}
/**
* Gets the value of the applicableConfigurations property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the applicableConfigurations property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getApplicableConfigurations().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link PlatformType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<PlatformType> getApplicableConfigurations() {
if (applicableConfigurations == null) {
applicableConfigurations = new ArrayList<PlatformType>();
}
return this.applicableConfigurations;
}
/**
* Gets the value of the effectiveness property.
*
* @return possible object is
* {@link FixEffectivenessEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public FixEffectivenessEnumType getEffectiveness() {
return effectiveness;
}
/**
* Sets the value of the effectiveness property.
*
* @param value allowed object is
* {@link FixEffectivenessEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setEffectiveness(FixEffectivenessEnumType value) {
this.effectiveness = value;
}
/**
* Gets the value of the applicableChecks property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the applicableChecks property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getApplicableChecks().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link CheckReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<CheckReferenceType> getApplicableChecks() {
if (applicableChecks == null) {
applicableChecks = new ArrayList<CheckReferenceType>();
}
return this.applicableChecks;
}
/**
* Gets the value of the fixActionDescription property.
*
* @return possible object is
* {@link FixActionDescriptionEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public FixActionDescriptionEnumType getFixActionDescription() {
return fixActionDescription;
}
/**
* Sets the value of the fixActionDescription property.
*
* @param value allowed object is
* {@link FixActionDescriptionEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setFixActionDescription(FixActionDescriptionEnumType value) {
this.fixActionDescription = value;
}
/**
* Gets the value of the fixActionType property.
*
* @return possible object is
* {@link FixActionTypeEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public FixActionTypeEnumType getFixActionType() {
return fixActionType;
}
/**
* Sets the value of the fixActionType property.
*
* @param value allowed object is
* {@link FixActionTypeEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setFixActionType(FixActionTypeEnumType value) {
this.fixActionType = value;
}
/**
* Gets the value of the id property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getId() {
return id;
}
/**
* Sets the value of the id property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setId(String value) {
this.id = value;
}
/**
* Gets the value of the source property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSource() {
return source;
}
/**
* Sets the value of the source property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSource(String value) {
this.source = value;
}
}

61
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/FixActionTypeEnumType.java
View File

@@ -1,61 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for fixActionTypeEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="fixActionTypeEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="MITIGATION"/>
* &lt;enumeration value="REMEDIATION"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "fixActionTypeEnumType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum FixActionTypeEnumType {
MITIGATION,
REMEDIATION;
public String value() {
return name();
}
public static FixActionTypeEnumType fromValue(String v) {
return valueOf(v);
}
}

61
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/FixEffectivenessEnumType.java
View File

@@ -1,61 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for fixEffectivenessEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="fixEffectivenessEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="PARTIAL"/>
* &lt;enumeration value="COMPLETE"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "fixEffectivenessEnumType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum FixEffectivenessEnumType {
PARTIAL,
COMPLETE;
public String value() {
return name();
}
public static FixEffectivenessEnumType fromValue(String v) {
return valueOf(v);
}
}

183
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/LogicalTest.java
View File

@@ -1,183 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlType;
/**
* The logical-test element appears as a child of a platform element, and may
* also be nested to create more complex logical tests. The content consists of
* one or more elements: fact-ref, and logical-test children are permitted. The
* operator to be applied, and optional negation of the test, are given as
* attributes.
*
* <p>Java class for LogicalTestType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="LogicalTestType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="logical-test" type="{http://cpe.mitre.org/language/2.0}LogicalTestType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="fact-ref" type="{http://cpe.mitre.org/language/2.0}FactRefType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute name="operator" use="required" type="{http://cpe.mitre.org/language/2.0}operatorEnumeration" />
* &lt;attribute name="negate" use="required" type="{http://www.w3.org/2001/XMLSchema}boolean" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "LogicalTestType", namespace = "http://cpe.mitre.org/language/2.0", propOrder = {
"logicalTests",
"factReves"
})
@XmlRootElement(name = "logical-test", namespace = "http://cpe.mitre.org/language/2.0")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class LogicalTest {
@XmlElement(name = "logical-test")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<LogicalTest> logicalTests;
@XmlElement(name = "fact-ref")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<FactRefType> factReves;
@XmlAttribute(required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected OperatorEnumeration operator;
@XmlAttribute(required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected boolean negate;
/**
* Gets the value of the logicalTests property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the logicalTests property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getLogicalTests().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link LogicalTest }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<LogicalTest> getLogicalTests() {
if (logicalTests == null) {
logicalTests = new ArrayList<LogicalTest>();
}
return this.logicalTests;
}
/**
* Gets the value of the factReves property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the factReves property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getFactReves().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link FactRefType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<FactRefType> getFactReves() {
if (factReves == null) {
factReves = new ArrayList<FactRefType>();
}
return this.factReves;
}
/**
* Gets the value of the operator property.
*
* @return possible object is
* {@link OperatorEnumeration }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public OperatorEnumeration getOperator() {
return operator;
}
/**
* Sets the value of the operator property.
*
* @param value allowed object is
* {@link OperatorEnumeration }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setOperator(OperatorEnumeration value) {
this.operator = value;
}
/**
* Gets the value of the negate property.
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isNegate() {
return negate;
}
/**
* Sets the value of the negate property.
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setNegate(boolean value) {
this.negate = value;
}
}

92
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/MetricsType.java
View File

@@ -1,92 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.math.BigDecimal;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlSeeAlso;
import javax.xml.bind.annotation.XmlType;
/**
* Base type for metrics that defines common attributes of all metrics.
*
* <p>Java class for metricsType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="metricsType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;attribute name="upgraded-from-version" type="{http://www.w3.org/2001/XMLSchema}decimal" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "metricsType")
@XmlSeeAlso({
TemporalMetricsType.class,
BaseMetricsType.class,
EnvironmentalMetricsType.class
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public abstract class MetricsType {
@XmlAttribute(name = "upgraded-from-version")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal upgradedFromVersion;
/**
* Gets the value of the upgradedFromVersion property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getUpgradedFromVersion() {
return upgradedFromVersion;
}
/**
* Sets the value of the upgradedFromVersion property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setUpgradedFromVersion(BigDecimal value) {
this.upgradedFromVersion = value;
}
}

96
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/NotesType.java
View File

@@ -1,96 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* The notesType defines an element that consists of one or more child note
* elements. It is assumed that each of these note elements are representative
* of the same language as defined by their parent.
*
* <p>Java class for notesType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="notesType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="note" type="{http://scap.nist.gov/schema/scap-core/0.1}textType" maxOccurs="unbounded"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "notesType", namespace = "http://scap.nist.gov/schema/scap-core/0.1", propOrder = {
"notes"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class NotesType {
@XmlElement(name = "note", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<TextType2> notes;
/**
* Gets the value of the notes property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the notes property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getNotes().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link TextType2 }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<TextType2> getNotes() {
if (notes == null) {
notes = new ArrayList<TextType2>();
}
return this.notes;
}
}

155
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/Nvd.java
View File

@@ -1,155 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.datatype.XMLGregorianCalendar;
/**
* <p>Java class for anonymous complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType>
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element ref="{http://scap.nist.gov/schema/feed/vulnerability/2.0}entry" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute name="nvd_xml_version" use="required" type="{http://www.w3.org/2001/XMLSchema}decimal" />
* &lt;attribute name="pub_date" use="required" type="{http://www.w3.org/2001/XMLSchema}dateTime" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "", propOrder = {
"entries"
})
@XmlRootElement(name = "nvd", namespace = "http://scap.nist.gov/schema/feed/vulnerability/2.0")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class Nvd {
@XmlElement(name = "entry", namespace = "http://scap.nist.gov/schema/feed/vulnerability/2.0")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<VulnerabilityType> entries;
@XmlAttribute(name = "nvd_xml_version", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal nvdXmlVersion;
@XmlAttribute(name = "pub_date", required = true)
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar pubDate;
/**
* A CVE entry.Gets the value of the entries property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the entries property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getEntries().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link VulnerabilityType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<VulnerabilityType> getEntries() {
if (entries == null) {
entries = new ArrayList<VulnerabilityType>();
}
return this.entries;
}
/**
* Gets the value of the nvdXmlVersion property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getNvdXmlVersion() {
return nvdXmlVersion;
}
/**
* Sets the value of the nvdXmlVersion property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setNvdXmlVersion(BigDecimal value) {
this.nvdXmlVersion = value;
}
/**
* Gets the value of the pubDate property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getPubDate() {
return pubDate;
}
/**
* Sets the value of the pubDate property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setPubDate(XMLGregorianCalendar value) {
this.pubDate = value;
}
}

423
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/ObjectFactory.java
View File

@@ -1,423 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.xml.bind.JAXBElement;
import javax.xml.bind.annotation.XmlElementDecl;
import javax.xml.bind.annotation.XmlRegistry;
import javax.xml.namespace.QName;
/**
* This object contains factory methods for each Java content interface and Java
* element interface generated in the
* org.codesecure.dependencycheck.data.nvdcve.generated package. <p>An
* ObjectFactory allows you to programatically construct new instances of the
* Java representation for XML content. The Java representation of XML content
* can consist of schema derived interfaces and classes representing the binding
* of schema type definitions, element declarations and model groups. Factory
* methods for each of these are provided in this class.
*
*/
@XmlRegistry
public class ObjectFactory {
private final static QName _Entry_QNAME = new QName("http://scap.nist.gov/schema/feed/vulnerability/2.0", "entry");
private final static QName _Vulnerability_QNAME = new QName("http://scap.nist.gov/schema/vulnerability/0.4", "vulnerability");
private final static QName _SearchableCpeReferencesTypeCpeName_QNAME = new QName("http://scap.nist.gov/schema/scap-core/0.1", "cpe-name");
private final static QName _SearchableCpeReferencesTypeCpeSearchableName_QNAME = new QName("http://scap.nist.gov/schema/scap-core/0.1", "cpe-searchable-name");
/**
* Create a new ObjectFactory that can be used to create new instances of
* schema derived classes for package:
* org.codesecure.dependencycheck.data.nvdcve.generated
*
*/
public ObjectFactory() {
}
/**
* Create an instance of {@link AccessComplexityType }
*
*/
public AccessComplexityType createAccessComplexityType() {
return new AccessComplexityType();
}
/**
* Create an instance of {@link ExploitabilityType }
*
*/
public ExploitabilityType createExploitabilityType() {
return new ExploitabilityType();
}
/**
* Create an instance of {@link ConfidenceType }
*
*/
public ConfidenceType createConfidenceType() {
return new ConfidenceType();
}
/**
* Create an instance of {@link TemporalMetricsType }
*
*/
public TemporalMetricsType createTemporalMetricsType() {
return new TemporalMetricsType();
}
/**
* Create an instance of {@link FactRefType }
*
*/
public FactRefType createFactRefType() {
return new FactRefType();
}
/**
* Create an instance of {@link VulnerableSoftwareType }
*
*/
public VulnerableSoftwareType createVulnerableSoftwareType() {
return new VulnerableSoftwareType();
}
/**
* Create an instance of {@link CveType }
*
*/
public CveType createCveType() {
return new CveType();
}
/**
* Create an instance of {@link AssociatedExploitLocationType }
*
*/
public AssociatedExploitLocationType createAssociatedExploitLocationType() {
return new AssociatedExploitLocationType();
}
/**
* Create an instance of {@link SearchableCpeReferencesType }
*
*/
public SearchableCpeReferencesType createSearchableCpeReferencesType() {
return new SearchableCpeReferencesType();
}
/**
* Create an instance of {@link CvssImpactType }
*
*/
public CvssImpactType createCvssImpactType() {
return new CvssImpactType();
}
/**
* Create an instance of {@link CweReferenceType }
*
*/
public CweReferenceType createCweReferenceType() {
return new CweReferenceType();
}
/**
* Create an instance of {@link CceParameterType }
*
*/
public CceParameterType createCceParameterType() {
return new CceParameterType();
}
/**
* Create an instance of {@link FixActionType }
*
*/
public FixActionType createFixActionType() {
return new FixActionType();
}
/**
* Create an instance of {@link OsvdbExtensionType }
*
*/
public OsvdbExtensionType createOsvdbExtensionType() {
return new OsvdbExtensionType();
}
/**
* Create an instance of {@link CheckSearchType }
*
*/
public CheckSearchType createCheckSearchType() {
return new CheckSearchType();
}
/**
* Create an instance of {@link RemediationLevelType }
*
*/
public RemediationLevelType createRemediationLevelType() {
return new RemediationLevelType();
}
/**
* Create an instance of {@link ToolConfigurationType }
*
*/
public ToolConfigurationType createToolConfigurationType() {
return new ToolConfigurationType();
}
/**
* Create an instance of {@link TextType1 }
*
*/
public TextType1 createTextType1() {
return new TextType1();
}
/**
* Create an instance of {@link PlatformSpecification }
*
*/
public PlatformSpecification createPlatformSpecification() {
return new PlatformSpecification();
}
/**
* Create an instance of {@link NotesType }
*
*/
public NotesType createNotesType() {
return new NotesType();
}
/**
* Create an instance of {@link CollateralDamagePotentialType }
*
*/
public CollateralDamagePotentialType createCollateralDamagePotentialType() {
return new CollateralDamagePotentialType();
}
/**
* Create an instance of {@link BaseMetricsType }
*
*/
public BaseMetricsType createBaseMetricsType() {
return new BaseMetricsType();
}
/**
* Create an instance of {@link CheckReferenceType }
*
*/
public CheckReferenceType createCheckReferenceType() {
return new CheckReferenceType();
}
/**
* Create an instance of {@link ReferenceType }
*
*/
public ReferenceType createReferenceType() {
return new ReferenceType();
}
/**
* Create an instance of {@link VulnerabilityReferenceType }
*
*/
public VulnerabilityReferenceType createVulnerabilityReferenceType() {
return new VulnerabilityReferenceType();
}
/**
* Create an instance of {@link CiaRequirementType }
*
*/
public CiaRequirementType createCiaRequirementType() {
return new CiaRequirementType();
}
/**
* Create an instance of {@link CvssType }
*
*/
public CvssType createCvssType() {
return new CvssType();
}
/**
* Create an instance of {@link TargetDistributionType }
*
*/
public TargetDistributionType createTargetDistributionType() {
return new TargetDistributionType();
}
/**
* Create an instance of {@link VulnerabilityType }
*
*/
public VulnerabilityType createVulnerabilityType() {
return new VulnerabilityType();
}
/**
* Create an instance of {@link Nvd }
*
*/
public Nvd createNvd() {
return new Nvd();
}
/**
* Create an instance of {@link Patch }
*
*/
public Patch createPatch() {
return new Patch();
}
/**
* Create an instance of {@link EnvironmentalMetricsType }
*
*/
public EnvironmentalMetricsType createEnvironmentalMetricsType() {
return new EnvironmentalMetricsType();
}
/**
* Create an instance of {@link LogicalTest }
*
*/
public LogicalTest createLogicalTest() {
return new LogicalTest();
}
/**
* Create an instance of {@link TextType2 }
*
*/
public TextType2 createTextType2() {
return new TextType2();
}
/**
* Create an instance of {@link AccessVectorType }
*
*/
public AccessVectorType createAccessVectorType() {
return new AccessVectorType();
}
/**
* Create an instance of {@link AuthenticationType }
*
*/
public AuthenticationType createAuthenticationType() {
return new AuthenticationType();
}
/**
* Create an instance of {@link Patch.References }
*
*/
public Patch.References createPatchReferences() {
return new Patch.References();
}
/**
* Create an instance of {@link TagType }
*
*/
public TagType createTagType() {
return new TagType();
}
/**
* Create an instance of {@link CceType }
*
*/
public CceType createCceType() {
return new CceType();
}
/**
* Create an instance of {@link PlatformType }
*
*/
public PlatformType createPlatformType() {
return new PlatformType();
}
/**
* Create an instance of {@link CiaType }
*
*/
public CiaType createCiaType() {
return new CiaType();
}
/**
* Create an instance of {@link JAXBElement }{@code <}{@link VulnerabilityType }{@code >}}
*
*/
@XmlElementDecl(namespace = "http://scap.nist.gov/schema/feed/vulnerability/2.0", name = "entry")
public JAXBElement<VulnerabilityType> createEntry(VulnerabilityType value) {
return new JAXBElement<VulnerabilityType>(_Entry_QNAME, VulnerabilityType.class, null, value);
}
/**
* Create an instance of {@link JAXBElement }{@code <}{@link VulnerabilityType }{@code >}}
*
*/
@XmlElementDecl(namespace = "http://scap.nist.gov/schema/vulnerability/0.4", name = "vulnerability")
public JAXBElement<VulnerabilityType> createVulnerability(VulnerabilityType value) {
return new JAXBElement<VulnerabilityType>(_Vulnerability_QNAME, VulnerabilityType.class, null, value);
}
/**
* Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >}}
*
*/
@XmlElementDecl(namespace = "http://scap.nist.gov/schema/scap-core/0.1", name = "cpe-name", scope = SearchableCpeReferencesType.class)
public JAXBElement<String> createSearchableCpeReferencesTypeCpeName(String value) {
return new JAXBElement<String>(_SearchableCpeReferencesTypeCpeName_QNAME, String.class, SearchableCpeReferencesType.class, value);
}
/**
* Create an instance of {@link JAXBElement }{@code <}{@link String }{@code >}}
*
*/
@XmlElementDecl(namespace = "http://scap.nist.gov/schema/scap-core/0.1", name = "cpe-searchable-name", scope = SearchableCpeReferencesType.class)
public JAXBElement<String> createSearchableCpeReferencesTypeCpeSearchableName(String value) {
return new JAXBElement<String>(_SearchableCpeReferencesTypeCpeSearchableName_QNAME, String.class, SearchableCpeReferencesType.class, value);
}
}

61
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/OperatorEnumeration.java
View File

@@ -1,61 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for operatorEnumeration.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="operatorEnumeration">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}string">
* &lt;enumeration value="AND"/>
* &lt;enumeration value="OR"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "operatorEnumeration", namespace = "http://cpe.mitre.org/language/2.0")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum OperatorEnumeration {
AND,
OR;
public String value() {
return name();
}
public static OperatorEnumeration fromValue(String v) {
return valueOf(v);
}
}

87
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/OsvdbExtensionType.java
View File

@@ -1,87 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for osvdbExtensionType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="osvdbExtensionType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="exploit-location" type="{http://scap.nist.gov/schema/vulnerability/0.4}associatedExploitLocationType"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "osvdbExtensionType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4", propOrder = {
"exploitLocation"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class OsvdbExtensionType {
@XmlElement(name = "exploit-location", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected AssociatedExploitLocationType exploitLocation;
/**
* Gets the value of the exploitLocation property.
*
* @return possible object is
* {@link AssociatedExploitLocationType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public AssociatedExploitLocationType getExploitLocation() {
return exploitLocation;
}
/**
* Sets the value of the exploitLocation property.
*
* @param value allowed object is
* {@link AssociatedExploitLocationType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setExploitLocation(AssociatedExploitLocationType value) {
this.exploitLocation = value;
}
}

414
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/Patch.java
View File

@@ -1,414 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for patchType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="patchType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="title" type="{http://scap.nist.gov/schema/scap-core/0.1}textType" minOccurs="0"/>
* &lt;element name="references" minOccurs="0">
* &lt;complexType>
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="reference" type="{http://scap.nist.gov/schema/scap-core/0.1}referenceType" maxOccurs="unbounded"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* &lt;/element>
* &lt;element name="notes" type="{http://scap.nist.gov/schema/scap-core/0.1}notesType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="check" type="{http://scap.nist.gov/schema/scap-core/0.1}checkReferenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="supersedes" type="{http://scap.nist.gov/schema/patch/0.1}patchType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="superseded-by" type="{http://scap.nist.gov/schema/patch/0.1}patchType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute name="identifier" use="required" type="{http://www.w3.org/2001/XMLSchema}double" />
* &lt;attribute name="name" use="required" type="{http://www.w3.org/2001/XMLSchema}string" />
* &lt;attribute name="superseded" use="required" type="{http://www.w3.org/2001/XMLSchema}boolean" />
* &lt;attribute name="deprecated" type="{http://www.w3.org/2001/XMLSchema}boolean" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "patchType", namespace = "http://scap.nist.gov/schema/patch/0.1", propOrder = {
"title",
"references",
"notes",
"checks",
"supersedes",
"supersededBies"
})
@XmlRootElement(name = "patch", namespace = "http://scap.nist.gov/schema/patch/0.1")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class Patch {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected TextType2 title;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Patch.References references;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<NotesType> notes;
@XmlElement(name = "check")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<CheckReferenceType> checks;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<Patch> supersedes;
@XmlElement(name = "superseded-by")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<Patch> supersededBies;
@XmlAttribute(required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected double identifier;
@XmlAttribute(required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String name;
@XmlAttribute(required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected boolean superseded;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean deprecated;
/**
* Gets the value of the title property.
*
* @return possible object is
* {@link TextType2 }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public TextType2 getTitle() {
return title;
}
/**
* Sets the value of the title property.
*
* @param value allowed object is
* {@link TextType2 }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setTitle(TextType2 value) {
this.title = value;
}
/**
* Gets the value of the references property.
*
* @return possible object is
* {@link Patch.References }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Patch.References getReferences() {
return references;
}
/**
* Sets the value of the references property.
*
* @param value allowed object is
* {@link Patch.References }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setReferences(Patch.References value) {
this.references = value;
}
/**
* Gets the value of the notes property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the notes property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getNotes().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link NotesType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<NotesType> getNotes() {
if (notes == null) {
notes = new ArrayList<NotesType>();
}
return this.notes;
}
/**
* Gets the value of the checks property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the checks property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getChecks().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link CheckReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<CheckReferenceType> getChecks() {
if (checks == null) {
checks = new ArrayList<CheckReferenceType>();
}
return this.checks;
}
/**
* Gets the value of the supersedes property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the supersedes property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getSupersedes().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link Patch }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<Patch> getSupersedes() {
if (supersedes == null) {
supersedes = new ArrayList<Patch>();
}
return this.supersedes;
}
/**
* Gets the value of the supersededBies property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the supersededBies property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getSupersededBies().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link Patch }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<Patch> getSupersededBies() {
if (supersededBies == null) {
supersededBies = new ArrayList<Patch>();
}
return this.supersededBies;
}
/**
* Gets the value of the identifier property.
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public double getIdentifier() {
return identifier;
}
/**
* Sets the value of the identifier property.
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setIdentifier(double value) {
this.identifier = value;
}
/**
* Gets the value of the name property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setName(String value) {
this.name = value;
}
/**
* Gets the value of the superseded property.
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isSuperseded() {
return superseded;
}
/**
* Sets the value of the superseded property.
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSuperseded(boolean value) {
this.superseded = value;
}
/**
* Gets the value of the deprecated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Boolean isDeprecated() {
return deprecated;
}
/**
* Sets the value of the deprecated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setDeprecated(Boolean value) {
this.deprecated = value;
}
/**
* <p>Java class for anonymous complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType>
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="reference" type="{http://scap.nist.gov/schema/scap-core/0.1}referenceType" maxOccurs="unbounded"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "", propOrder = {
"references"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public static class References {
@XmlElement(name = "reference", namespace = "http://scap.nist.gov/schema/patch/0.1", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<ReferenceType> references;
/**
* Gets the value of the references property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list
* will be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the references property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getReferences().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link ReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<ReferenceType> getReferences() {
if (references == null) {
references = new ArrayList<ReferenceType>();
}
return this.references;
}
}
}

94
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/PlatformSpecification.java
View File

@@ -1,94 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for anonymous complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType>
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="platform" type="{http://cpe.mitre.org/language/2.0}PlatformType" maxOccurs="unbounded"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "", propOrder = {
"platforms"
})
@XmlRootElement(name = "platform-specification", namespace = "http://cpe.mitre.org/language/2.0")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class PlatformSpecification {
@XmlElement(name = "platform", namespace = "http://cpe.mitre.org/language/2.0", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<PlatformType> platforms;
/**
* Gets the value of the platforms property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the platforms property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getPlatforms().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link PlatformType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<PlatformType> getPlatforms() {
if (platforms == null) {
platforms = new ArrayList<PlatformType>();
}
return this.platforms;
}
}

190
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/PlatformType.java
View File

@@ -1,190 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
/**
* The optional remark element may appear as a child of a platform element. It
* provides some additional description. Zero or more remark elements may
* appear. To support uses intended for multiple languages, this element
* supports the <20>xml:lang<6E> attribute. There can be multiple remarks for a single
* language.
*
* <p>Java class for PlatformType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="PlatformType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="title" type="{http://cpe.mitre.org/language/2.0}TextType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="remark" type="{http://cpe.mitre.org/language/2.0}TextType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="logical-test" type="{http://cpe.mitre.org/language/2.0}LogicalTestType"/>
* &lt;/sequence>
* &lt;attribute name="id" use="required" type="{http://www.w3.org/2001/XMLSchema}anyURI" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "PlatformType", namespace = "http://cpe.mitre.org/language/2.0", propOrder = {
"titles",
"remarks",
"logicalTest"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class PlatformType {
@XmlElement(name = "title")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<TextType1> titles;
@XmlElement(name = "remark")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<TextType1> remarks;
@XmlElement(name = "logical-test", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected LogicalTest logicalTest;
@XmlAttribute(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String id;
/**
* Gets the value of the titles property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the titles property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getTitles().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link TextType1 }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<TextType1> getTitles() {
if (titles == null) {
titles = new ArrayList<TextType1>();
}
return this.titles;
}
/**
* Gets the value of the remarks property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the remarks property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getRemarks().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link TextType1 }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<TextType1> getRemarks() {
if (remarks == null) {
remarks = new ArrayList<TextType1>();
}
return this.remarks;
}
/**
* Gets the value of the logicalTest property.
*
* @return possible object is
* {@link LogicalTest }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public LogicalTest getLogicalTest() {
return logicalTest;
}
/**
* Sets the value of the logicalTest property.
*
* @param value allowed object is
* {@link LogicalTest }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setLogicalTest(LogicalTest value) {
this.logicalTest = value;
}
/**
* Gets the value of the id property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getId() {
return id;
}
/**
* Sets the value of the id property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setId(String value) {
this.id = value;
}
}

92
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/ReferenceType.java
View File

@@ -1,92 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
/**
* Type for a reference in the description of a CPE item. This would normally be
* used to point to extra descriptive material, or the supplier's web site, or
* the platform documentation. It consists of a piece of text (intended to be
* human-readable) and a URI (intended to be a URL, and point to a real
* resource).
*
* <p>Java class for referenceType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="referenceType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/scap-core/0.1>textType">
* &lt;attribute name="href" type="{http://www.w3.org/2001/XMLSchema}anyURI" />
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "referenceType", namespace = "http://scap.nist.gov/schema/scap-core/0.1")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class ReferenceType
extends TextType2 {
@XmlAttribute
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String href;
/**
* Gets the value of the href property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getHref() {
return href;
}
/**
* Sets the value of the href property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setHref(String value) {
this.href = value;
}
}

67
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/RemediationLevelEnumType.java
View File

@@ -1,67 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for remediationLevelEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="remediationLevelEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="OFFICIAL_FIX"/>
* &lt;enumeration value="TEMPORARY_FIX"/>
* &lt;enumeration value="WORKAROUND"/>
* &lt;enumeration value="UNAVAILABLE"/>
* &lt;enumeration value="NOT_DEFINED"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "remediationLevelEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum RemediationLevelEnumType {
OFFICIAL_FIX,
TEMPORARY_FIX,
WORKAROUND,
UNAVAILABLE,
NOT_DEFINED;
public String value() {
return name();
}
public static RemediationLevelEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/RemediationLevelType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for remediationLevelType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="remediationLevelType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>remediationLevelEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "remediationLevelType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class RemediationLevelType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected RemediationLevelEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link RemediationLevelEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public RemediationLevelEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link RemediationLevelEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(RemediationLevelEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

98
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/SearchableCpeReferencesType.java
View File

@@ -1,98 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElementRef;
import javax.xml.bind.annotation.XmlElementRefs;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for searchableCpeReferencesType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="searchableCpeReferencesType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;group ref="{http://scap.nist.gov/schema/scap-core/0.1}cpeReferenceGroup" maxOccurs="unbounded"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "searchableCpeReferencesType", namespace = "http://scap.nist.gov/schema/scap-core/0.1", propOrder = {
"cpeNamesAndCpeSearchableNames"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class SearchableCpeReferencesType {
@XmlElementRefs({
@XmlElementRef(name = "cpe-searchable-name", namespace = "http://scap.nist.gov/schema/scap-core/0.1", type = JAXBElement.class),
@XmlElementRef(name = "cpe-name", namespace = "http://scap.nist.gov/schema/scap-core/0.1", type = JAXBElement.class)
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<JAXBElement<String>> cpeNamesAndCpeSearchableNames;
/**
* Gets the value of the cpeNamesAndCpeSearchableNames property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the cpeNamesAndCpeSearchableNames property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getCpeNamesAndCpeSearchableNames().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link JAXBElement }{@code <}{@link String }{@code >}
* {@link JAXBElement }{@code <}{@link String }{@code >}
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<JAXBElement<String>> getCpeNamesAndCpeSearchableNames() {
if (cpeNamesAndCpeSearchableNames == null) {
cpeNamesAndCpeSearchableNames = new ArrayList<JAXBElement<String>>();
}
return this.cpeNamesAndCpeSearchableNames;
}
}

71
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/SecurityProtectionType.java
View File

@@ -1,71 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for securityProtectionType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="securityProtectionType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="ALLOWS_ADMIN_ACCESS"/>
* &lt;enumeration value="ALLOWS_USER_ACCESS"/>
* &lt;enumeration value="ALLOWS_OTHER_ACCESS"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "securityProtectionType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum SecurityProtectionType {
/**
* gain administrative access
*
*/
ALLOWS_ADMIN_ACCESS,
/**
* gain user access
*
*/
ALLOWS_USER_ACCESS,
ALLOWS_OTHER_ACCESS;
public String value() {
return name();
}
public static SecurityProtectionType fromValue(String v) {
return valueOf(v);
}
}

118
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/TagType.java
View File

@@ -1,118 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
/**
* <p>Java class for tagType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="tagType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;attribute name="name" use="required" type="{http://www.w3.org/2001/XMLSchema}token" />
* &lt;attribute name="value" use="required" type="{http://www.w3.org/2001/XMLSchema}token" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "tagType", namespace = "http://scap.nist.gov/schema/scap-core/0.1")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class TagType {
@XmlAttribute(required = true)
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "token")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String name;
@XmlAttribute(required = true)
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@XmlSchemaType(name = "token")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String value;
/**
* Gets the value of the name property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setName(String value) {
this.name = value;
}
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(String value) {
this.value = value;
}
}

67
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/TargetDistributionEnumType.java
View File

@@ -1,67 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for targetDistributionEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="targetDistributionEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="NONE"/>
* &lt;enumeration value="LOW"/>
* &lt;enumeration value="MEDIUM"/>
* &lt;enumeration value="HIGH"/>
* &lt;enumeration value="NOT_DEFINED"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "targetDistributionEnumType")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum TargetDistributionEnumType {
NONE,
LOW,
MEDIUM,
HIGH,
NOT_DEFINED;
public String value() {
return name();
}
public static TargetDistributionEnumType fromValue(String v) {
return valueOf(v);
}
}

117
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/TargetDistributionType.java
View File

@@ -1,117 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* <p>Java class for targetDistributionType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="targetDistributionType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://scap.nist.gov/schema/cvss-v2/0.2>targetDistributionEnumType">
* &lt;attGroup ref="{http://scap.nist.gov/schema/cvss-v2/0.2}vectorAttributeGroup"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "targetDistributionType", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class TargetDistributionType {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected TargetDistributionEnumType value;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean approximated;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link TargetDistributionEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public TargetDistributionEnumType getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link TargetDistributionEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(TargetDistributionEnumType value) {
this.value = value;
}
/**
* Gets the value of the approximated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public boolean isApproximated() {
if (approximated == null) {
return false;
} else {
return approximated;
}
}
/**
* Sets the value of the approximated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setApproximated(Boolean value) {
this.approximated = value;
}
}

263
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/TemporalMetricsType.java
View File

@@ -1,263 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.math.BigDecimal;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlSchemaType;
import javax.xml.bind.annotation.XmlType;
import javax.xml.datatype.XMLGregorianCalendar;
/**
* <p>Java class for temporalMetricsType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="temporalMetricsType">
* &lt;complexContent>
* &lt;extension base="{http://scap.nist.gov/schema/cvss-v2/0.2}metricsType">
* &lt;sequence>
* &lt;element name="score" type="{http://scap.nist.gov/schema/cvss-v2/0.2}zeroToTenDecimalType" minOccurs="0"/>
* &lt;element name="temporal-multiplier" type="{http://www.w3.org/2001/XMLSchema}decimal" minOccurs="0"/>
* &lt;group ref="{http://scap.nist.gov/schema/cvss-v2/0.2}temporalVectorsGroup"/>
* &lt;element name="source" type="{http://www.w3.org/2001/XMLSchema}anyURI"/>
* &lt;element name="generated-on-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime"/>
* &lt;/sequence>
* &lt;/extension>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "temporalMetricsType", propOrder = {
"score",
"temporalMultiplier",
"exploitability",
"remediationLevel",
"reportConfidence",
"source",
"generatedOnDatetime"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class TemporalMetricsType
extends MetricsType {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal score;
@XmlElement(name = "temporal-multiplier")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected BigDecimal temporalMultiplier;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected ExploitabilityType exploitability;
@XmlElement(name = "remediation-level")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected RemediationLevelType remediationLevel;
@XmlElement(name = "report-confidence")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected ConfidenceType reportConfidence;
@XmlElement(required = true)
@XmlSchemaType(name = "anyURI")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String source;
@XmlElement(name = "generated-on-datetime", required = true)
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar generatedOnDatetime;
/**
* Gets the value of the score property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getScore() {
return score;
}
/**
* Sets the value of the score property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setScore(BigDecimal value) {
this.score = value;
}
/**
* Gets the value of the temporalMultiplier property.
*
* @return possible object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public BigDecimal getTemporalMultiplier() {
return temporalMultiplier;
}
/**
* Sets the value of the temporalMultiplier property.
*
* @param value allowed object is
* {@link BigDecimal }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setTemporalMultiplier(BigDecimal value) {
this.temporalMultiplier = value;
}
/**
* Gets the value of the exploitability property.
*
* @return possible object is
* {@link ExploitabilityType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public ExploitabilityType getExploitability() {
return exploitability;
}
/**
* Sets the value of the exploitability property.
*
* @param value allowed object is
* {@link ExploitabilityType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setExploitability(ExploitabilityType value) {
this.exploitability = value;
}
/**
* Gets the value of the remediationLevel property.
*
* @return possible object is
* {@link RemediationLevelType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public RemediationLevelType getRemediationLevel() {
return remediationLevel;
}
/**
* Sets the value of the remediationLevel property.
*
* @param value allowed object is
* {@link RemediationLevelType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setRemediationLevel(RemediationLevelType value) {
this.remediationLevel = value;
}
/**
* Gets the value of the reportConfidence property.
*
* @return possible object is
* {@link ConfidenceType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public ConfidenceType getReportConfidence() {
return reportConfidence;
}
/**
* Sets the value of the reportConfidence property.
*
* @param value allowed object is
* {@link ConfidenceType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setReportConfidence(ConfidenceType value) {
this.reportConfidence = value;
}
/**
* Gets the value of the source property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSource() {
return source;
}
/**
* Sets the value of the source property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSource(String value) {
this.source = value;
}
/**
* Gets the value of the generatedOnDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getGeneratedOnDatetime() {
return generatedOnDatetime;
}
/**
* Sets the value of the generatedOnDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setGeneratedOnDatetime(XMLGregorianCalendar value) {
this.generatedOnDatetime = value;
}
}

116
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/TextType1.java
View File

@@ -1,116 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* This type allows the xml:lang attribute to associate a specific language with
* an element's string content.
*
* <p>Java class for TextType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="TextType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://www.w3.org/2001/XMLSchema>string">
* &lt;attribute ref="{http://www.w3.org/XML/1998/namespace}lang"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "TextType", namespace = "http://cpe.mitre.org/language/2.0", propOrder = {
"value"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class TextType1 {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String value;
@XmlAttribute(namespace = "http://www.w3.org/XML/1998/namespace")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String lang;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(String value) {
this.value = value;
}
/**
* Gets the value of the lang property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getLang() {
return lang;
}
/**
* Sets the value of the lang property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setLang(String value) {
this.lang = value;
}
}

120
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/TextType2.java
View File

@@ -1,120 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlSeeAlso;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.XmlValue;
/**
* This type allows the xml:lang attribute to associate a specific language with
* an element's string content.
*
* <p>Java class for textType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="textType">
* &lt;simpleContent>
* &lt;extension base="&lt;http://www.w3.org/2001/XMLSchema>string">
* &lt;attribute ref="{http://www.w3.org/XML/1998/namespace}lang"/>
* &lt;/extension>
* &lt;/simpleContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "textType", namespace = "http://scap.nist.gov/schema/scap-core/0.1", propOrder = {
"value"
})
@XmlSeeAlso({
ReferenceType.class
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class TextType2 {
@XmlValue
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String value;
@XmlAttribute(namespace = "http://www.w3.org/XML/1998/namespace")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String lang;
/**
* Gets the value of the value property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getValue() {
return value;
}
/**
* Sets the value of the value property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setValue(String value) {
this.value = value;
}
/**
* Gets the value of the lang property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getLang() {
return lang;
}
/**
* Sets the value of the lang property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setLang(String value) {
this.lang = value;
}
}

120
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/ToolConfigurationType.java
View File

@@ -1,120 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for toolConfigurationType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="toolConfigurationType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="name" type="{http://scap.nist.gov/schema/scap-core/0.1}cpeNamePatternType" minOccurs="0"/>
* &lt;element name="definition" type="{http://scap.nist.gov/schema/scap-core/0.1}checkReferenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "toolConfigurationType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4", propOrder = {
"name",
"definitions"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class ToolConfigurationType {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String name;
@XmlElement(name = "definition")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<CheckReferenceType> definitions;
/**
* Gets the value of the name property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getName() {
return name;
}
/**
* Sets the value of the name property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setName(String value) {
this.name = value;
}
/**
* Gets the value of the definitions property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the definitions property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getDefinitions().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link CheckReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<CheckReferenceType> getDefinitions() {
if (definitions == null) {
definitions = new ArrayList<CheckReferenceType>();
}
return this.definitions;
}
}

71
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/VulnerabilityReferenceCategoryEnumType.java
View File

@@ -1,71 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for vulnerabilityReferenceCategoryEnumType.
*
* <p>The following schema fragment specifies the expected content contained
* within this class. <p>
* <pre>
* &lt;simpleType name="vulnerabilityReferenceCategoryEnumType">
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}token">
* &lt;enumeration value="PATCH"/>
* &lt;enumeration value="VENDOR_ADVISORY"/>
* &lt;enumeration value="THIRD_PARTY_ADVISORY"/>
* &lt;enumeration value="SIGNATURE_SOURCE"/>
* &lt;enumeration value="MITIGATION_PROCEDURE"/>
* &lt;enumeration value="TOOL_CONFIGURATION_DESCRIPTION"/>
* &lt;enumeration value="UNKNOWN"/>
* &lt;/restriction>
* &lt;/simpleType>
* </pre>
*
*/
@XmlType(name = "vulnerabilityReferenceCategoryEnumType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
@XmlEnum
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public enum VulnerabilityReferenceCategoryEnumType {
PATCH,
VENDOR_ADVISORY,
THIRD_PARTY_ADVISORY,
SIGNATURE_SOURCE,
MITIGATION_PROCEDURE,
TOOL_CONFIGURATION_DESCRIPTION,
UNKNOWN;
public String value() {
return name();
}
public static VulnerabilityReferenceCategoryEnumType fromValue(String v) {
return valueOf(v);
}
}

236
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/VulnerabilityReferenceType.java
View File

@@ -1,236 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* Extends the base "reference" class by adding the ability to specify which
* kind (within the vulnerability model) of reference it is. See
* "Vulnerability_Reference_Category_List" enumeration.
*
* <p>Java class for vulnerabilityReferenceType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="vulnerabilityReferenceType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="source" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
* &lt;element name="reference" type="{http://scap.nist.gov/schema/scap-core/0.1}referenceType"/>
* &lt;element name="notes" type="{http://scap.nist.gov/schema/scap-core/0.1}notesType" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute ref="{http://www.w3.org/XML/1998/namespace}lang default="en""/>
* &lt;attribute name="reference_type" use="required" type="{http://scap.nist.gov/schema/vulnerability/0.4}vulnerabilityReferenceCategoryEnumType" />
* &lt;attribute name="deprecated" type="{http://www.w3.org/2001/XMLSchema}boolean" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "vulnerabilityReferenceType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4", propOrder = {
"source",
"reference",
"notes"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class VulnerabilityReferenceType {
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String source;
@XmlElement(required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected ReferenceType reference;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected NotesType notes;
@XmlAttribute(namespace = "http://www.w3.org/XML/1998/namespace")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String lang;
@XmlAttribute(name = "reference_type", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected VulnerabilityReferenceCategoryEnumType referenceType;
@XmlAttribute
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected Boolean deprecated;
/**
* Gets the value of the source property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSource() {
return source;
}
/**
* Sets the value of the source property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSource(String value) {
this.source = value;
}
/**
* Gets the value of the reference property.
*
* @return possible object is
* {@link ReferenceType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public ReferenceType getReference() {
return reference;
}
/**
* Sets the value of the reference property.
*
* @param value allowed object is
* {@link ReferenceType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setReference(ReferenceType value) {
this.reference = value;
}
/**
* Gets the value of the notes property.
*
* @return possible object is
* {@link NotesType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public NotesType getNotes() {
return notes;
}
/**
* Sets the value of the notes property.
*
* @param value allowed object is
* {@link NotesType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setNotes(NotesType value) {
this.notes = value;
}
/**
* Gets the value of the lang property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getLang() {
if (lang == null) {
return "en";
} else {
return lang;
}
}
/**
* Sets the value of the lang property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setLang(String value) {
this.lang = value;
}
/**
* Gets the value of the referenceType property.
*
* @return possible object is
* {@link VulnerabilityReferenceCategoryEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public VulnerabilityReferenceCategoryEnumType getReferenceType() {
return referenceType;
}
/**
* Sets the value of the referenceType property.
*
* @param value allowed object is
* {@link VulnerabilityReferenceCategoryEnumType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setReferenceType(VulnerabilityReferenceCategoryEnumType value) {
this.referenceType = value;
}
/**
* Gets the value of the deprecated property.
*
* @return possible object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public Boolean isDeprecated() {
return deprecated;
}
/**
* Sets the value of the deprecated property.
*
* @param value allowed object is
* {@link Boolean }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setDeprecated(Boolean value) {
this.deprecated = value;
}
}

703
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/VulnerabilityType.java
View File

@@ -1,703 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.*;
import javax.xml.bind.annotation.adapters.CollapsedStringAdapter;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
import javax.xml.datatype.XMLGregorianCalendar;
/**
* TODO: Low priority: Add reference to notes type to allow analysts, vendor and
* other comments. Add source attribute. Maybe categorization?
*
* <p>Java class for vulnerabilityType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="vulnerabilityType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="osvdb-ext" type="{http://scap.nist.gov/schema/vulnerability/0.4}osvdbExtensionType" minOccurs="0"/>
* &lt;element name="vulnerable-configuration" type="{http://cpe.mitre.org/language/2.0}PlatformType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="vulnerable-software-list" type="{http://scap.nist.gov/schema/vulnerability/0.4}vulnerableSoftwareType" minOccurs="0"/>
* &lt;choice minOccurs="0">
* &lt;element name="cve-id" type="{http://scap.nist.gov/schema/cve/0.1}cveNamePatternType"/>
* &lt;element name="cce-id" type="{http://scap.nist.gov/schema/cce/0.1}cceNamePatternType"/>
* &lt;/choice>
* &lt;element name="discovered-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
* &lt;element name="disclosure-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
* &lt;element name="exploit-publish-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
* &lt;element name="published-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
* &lt;element name="last-modified-datetime" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/>
* &lt;element name="cvss" type="{http://scap.nist.gov/schema/cvss-v2/0.2}cvssImpactType" minOccurs="0"/>
* &lt;element name="security-protection" type="{http://scap.nist.gov/schema/vulnerability/0.4}securityProtectionType" minOccurs="0"/>
* &lt;element name="assessment_check" type="{http://scap.nist.gov/schema/scap-core/0.1}checkReferenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="cwe" type="{http://scap.nist.gov/schema/vulnerability/0.4}cweReferenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="references" type="{http://scap.nist.gov/schema/vulnerability/0.4}vulnerabilityReferenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="fix_action" type="{http://scap.nist.gov/schema/vulnerability/0.4}fixActionType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="scanner" type="{http://scap.nist.gov/schema/vulnerability/0.4}toolConfigurationType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="summary" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/>
* &lt;element name="technical_description" type="{http://scap.nist.gov/schema/scap-core/0.1}referenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;element name="attack_scenario" type="{http://scap.nist.gov/schema/scap-core/0.1}referenceType" maxOccurs="unbounded" minOccurs="0"/>
* &lt;/sequence>
* &lt;attribute name="id" use="required" type="{http://scap.nist.gov/schema/vulnerability/0.4}vulnerabilityIdType" />
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlRootElement(name = "vulnerabilityType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "vulnerabilityType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4", propOrder = {
"osvdbExt",
"vulnerableConfigurations",
"vulnerableSoftwareList",
"cceId",
"cveId",
"discoveredDatetime",
"disclosureDatetime",
"exploitPublishDatetime",
"publishedDatetime",
"lastModifiedDatetime",
"cvss",
"securityProtection",
"assessmentChecks",
"cwes",
"references",
"fixActions",
"scanners",
"summary",
"technicalDescriptions",
"attackScenarios"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class VulnerabilityType {
@XmlElement(name = "osvdb-ext")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected OsvdbExtensionType osvdbExt;
@XmlElement(name = "vulnerable-configuration")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<PlatformType> vulnerableConfigurations;
@XmlElement(name = "vulnerable-software-list")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected VulnerableSoftwareType vulnerableSoftwareList;
@XmlElement(name = "cce-id")
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String cceId;
@XmlElement(name = "cve-id")
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String cveId;
@XmlElement(name = "discovered-datetime")
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar discoveredDatetime;
@XmlElement(name = "disclosure-datetime")
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar disclosureDatetime;
@XmlElement(name = "exploit-publish-datetime")
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar exploitPublishDatetime;
@XmlElement(name = "published-datetime")
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar publishedDatetime;
@XmlElement(name = "last-modified-datetime")
@XmlSchemaType(name = "dateTime")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected XMLGregorianCalendar lastModifiedDatetime;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected CvssImpactType cvss;
@XmlElement(name = "security-protection")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected SecurityProtectionType securityProtection;
@XmlElement(name = "assessment_check")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<CheckReferenceType> assessmentChecks;
@XmlElement(name = "cwe")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<CweReferenceType> cwes;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<VulnerabilityReferenceType> references;
@XmlElement(name = "fix_action")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<FixActionType> fixActions;
@XmlElement(name = "scanner")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<ToolConfigurationType> scanners;
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String summary;
@XmlElement(name = "technical_description")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<ReferenceType> technicalDescriptions;
@XmlElement(name = "attack_scenario")
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<ReferenceType> attackScenarios;
@XmlAttribute(required = true)
@XmlJavaTypeAdapter(CollapsedStringAdapter.class)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected String id;
/**
* Gets the value of the osvdbExt property.
*
* @return possible object is
* {@link OsvdbExtensionType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public OsvdbExtensionType getOsvdbExt() {
return osvdbExt;
}
/**
* Sets the value of the osvdbExt property.
*
* @param value allowed object is
* {@link OsvdbExtensionType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setOsvdbExt(OsvdbExtensionType value) {
this.osvdbExt = value;
}
/**
* Gets the value of the vulnerableConfigurations property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the vulnerableConfigurations property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getVulnerableConfigurations().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link PlatformType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<PlatformType> getVulnerableConfigurations() {
if (vulnerableConfigurations == null) {
vulnerableConfigurations = new ArrayList<PlatformType>();
}
return this.vulnerableConfigurations;
}
/**
* Gets the value of the vulnerableSoftwareList property.
*
* @return possible object is
* {@link VulnerableSoftwareType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public VulnerableSoftwareType getVulnerableSoftwareList() {
return vulnerableSoftwareList;
}
/**
* Sets the value of the vulnerableSoftwareList property.
*
* @param value allowed object is
* {@link VulnerableSoftwareType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setVulnerableSoftwareList(VulnerableSoftwareType value) {
this.vulnerableSoftwareList = value;
}
/**
* Gets the value of the cceId property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getCceId() {
return cceId;
}
/**
* Sets the value of the cceId property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setCceId(String value) {
this.cceId = value;
}
/**
* Gets the value of the cveId property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getCveId() {
return cveId;
}
/**
* Sets the value of the cveId property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setCveId(String value) {
this.cveId = value;
}
/**
* Gets the value of the discoveredDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getDiscoveredDatetime() {
return discoveredDatetime;
}
/**
* Sets the value of the discoveredDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setDiscoveredDatetime(XMLGregorianCalendar value) {
this.discoveredDatetime = value;
}
/**
* Gets the value of the disclosureDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getDisclosureDatetime() {
return disclosureDatetime;
}
/**
* Sets the value of the disclosureDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setDisclosureDatetime(XMLGregorianCalendar value) {
this.disclosureDatetime = value;
}
/**
* Gets the value of the exploitPublishDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getExploitPublishDatetime() {
return exploitPublishDatetime;
}
/**
* Sets the value of the exploitPublishDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setExploitPublishDatetime(XMLGregorianCalendar value) {
this.exploitPublishDatetime = value;
}
/**
* Gets the value of the publishedDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getPublishedDatetime() {
return publishedDatetime;
}
/**
* Sets the value of the publishedDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setPublishedDatetime(XMLGregorianCalendar value) {
this.publishedDatetime = value;
}
/**
* Gets the value of the lastModifiedDatetime property.
*
* @return possible object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public XMLGregorianCalendar getLastModifiedDatetime() {
return lastModifiedDatetime;
}
/**
* Sets the value of the lastModifiedDatetime property.
*
* @param value allowed object is
* {@link XMLGregorianCalendar }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setLastModifiedDatetime(XMLGregorianCalendar value) {
this.lastModifiedDatetime = value;
}
/**
* Gets the value of the cvss property.
*
* @return possible object is
* {@link CvssImpactType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public CvssImpactType getCvss() {
return cvss;
}
/**
* Sets the value of the cvss property.
*
* @param value allowed object is
* {@link CvssImpactType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setCvss(CvssImpactType value) {
this.cvss = value;
}
/**
* Gets the value of the securityProtection property.
*
* @return possible object is
* {@link SecurityProtectionType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public SecurityProtectionType getSecurityProtection() {
return securityProtection;
}
/**
* Sets the value of the securityProtection property.
*
* @param value allowed object is
* {@link SecurityProtectionType }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSecurityProtection(SecurityProtectionType value) {
this.securityProtection = value;
}
/**
* Gets the value of the assessmentChecks property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the assessmentChecks property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getAssessmentChecks().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link CheckReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<CheckReferenceType> getAssessmentChecks() {
if (assessmentChecks == null) {
assessmentChecks = new ArrayList<CheckReferenceType>();
}
return this.assessmentChecks;
}
/**
* Gets the value of the cwes property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the cwes property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getCwes().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link CweReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<CweReferenceType> getCwes() {
if (cwes == null) {
cwes = new ArrayList<CweReferenceType>();
}
return this.cwes;
}
/**
* Gets the value of the references property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the references property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getReferences().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link VulnerabilityReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<VulnerabilityReferenceType> getReferences() {
if (references == null) {
references = new ArrayList<VulnerabilityReferenceType>();
}
return this.references;
}
/**
* Gets the value of the fixActions property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the fixActions property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getFixActions().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link FixActionType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<FixActionType> getFixActions() {
if (fixActions == null) {
fixActions = new ArrayList<FixActionType>();
}
return this.fixActions;
}
/**
* Gets the value of the scanners property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the scanners property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getScanners().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link ToolConfigurationType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<ToolConfigurationType> getScanners() {
if (scanners == null) {
scanners = new ArrayList<ToolConfigurationType>();
}
return this.scanners;
}
/**
* Gets the value of the summary property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getSummary() {
return summary;
}
/**
* Sets the value of the summary property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setSummary(String value) {
this.summary = value;
}
/**
* Gets the value of the technicalDescriptions property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the technicalDescriptions property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getTechnicalDescriptions().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link ReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<ReferenceType> getTechnicalDescriptions() {
if (technicalDescriptions == null) {
technicalDescriptions = new ArrayList<ReferenceType>();
}
return this.technicalDescriptions;
}
/**
* Gets the value of the attackScenarios property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the attackScenarios property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getAttackScenarios().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link ReferenceType }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<ReferenceType> getAttackScenarios() {
if (attackScenarios == null) {
attackScenarios = new ArrayList<ReferenceType>();
}
return this.attackScenarios;
}
/**
* Gets the value of the id property.
*
* @return possible object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public String getId() {
return id;
}
/**
* Sets the value of the id property.
*
* @param value allowed object is
* {@link String }
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public void setId(String value) {
this.id = value;
}
}

92
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/VulnerableSoftwareType.java
View File

@@ -1,92 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.generated;
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
import java.util.ArrayList;
import java.util.List;
import javax.annotation.Generated;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* <p>Java class for vulnerableSoftwareType complex type.
*
* <p>The following schema fragment specifies the expected content contained
* within this class.
*
* <pre>
* &lt;complexType name="vulnerableSoftwareType">
* &lt;complexContent>
* &lt;restriction base="{http://www.w3.org/2001/XMLSchema}anyType">
* &lt;sequence>
* &lt;element name="product" type="{http://cpe.mitre.org/language/2.0}namePattern" maxOccurs="unbounded"/>
* &lt;/sequence>
* &lt;/restriction>
* &lt;/complexContent>
* &lt;/complexType>
* </pre>
*
*
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "vulnerableSoftwareType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4", propOrder = {
"products"
})
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public class VulnerableSoftwareType {
@XmlElement(name = "product", required = true)
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
protected List<String> products;
/**
* Gets the value of the products property.
*
* <p> This accessor method returns a reference to the live list, not a
* snapshot. Therefore any modification you make to the returned list will
* be present inside the JAXB object. This is why there is not a
* <CODE>set</CODE> method for the products property.
*
* <p> For example, to add a new item, do as follows:
* <pre>
* getProducts().add(newItem);
* </pre>
*
*
* <p> Objects of the following type(s) are allowed in the list
* {@link String }
*
*
*/
@Generated(value = "com.sun.tools.internal.xjc.Driver", date = "2012-10-21T11:58:46-04:00", comments = "JAXB RI vJAXB 2.1.10 in JDK 6")
public List<String> getProducts() {
if (products == null) {
products = new ArrayList<String>();
}
return this.products;
}
}

9
src/main/java/org/codesecure/dependencycheck/data/nvdcve/generated/package-info.java
View File

@@ -1,9 +0,0 @@
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, vJAXB 2.1.10 in JDK 6
// See <a href="http://java.sun.com/xml/jaxb">http://java.sun.com/xml/jaxb</a>
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2012.10.21 at 11:58:46 AM EDT
//
@javax.xml.bind.annotation.XmlSchema(namespace = "http://scap.nist.gov/schema/cvss-v2/0.2", elementFormDefault = javax.xml.bind.annotation.XmlNsForm.QUALIFIED)
package org.codesecure.dependencycheck.data.nvdcve.generated;

359
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdater.java → src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/DatabaseUpdater.java
View File

@@ -26,29 +26,37 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import javax.xml.parsers.ParserConfigurationException;
import org.codesecure.dependencycheck.data.CachedWebDataSource;
import java.net.MalformedURLException;
import java.net.URL;
import java.sql.SQLException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.lucene.index.CorruptIndexException;
import org.codesecure.dependencycheck.data.nvdcve.Index;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import org.codesecure.dependencycheck.data.UpdateException;
import org.codesecure.dependencycheck.data.cpe.Index;
import org.codesecure.dependencycheck.data.nvdcve.CveDB;
import org.codesecure.dependencycheck.dependency.VulnerableSoftware;
import org.codesecure.dependencycheck.utils.DownloadFailedException;
import org.codesecure.dependencycheck.utils.Downloader;
import org.codesecure.dependencycheck.utils.FileUtils;
import org.codesecure.dependencycheck.utils.InvalidSettingException;
import org.codesecure.dependencycheck.utils.Settings;
import org.xml.sax.SAXException;
import org.codesecure.dependencycheck.data.nvdcve.DatabaseException;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class IndexUpdater extends Index implements CachedWebDataSource {
public class DatabaseUpdater implements CachedWebDataSource {
/**
* The name of the properties file containing the timestamp of the last
@@ -67,15 +75,15 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
*/
private static final String LAST_UPDATED_BASE = "lastupdated.";
/**
* The current version of the index
* The current version of the database
*/
public static final String INDEX_VERSION = "1.1";
public static final String DATABASE_VERSION = "2.0";
/**
* <p>Downloads the latest NVD CVE XML file from the web and imports it into
* the current CVE Index.</p>
* the current CVE Database.</p>
*
* @throws UpdateException is thrown if there is an error updating the index
* @throws UpdateException is thrown if there is an error updating the database
*/
public void update() throws UpdateException {
try {
@@ -87,30 +95,46 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
}
}
if (maxUpdates > 3) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.WARNING,
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
"NVD CVE requires several updates; this could take a couple of minutes.");
}
int count = 0;
for (NvdCveUrl cve : update.values()) {
if (cve.getNeedsUpdate()) {
count += 1;
Logger.getLogger(IndexUpdater.class.getName()).log(Level.WARNING,
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
"Updating NVD CVE ({0} of {1})", new Object[]{count, maxUpdates});
URL url = new URL(cve.getUrl());
File outputPath = null;
File outputPath12 = null;
try {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.WARNING, "Downloading {0}", cve.getUrl());
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
"Downloading {0}", cve.getUrl());
outputPath = File.createTempFile("cve" + cve.getId() + "_", ".xml");
Downloader.fetchFile(url, outputPath, false);
Logger.getLogger(IndexUpdater.class.getName()).log(Level.WARNING, "Processing {0}", cve.getUrl());
importXML(outputPath.toString());
Logger.getLogger(IndexUpdater.class.getName()).log(Level.WARNING,
url = new URL(cve.getOldSchemaVersionUrl());
outputPath12 = File.createTempFile("cve_1_2_" + cve.getId() + "_", ".xml");
Downloader.fetchFile(url, outputPath12, false);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
"Processing {0}", cve.getUrl());
importXML(outputPath, outputPath12);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING,
"Completed updated {0} of {1}", new Object[]{count, maxUpdates});
} catch (FileNotFoundException ex) {
//Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException(ex);
} catch (ParserConfigurationException ex) {
throw new UpdateException(ex);
} catch (SAXException ex) {
throw new UpdateException(ex);
} catch (IOException ex) {
//Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException(ex);
} catch (SQLException ex) {
throw new UpdateException(ex);
} catch (DatabaseException ex) {
throw new UpdateException(ex);
} finally {
try {
@@ -129,10 +153,8 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
writeLastUpdatedPropertyFile(update);
}
} catch (MalformedURLException ex) {
//Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException(ex);
} catch (DownloadFailedException ex) {
//Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException(ex);
}
}
@@ -140,76 +162,48 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
/**
* Imports the NVD CVE XML File into the Lucene Index.
*
* @param file containing the path to the NVD CVE XML file.
* @param file the file containing the NVD CVE XML
* @param oldVersion contains the file containing the NVD CVE XML 1.2
*/
private void importXML(File file) {
if (!file.exists()) {
file.mkdirs();
}
NvdCveParser indexer = null;
org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null;
private void importXML(File file, File oldVersion)
throws ParserConfigurationException, SAXException, IOException, SQLException, DatabaseException {
CveDB cveDB = null;
Index cpeIndex = null;
try {
indexer = new NvdCveParser();
indexer.openIndexWriter();
cveDB = new CveDB();
cveDB.open();
//HACK - hack to ensure all CPE data is stored in the index.
cpeIndex = new org.codesecure.dependencycheck.data.cpe.Index();
cpeIndex = new Index();
cpeIndex.openIndexWriter();
indexer.setCPEIndexer(cpeIndex);
indexer.parse(file);
SAXParserFactory factory = SAXParserFactory.newInstance();
SAXParser saxParser = factory.newSAXParser();
} catch (CorruptIndexException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
NvdCve12Handler cve12Handler = new NvdCve12Handler();
saxParser.parse(oldVersion, cve12Handler);
Map<String, List<VulnerableSoftware>> prevVersionVulnMap = cve12Handler.getVulnerabilities();
cve12Handler = null;
NvdCve20Handler cve20Handler = new NvdCve20Handler();
cve20Handler.setCveDB(cveDB);
cve20Handler.setPrevVersionVulnMap(prevVersionVulnMap);
cve20Handler.setCpeIndex(cpeIndex);
saxParser.parse(file, cve20Handler);
cve20Handler = null;
} finally {
if (indexer != null) {
indexer.close();
}
if (cpeIndex != null) {
cpeIndex.close();
cpeIndex = null;
}
if (cveDB != null) {
cveDB.close();
cveDB = null;
}
}
}
// public static void importXML(File file) throws FileNotFoundException, IOException, JAXBException,
// ParserConfigurationException, SAXException {
//
// SAXParserFactory factory = SAXParserFactory.newInstance();
// factory.setNamespaceAware(true);
// XMLReader reader = factory.newSAXParser().getXMLReader();
//
// JAXBContext context = JAXBContext.newInstance("org.codesecure.dependencycheck.data.nvdcve.generated");
// NvdCveXmlFilter filter = new NvdCveXmlFilter(context);
//
// CPEIndexWriter indexer = new CPEIndexWriter();
// indexer.openIndexWriter();
//
// filter.registerSaveDelegate(indexer);
//
// reader.setContentHandler(filter);
// Reader fileReader = new FileReader(file);
// InputSource is = new InputSource(fileReader);
// try {
// reader.parse(is);
// } catch (IOException ex) {
// Logger.getLogger(Importer.class.getName()).log(Level.SEVERE, null, ex);
// } catch (SAXException ex) {
// Logger.getLogger(Importer.class.getName()).log(Level.SEVERE, null, ex);
// } finally {
// indexer.close();
// }
// }
/**
* Imports the CPE XML File into the Lucene Index.
*
* @param path the path to the CPE XML file.
*/
private void importXML(String path) {
File f = new File(path);
importXML(f);
}
//<editor-fold defaultstate="collapsed" desc="Code to read/write properties files regarding the last update dates">
/**
* Writes a properties file containing the last updated date to the
@@ -220,40 +214,37 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
private void writeLastUpdatedPropertyFile(Map<String, NvdCveUrl> updated) throws UpdateException {
String dir;
try {
dir = getDataDirectory().getCanonicalPath();
dir = CveDB.getDataDirectory().getCanonicalPath();
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException("Unable to locate last updated properties file.", ex);
}
File cveProp = new File(dir + File.separatorChar + UPDATE_PROPERTIES_FILE);
Properties prop = new Properties();
prop.put("version", INDEX_VERSION);
prop.put("version", DATABASE_VERSION);
for (NvdCveUrl cve : updated.values()) {
prop.put(LAST_UPDATED_BASE + cve.id, String.valueOf(cve.getTimestamp()));
}
OutputStream os = null;
OutputStreamWriter out = null;
try {
os = new FileOutputStream(cveProp);
OutputStreamWriter out = new OutputStreamWriter(os, "UTF-8");
out = new OutputStreamWriter(os, "UTF-8");
prop.store(out, dir);
} catch (FileNotFoundException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException("Unable to find last updated properties file.", ex);
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException("Unable to update last updated properties file.", ex);
} finally {
if (os != null) {
if (out != null) {
try {
os.flush();
out.close();
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
}
try {
os.close();
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
@@ -278,11 +269,11 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
try {
currentlyPublished = retrieveCurrentTimestampsFromWeb();
} catch (InvalidDataException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new DownloadFailedException("Unable to retrieve valid timestamp from nvd cve downloads page", ex);
} catch (InvalidSettingException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new DownloadFailedException("Invalid settings", ex);
}
@@ -291,9 +282,9 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
}
String dir;
try {
dir = getDataDirectory().getCanonicalPath();
dir = CveDB.getDataDirectory().getCanonicalPath();
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
throw new UpdateException("Unable to locate last updated properties file.", ex);
}
@@ -315,7 +306,7 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
} else {
try {
version = Float.parseFloat(prop.getProperty("version"));
float currentVersion = Float.parseFloat(INDEX_VERSION);
float currentVersion = Float.parseFloat(DATABASE_VERSION);
if (currentVersion > version) {
deleteAndRecreate = true;
}
@@ -324,7 +315,7 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
}
}
if (deleteAndRecreate) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.WARNING, "Index version is old. Rebuilding the index.");
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.WARNING, "Index version is old. Rebuilding the index.");
is.close();
//this is an old version of the lucene index - just delete it
FileUtils.delete(f);
@@ -355,7 +346,7 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
try {
currentTimestamp = Long.parseLong(prop.getProperty(LAST_UPDATED_BASE + String.valueOf(i), "0"));
} catch (NumberFormatException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.FINEST, "Error parsing " + LAST_UPDATED_BASE
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINEST, "Error parsing " + LAST_UPDATED_BASE
+ String.valueOf(i) + " from nvdcve.lastupdated", ex);
}
if (currentTimestamp == cve.getTimestamp()) {
@@ -364,17 +355,17 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
}
}
} catch (FileNotFoundException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.FINEST, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINEST, null, ex);
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.FINEST, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINEST, null, ex);
} catch (NumberFormatException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.FINEST, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.FINEST, null, ex);
} finally {
if (is != null) {
try {
is.close();
} catch (IOException ex) {
Logger.getLogger(IndexUpdater.class.getName()).log(Level.SEVERE, null, ex);
Logger.getLogger(DatabaseUpdater.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
@@ -419,7 +410,10 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
NvdCveUrl item = new NvdCveUrl();
item.setNeedsUpdate(false); //the others default to true, to make life easier later this should default to false.
item.id = "modified";
item.setId("modified");
item.setUrl(retrieveUrl);
item.setOldSchemaVersionUrl(Settings.getString(Settings.KEYS.CVE_MODIFIED_12_URL));
item.timestamp = Downloader.getLastModified(new URL(retrieveUrl));
map.put("modified", item);
@@ -427,147 +421,15 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
for (int i = 1; i <= max; i++) {
retrieveUrl = Settings.getString(Settings.KEYS.CVE_BASE_URL + Settings.KEYS.CVE_SCHEMA_2_0 + i);
item = new NvdCveUrl();
item.id = Integer.toString(i);
item.url = retrieveUrl;
item.timestamp = Downloader.getLastModified(new URL(retrieveUrl));
item.setId(Integer.toString(i));
item.setUrl(retrieveUrl);
item.setOldSchemaVersionUrl(Settings.getString(Settings.KEYS.CVE_BASE_URL + Settings.KEYS.CVE_SCHEMA_1_2 + i));
item.setTimestamp(Downloader.getLastModified(new URL(retrieveUrl)));
map.put(item.id, item);
}
return map;
}
//<editor-fold defaultstate="collapsed" desc="old dead code">
// /**
// * Retrieves the timestamps from the NVD CVE meta data file.
// *
// * @return the timestamp from the currently published nvdcve downloads page
// * @throws MalformedURLException is thrown if the URL for the NVD CCE Meta
// * data is incorrect.
// * @throws DownloadFailedException is thrown if there is an error
// * downloading the nvd cve meta data file
// * @throws InvalidDataException is thrown if there is an exception parsing
// * the timestamps
// */
// protected Map<String, NvdCveUrl> retrieveCurrentTimestampsFromWeb() throws MalformedURLException, DownloadFailedException, InvalidDataException {
// Map<String, NvdCveUrl> map = new HashMap<String, NvdCveUrl>();
//
// File tmp = null;
// try {
// tmp = File.createTempFile("cve", "meta");
// URL url = new URL(Settings.getString(Settings.KEYS.CVE_META_URL));
// Downloader.fetchFile(url, tmp);
// String html = readFile(tmp);
//
// String retrieveUrl = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
// NvdCveUrl cve = createNvdCveUrl("modified", retrieveUrl, html);
// cve.setNeedsUpdate(false); //the others default to true, to make life easier later this should default to false.
// map.put("modified", cve);
// int max = Settings.getInt(Settings.KEYS.CVE_URL_COUNT);
// for (int i = 1; i <= max; i++) {
// retrieveUrl = Settings.getString(Settings.KEYS.CVE_BASE_URL + Settings.KEYS.CVE_SCHEMA_2_0 + i);
// String key = Integer.toString(i);
// cve = createNvdCveUrl(key, retrieveUrl, html);
// map.put(key, cve);
// }
// } catch (IOException ex) {
// throw new DownloadFailedException("Unable to create temporary file for NVD CVE Meta File download.", ex);
// } finally {
// try {
// if (tmp != null && tmp.exists()) {
// tmp.delete();
// }
// } finally {
// if (tmp != null && tmp.exists()) {
// tmp.deleteOnExit();
// }
// }
// }
// return map;
// }
//
// /**
// * Creates a new NvdCveUrl object from the provide id, url, and text/html
// * from the NVD CVE downloads page.
// *
// * @param id the name of this NVD CVE Url
// * @param retrieveUrl the URL to download the file from
// * @param text a bit of HTML from the NVD CVE downloads page that contains
// * the URL and the last updated timestamp.
// * @return a shiny new NvdCveUrl object.
// * @throws InvalidDataException is thrown if the timestamp could not be
// * extracted from the provided text.
// */
// private NvdCveUrl createNvdCveUrl(String id, String retrieveUrl, String text) throws InvalidDataException {
// Pattern pattern = Pattern.compile(Pattern.quote(retrieveUrl) + ".+?\\<br");
// Matcher m = pattern.matcher(text);
// NvdCveUrl item = new NvdCveUrl();
// item.id = id;
// item.url = retrieveUrl;
// if (m.find()) {
// String line = m.group();
// int pos = line.indexOf("Updated:");
// if (pos > 0) {
// pos += 9;
// try {
// String timestampstr = line.substring(pos, line.length() - 3).replace("at ", "");
// long timestamp = getEpochTimeFromDateTime(timestampstr);
// item.setTimestamp(timestamp);
// } catch (NumberFormatException ex) {
// throw new InvalidDataException("NVD CVE Meta file does not contain a valid timestamp for '" + retrieveUrl + "'.", ex);
// }
// } else {
// throw new InvalidDataException("NVD CVE Meta file does not contain the updated timestamp for '" + retrieveUrl + "'.");
// }
// } else {
// throw new InvalidDataException("NVD CVE Meta file does not contain the url for '" + retrieveUrl + "'.");
// }
// return item;
// }
//
// /**
// * Parses a timestamp in the format of "MM/dd/yy hh:mm" into a calendar
// * object and returns the epoch time. Note, this removes the millisecond
// * portion of the epoch time so all numbers returned should end in 000.
// *
// * @param timestamp a string in the format of "MM/dd/yy hh:mm"
// * @return a Calendar object.
// * @throws NumberFormatException if the timestamp was parsed incorrectly.
// */
// private long getEpochTimeFromDateTime(String timestamp) throws NumberFormatException {
// Calendar c = new GregorianCalendar();
// int month = Integer.parseInt(timestamp.substring(0, 2));
// int date = Integer.parseInt(timestamp.substring(3, 5));
// int year = 2000 + Integer.parseInt(timestamp.substring(6, 8));
// int hourOfDay = Integer.parseInt(timestamp.substring(9, 11));
// int minute = Integer.parseInt(timestamp.substring(12, 14));
// c.set(year, month, date, hourOfDay, minute, 0);
// long t = c.getTimeInMillis();
// t = (t / 1000) * 1000;
// return t;
// }
//
// /**
// * Reads a file into a string.
// *
// * @param file the file to be read.
// * @return the contents of the file.
// * @throws IOException is thrown if an IOExcpetion occurs.
// */
// private String readFile(File file) throws IOException {
// InputStreamReader stream = new InputStreamReader(new FileInputStream(file), "UTF-8");
// StringBuilder str = new StringBuilder((int) file.length());
// try {
// char[] buf = new char[8096];
// int read = stream.read(buf, 0, 8096);
// while (read > 0) {
// str.append(buf, 0, read);
// read = stream.read(buf, 0, 8096);
// }
// } finally {
// stream.close();
// }
// return str.toString();
// }
//</editor-fold>
/**
* A pojo that contains the Url and timestamp of the current NvdCve XML
* files.
@@ -618,6 +480,30 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
public void setUrl(String url) {
this.url = url;
}
/**
* The 1.2 schema URL
*/
protected String oldSchemaVersionUrl;
/**
* Get the value of oldSchemaVersionUrl
*
* @return the value of oldSchemaVersionUrl
*/
public String getOldSchemaVersionUrl() {
return oldSchemaVersionUrl;
}
/**
* Set the value of oldSchemaVersionUrl
*
* @param oldSchemaVersionUrl new value of oldSchemaVersionUrl
*/
public void setOldSchemaVersionUrl(String oldSchemaVersionUrl) {
this.oldSchemaVersionUrl = oldSchemaVersionUrl;
}
/**
* a timestamp - epoch time.
*/
@@ -663,4 +549,5 @@ public class IndexUpdater extends Index implements CachedWebDataSource {
this.needsUpdate = needsUpdate;
}
}
//</editor-fold>
}

152
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/Indexer.java
View File

@@ -1,152 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import org.apache.lucene.document.Document;
import org.apache.lucene.document.Field;
import org.apache.lucene.document.StoredField;
import org.apache.lucene.document.StringField;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.index.Term;
import org.codesecure.dependencycheck.data.lucene.LuceneUtils;
import org.codesecure.dependencycheck.data.nvdcve.generated.VulnerabilityType;
import org.codesecure.dependencycheck.data.nvdcve.Fields;
import org.codesecure.dependencycheck.data.nvdcve.Index;
import org.codesecure.dependencycheck.data.nvdcve.generated.FactRefType;
import org.codesecure.dependencycheck.data.nvdcve.generated.LogicalTest;
import org.codesecure.dependencycheck.data.nvdcve.generated.PlatformType;
/**
* The Indexer is used to convert a VULNERABLE_CPE Entry, retrieved from the
* VULNERABLE_CPE XML file, into a Document that is stored in the Lucene index.
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class Indexer extends Index implements EntrySaveDelegate {
/**
* Saves an NVD CVE Entry into the Lucene index.
*
* @param vulnerability a NVD CVE vulnerability.
* @throws CorruptIndexException is thrown if the index is corrupt.
* @throws IOException is thrown if an IOException occurs.
*/
public void saveEntry(VulnerabilityType vulnerability) throws CorruptIndexException, IOException {
try {
Document doc = null;
try {
doc = convertEntryToDoc(vulnerability);
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(Indexer.class.getName()).log(Level.SEVERE, null, ex);
}
if (doc == null) {
return;
}
Term name = new Term(Fields.CVE_ID, LuceneUtils.escapeLuceneQuery(vulnerability.getId()));
indexWriter.updateDocument(name, doc);
} catch (JAXBException ex) {
Logger.getLogger(Indexer.class.getName()).log(Level.SEVERE, "Unable to add " + vulnerability.getId() + " to the Lucene index.", ex);
}
}
/**
* Converts a VULNERABLE_CPE vulnerability into a Lucene Document.
*
* @param vulnerability a VULNERABLE_CPE Entry.
* @return a Lucene Document containing a VULNERABLE_CPE Entry.
* @throws JAXBException is thrown when there is a JAXBException.
* @throws UnsupportedEncodingException if the system doesn't support utf-8
*/
protected Document convertEntryToDoc(VulnerabilityType vulnerability) throws JAXBException, UnsupportedEncodingException {
boolean hasApplication = false;
Document doc = new Document();
if (vulnerability.getVulnerableConfigurations() != null) {
for (PlatformType pt : vulnerability.getVulnerableConfigurations()) {
hasApplication = addVulnerableProducts(doc, pt.getLogicalTest());
}
} else if (vulnerability.getVulnerableSoftwareList() != null) { //this should never be reached, but is here just in case.
for (String cpe : vulnerability.getVulnerableSoftwareList().getProducts()) {
if (cpe.startsWith("cpe:/a:")) {
hasApplication = true;
addVulnerableCpe(cpe, doc);
}
}
} else {
return null;
}
//there are no cpe:/a that are vulnerable - don't add it to the index.
if (!hasApplication) {
return null;
}
Field name = new StringField(Fields.CVE_ID, vulnerability.getId(), Field.Store.NO);
doc.add(name);
// Field description = new Field(Fields.DESCRIPTION, vulnerability.getSummary(), Field.Store.NO, Field.Index.ANALYZED);
// doc.add(description);
JAXBContext context = JAXBContext.newInstance("org.codesecure.dependencycheck.data.nvdcve.generated");
Marshaller m = context.createMarshaller();
m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
ByteArrayOutputStream out = new ByteArrayOutputStream();
m.marshal(vulnerability, out);
Field xml = new StoredField(Fields.XML, out.toString("UTF-8"));
doc.add(xml);
return doc;
}
private boolean addVulnerableProducts(Document doc, LogicalTest logicalTest) {
boolean retVal = false;
for (LogicalTest lt : logicalTest.getLogicalTests()) {
retVal = retVal || addVulnerableProducts(doc, lt);
}
for (FactRefType facts : logicalTest.getFactReves()) {
String cpe = facts.getName();
if (cpe.startsWith("cpe:/a:")) {
retVal = true;
addVulnerableCpe(cpe, doc);
}
}
return retVal;
}
private void addVulnerableCpe(String cpe, Document doc) {
Field vulnerable = new StringField(Fields.VULNERABLE_CPE, cpe, Field.Store.NO);
doc.add(vulnerable);
}
}

1
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/InvalidDataException.java
View File

@@ -25,6 +25,7 @@ package org.codesecure.dependencycheck.data.nvdcve.xml;
* @author Jeremy
*/
public class InvalidDataException extends Exception {
private static final long serialVersionUID = 1L;
/**
* Creates an InvalidDataException

216
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCve12Handler.java Normal file
View File

@@ -0,0 +1,216 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.codesecure.dependencycheck.dependency.VulnerableSoftware;
import org.xml.sax.Attributes;
import org.xml.sax.SAXException;
import org.xml.sax.SAXNotSupportedException;
import org.xml.sax.helpers.DefaultHandler;
/**
* A SAX Handler that will parse the NVD CVE XML (schema version 1.2). This
* parses the xml and retrieves a listing of CPEs that have previous versions
* specified. The previous version information is not in the 2.0 version of the
* schema and is useful to ensure accurate identification (or at least complete).
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class NvdCve12Handler extends DefaultHandler {
private static final String CURRENT_SCHEMA_VERSION = "1.2";
private String vulnerability = null;
private List<VulnerableSoftware> software = null;
private String vendor = null;
private String product = null;
private boolean skip = false;
private boolean hasPreviousVersion = false;
private Element current = new Element();
private Map<String, List<VulnerableSoftware>> vulnerabilities = null;
/**
* Get the value of vulnerabilities
*
* @return the value of vulnerabilities
*/
public Map<String, List<VulnerableSoftware>> getVulnerabilities() {
return vulnerabilities;
}
@Override
public void startElement(String uri, String localName, String qName, Attributes attributes) throws SAXException {
current.setNode(qName);
if (current.isEntryNode()) {
vendor = null;
product = null;
hasPreviousVersion = false;
String reject = attributes.getValue("reject");
skip = (reject != null && reject.equals("1"));
if (!skip) {
vulnerability = attributes.getValue("name");
software = new ArrayList<VulnerableSoftware>();
} else {
vulnerability = null;
software = null;
}
} else if (!skip && current.isProdNode()) {
vendor = attributes.getValue("vendor");
product = attributes.getValue("name");
} else if (!skip && current.isVersNode()) {
String prev = attributes.getValue("prev");
if (prev != null && "1".equals(prev)) {
hasPreviousVersion = true;
String edition = attributes.getValue("edition");
String num = attributes.getValue("num");
/*yes yes, this may not actually be an "a" - it could be an OS, etc. but for our
purposes this is good enough as we won't use this if we don't find a corresponding "a"
in the nvd cve 2.0. */
String cpe = "cpe:/a:" + vendor + ":" + product;
if (num != null) {
cpe += ":" + num;
}
if (edition != null) {
cpe += ":" + edition;
}
VulnerableSoftware vs = new VulnerableSoftware();
vs.setCpe(cpe);
vs.setPreviousVersion(prev);
software.add(vs);
}
} else if (current.isNVDNode()) {
String nvdVer = attributes.getValue("nvd_xml_version");
if (!CURRENT_SCHEMA_VERSION.equals(nvdVer)) {
throw new SAXNotSupportedException("Schema version " + nvdVer + " is not supported");
}
vulnerabilities = new HashMap<String, List<VulnerableSoftware>>();
}
}
@Override
public void endElement(String uri, String localName, String qName) throws SAXException {
current.setNode(qName);
if (current.isEntryNode()) {
if (!skip && hasPreviousVersion) {
vulnerabilities.put(vulnerability, software);
}
vulnerability = null;
software = null;
}
}
// <editor-fold defaultstate="collapsed" desc="The Element Class that maintains state information about the current node">
/**
* A simple class to maintain information about the current element while
* parsing the NVD CVE XML.
*/
protected static class Element {
/**
* A node type in the NVD CVE Schema 1.2
*/
public static final String NVD = "nvd";
/**
* A node type in the NVD CVE Schema 1.2
*/
public static final String ENTRY = "entry";
/**
* A node type in the NVD CVE Schema 1.2
*/
public static final String VULN_SOFTWARE = "vuln_soft";
/**
* A node type in the NVD CVE Schema 1.2
*/
public static final String PROD = "prod";
/**
* A node type in the NVD CVE Schema 1.2
*/
public static final String VERS = "vers";
private String node = null;
/**
* Gets the value of node
*
* @return the value of node
*/
public String getNode() {
return this.node;
}
/**
* Sets the value of node
*
* @param node new value of node
*/
public void setNode(String node) {
this.node = node;
}
/**
* Checks if the handler is at the NVD node
*
* @return true or false
*/
public boolean isNVDNode() {
return NVD.equals(node);
}
/**
* Checks if the handler is at the ENTRY node
*
* @return true or false
*/
public boolean isEntryNode() {
return ENTRY.equals(node);
}
/**
* Checks if the handler is at the VULN_SOFTWARE node
*
* @return true or false
*/
public boolean isVulnSoftwareNode() {
return VULN_SOFTWARE.equals(node);
}
/**
* Checks if the handler is at the PROD node
*
* @return true or false
*/
public boolean isProdNode() {
return PROD.equals(node);
}
/**
* Checks if the handler is at the VERS node
*
* @return true or false
*/
public boolean isVersNode() {
return VERS.equals(node);
}
}
// </editor-fold>
}

304
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCve20Handler.java Normal file
View File

@@ -0,0 +1,304 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import org.apache.lucene.index.CorruptIndexException;
import org.codesecure.dependencycheck.data.cpe.Index;
import org.codesecure.dependencycheck.data.nvdcve.CveDB;
import org.codesecure.dependencycheck.data.nvdcve.DatabaseException;
import org.codesecure.dependencycheck.dependency.Reference;
import org.codesecure.dependencycheck.dependency.Vulnerability;
import org.codesecure.dependencycheck.dependency.VulnerableSoftware;
import org.xml.sax.Attributes;
import org.xml.sax.SAXException;
import org.xml.sax.SAXNotSupportedException;
import org.xml.sax.helpers.DefaultHandler;
/**
* A SAX Handler that will parse the NVD CVE XML (schema version 2.0).
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class NvdCve20Handler extends DefaultHandler {
private static final String CURRENT_SCHEMA_VERSION = "2.0";
private Element current = new Element();
StringBuilder nodeText = null;
Vulnerability vulnerability = null;
Reference reference = null;
boolean hasApplicationCpe = false;
@Override
public void startElement(String uri, String localName, String qName, Attributes attributes) throws SAXException {
current.setNode(qName);
if (current.isEntryNode()) {
hasApplicationCpe = false;
vulnerability = new Vulnerability();
vulnerability.setName(attributes.getValue("id"));
} else if (current.isVulnProductNode()) {
nodeText = new StringBuilder(100);
} else if (current.isVulnReferencesNode()) {
String lang = attributes.getValue("xml:lang");
if ("en".equals(lang)) {
reference = new Reference();
} else {
reference = null;
}
} else if (reference != null && current.isVulnReferenceNode()) {
reference.setUrl(attributes.getValue("href"));
nodeText = new StringBuilder(130);
} else if (reference != null && current.isVulnSourceNode()) {
nodeText = new StringBuilder(30);
} else if (current.isVulnSummaryNode()) {
nodeText = new StringBuilder(500);
} else if (current.isNVDNode()) {
String nvdVer = attributes.getValue("nvd_xml_version");
if (!CURRENT_SCHEMA_VERSION.equals(nvdVer)) {
throw new SAXNotSupportedException("Schema version " + nvdVer + " is not supported");
}
}
}
@Override
public void characters(char[] ch, int start, int length) throws SAXException {
if (nodeText != null) {
nodeText.append(ch, start, length);
}
}
@Override
public void endElement(String uri, String localName, String qName) throws SAXException {
current.setNode(qName);
if (current.isEntryNode()) {
if (hasApplicationCpe) {
try {
saveEntry(vulnerability);
} catch (DatabaseException ex) {
throw new SAXException(ex);
} catch (CorruptIndexException ex) {
throw new SAXException(ex);
} catch (IOException ex) {
throw new SAXException(ex);
}
}
vulnerability = null;
} else if (current.isVulnProductNode()) {
String cpe = nodeText.toString();
if (cpe.startsWith("cpe:/a:")) {
hasApplicationCpe = true;
vulnerability.addVulnerableSoftware(cpe);
}
nodeText = null;
} else if (reference != null && current.isVulnReferencesNode()) {
vulnerability.addReference(reference);
reference = null;
} else if (reference != null && current.isVulnReferenceNode()) {
reference.setName(nodeText.toString());
nodeText = null;
} else if (reference != null && current.isVulnSourceNode()) {
reference.setSource(nodeText.toString());
nodeText = null;
} else if (current.isVulnSummaryNode()) {
vulnerability.setDescription(nodeText.toString());
nodeText = null;
}
}
private CveDB cveDB = null;
/**
* Sets the cveDB
* @param db a reference to the CveDB
*/
public void setCveDB(CveDB db) {
cveDB = db;
}
/**
* A list of CVE entries and associated VulnerableSoftware entries that contain
* previous entries.
*/
private Map<String, List<VulnerableSoftware>> prevVersionVulnMap = null;
/**
* Sets the prevVersionVulnMap.
* @param map the map of vulnerable software with previous versions being vulnerable
*/
public void setPrevVersionVulnMap(Map<String, List<VulnerableSoftware>> map) {
prevVersionVulnMap = map;
}
/**
* Saves a vulnerability to the CVE Database. This is a callback method
* called by the Sax Parser Handler {@link org.codesecure.dependencycheck.data.nvdcve.xml.NvdCve20Handler}.
*
* @param vuln the vulnerability to store in the database
* @throws DatabaseException thrown if there is an error writing to the database
* @throws CorruptIndexException is thrown if the CPE Index is corrupt
* @throws IOException thrown if there is an IOException with the CPE Index
*/
public void saveEntry(Vulnerability vuln) throws DatabaseException, CorruptIndexException, IOException {
if (cveDB == null) {
return;
}
String cveName = vuln.getName();
if (prevVersionVulnMap.containsKey(cveName)) {
List<VulnerableSoftware> vulnSoftware = prevVersionVulnMap.get(cveName);
for (VulnerableSoftware vs : vulnSoftware) {
vuln.updateVulnerableSoftware(vs);
}
}
for (VulnerableSoftware vs : vuln.getVulnerableSoftware()) {
if (cpeIndex != null) {
cpeIndex.saveEntry(vs);
}
}
cveDB.updateVulnerability(vuln);
}
private Index cpeIndex = null;
/**
* Sets the cpe index
* @param index the CPE Lucene Index
*/
void setCpeIndex(Index index) {
cpeIndex = index;
}
// <editor-fold defaultstate="collapsed" desc="The Element Class that maintains state information about the current node">
/**
* A simple class to maintain information about the current element while
* parsing the NVD CVE XML.
*/
protected static class Element {
/**
* A node type in the NVD CVE Schema 2.0
*/
public static final String NVD = "nvd";
/**
* A node type in the NVD CVE Schema 2.0
*/
public static final String ENTRY = "entry";
/**
* A node type in the NVD CVE Schema 2.0
*/
public static final String VULN_PRODUCT = "vuln:product";
/**
* A node type in the NVD CVE Schema 2.0
*/
public static final String VULN_REFERNCES = "vuln:references";
/**
* A node type in the NVD CVE Schema 2.0
*/
public static final String VULN_SOURCE = "vuln:source";
/**
* A node type in the NVD CVE Schema 2.0
*/
public static final String VULN_REFERNCE = "vuln:reference";
/**
* A node type in the NVD CVE Schema 2.0
*/
public static final String VULN_SUMMARY = "vuln:summary";
private String node = null;
/**
* Gets the value of node
*
* @return the value of node
*/
public String getNode() {
return this.node;
}
/**
* Sets the value of node
*
* @param node new value of node
*/
public void setNode(String node) {
this.node = node;
}
/**
* Checks if the handler is at the NVD node
*
* @return true or false
*/
public boolean isNVDNode() {
return NVD.equals(node);
}
/**
* Checks if the handler is at the ENTRY node
*
* @return true or false
*/
public boolean isEntryNode() {
return ENTRY.equals(node);
}
/**
* Checks if the handler is at the VULN_PRODUCT node
*
* @return true or false
*/
public boolean isVulnProductNode() {
return VULN_PRODUCT.equals(node);
}
/**
* Checks if the handler is at the REFERENCES node
*
* @return true or false
*/
public boolean isVulnReferencesNode() {
return VULN_REFERNCES.equals(node);
}
/**
* Checks if the handler is at the REFERENCE node
*
* @return true or false
*/
public boolean isVulnReferenceNode() {
return VULN_REFERNCE.equals(node);
}
/**
* Checks if the handler is at the VULN_SOURCE node
*
* @return true or false
*/
public boolean isVulnSourceNode() {
return VULN_SOURCE.equals(node);
}
/**
* Checks if the handler is at the VULN_SUMMARY node
*
* @return true or false
*/
public boolean isVulnSummaryNode() {
return VULN_SUMMARY.equals(node);
}
}
// </editor-fold>
}

212
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParser.java
View File

@@ -1,212 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.lucene.document.Document;
import org.apache.lucene.document.Field;
import org.apache.lucene.document.StoredField;
import org.apache.lucene.document.StringField;
import org.apache.lucene.index.CorruptIndexException;
import org.apache.lucene.index.Term;
import org.codesecure.dependencycheck.data.cpe.Entry;
import org.codesecure.dependencycheck.data.nvdcve.Fields;
import org.codesecure.dependencycheck.data.nvdcve.Index;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class NvdCveParser extends Index {
//HACK - this has initially been placed here as a hack because not all
// of the CPEs listed in the NVD CVE are actually in the CPE xml file
// hosted by NIST.
private org.codesecure.dependencycheck.data.cpe.Index cpeIndex = null;
/**
* Adds the CPE Index to add additional CPEs found by parsing the NVD CVE.
* @param index the CPE Index to write new CPEs into.
*/
public void setCPEIndexer(org.codesecure.dependencycheck.data.cpe.Index index) {
this.cpeIndex = index;
}
/**
* Parses an NVD CVE xml file using a buffered readerd. This
* method maybe more fragile then using a partial-unmarshalling SAX
* Parser (aka the deprecated NvdCveXmlFilter) - but this method is
* orders of magnitude faster.
*
* @param file the reference to the NVD CVE file
*/
public void parse(File file) {
InputStreamReader fr = null;
BufferedReader br = null;
Pattern rxEntry = Pattern.compile("^\\s*<entry\\s*id\\=\\\"([^\\\"]+)\\\".*$");
Pattern rxEntryEnd = Pattern.compile("^\\s*</entry>.*$");
Pattern rxFact = Pattern.compile("^\\s*<cpe\\-lang\\:fact\\-ref name=\\\"([^\\\"]+).*$");
//Pattern rxSummary = Pattern.compile("^\\s*<vuln:summary>([^\\<]+).*$");
try {
fr = new InputStreamReader(new FileInputStream(file), "UTF-8");
br = new BufferedReader(fr);
StringBuilder sb = new StringBuilder(7000);
String str = null;
String id = null;
Document doc = new Document();
boolean skipEntry = true;
boolean started = false;
while ((str = br.readLine()) != null) {
Matcher matcherEntryEnd = rxEntryEnd.matcher(str);
if (started && !matcherEntryEnd.matches()) {
sb.append(str);
}
//facts occur more often, do them first.
Matcher matcherFact = rxFact.matcher(str);
if (matcherFact.matches()) {
String cpe = matcherFact.group(1).trim();
if (cpe != null && cpe.startsWith("cpe:/a:")) {
skipEntry = false;
//TODO deal with other possible :-: scenarios. do we need to be concerned about those?
if (cpe.endsWith(":-")) {
cpe = cpe.substring(0, cpe.length() - 2);
}
addVulnerableCpe(cpe, doc);
}
continue;
}
Matcher matcherEntry = rxEntry.matcher(str);
if (matcherEntry.matches()) {
started = true;
id = matcherEntry.group(1);
sb.append("<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>");
sb.append("<vulnerabilityType ");
//sb.append("xmlns=\"http://scap.nist.gov/schema/feed/vulnerability/2.0\" ");
//sb.append("xmlns:vuln=\"http://scap.nist.gov/schema/vulnerability/0.4\" ");
sb.append("xmlns=\"http://scap.nist.gov/schema/vulnerability/0.4\" ");
sb.append("xmlns:vuln=\"http://scap.nist.gov/schema/vulnerability/0.4\" ");
//sb.append("xmlns:vulnerability=\"http://scap.nist.gov/schema/feed/vulnerability/2.0\" ");
sb.append("xmlns:cpe-lang=\"http://cpe.mitre.org/language/2.0\" ");
sb.append("xmlns:cvss2=\"http://scap.nist.gov/schema/cvss-v2/0.2\" ");
sb.append("xmlns:cvss=\"http://scap.nist.gov/schema/cvss-v2/0.2\" ");
sb.append("xmlns:scap-core=\"http://scap.nist.gov/schema/scap-core/0.1\" ");
sb.append("xmlns:scap_core=\"http://scap.nist.gov/schema/scap-core/0.1\" ");
sb.append("xmlns:patch=\"http://scap.nist.gov/schema/patch/0.1\" ");
sb.append("xmlns:cve=\"http://scap.nist.gov/schema/cve/0.1\" ");
sb.append("xmlns:cce=\"http://scap.nist.gov/schema/cce/0.1\" ");
sb.append("id=\"").append(id).append("\">");
//sb.append(str); //need to do the above to get the correct schema generated from files.
Field name = new StringField(Fields.CVE_ID, id, Field.Store.NO);
doc.add(name);
continue;
}
// Matcher matcherSummary = rxSummary.matcher(str);
// if (matcherSummary.matches()) {
// String summary = matcherSummary.group(1);
// Field description = new Field(Fields.DESCRIPTION, summary, Field.Store.NO);
// doc.add(description);
// continue;
// }
if (matcherEntryEnd.matches()) {
sb.append("</vulnerabilityType>");
Field xml = new StoredField(Fields.XML, sb.toString());
doc.add(xml);
if (!skipEntry) {
Term name = new Term(Fields.CVE_ID, id);
indexWriter.deleteDocuments(name);
indexWriter.addDocument(doc);
//indexWriter.updateDocument(name, doc);
}
//reset the document
doc = new Document();
sb = new StringBuilder(7000);
id = null;
skipEntry = true;
started = false;
}
}
} catch (FileNotFoundException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
} catch (IOException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
} finally {
try {
if (fr != null) {
fr.close();
}
} catch (IOException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
}
try {
if (br != null) {
br.close();
}
} catch (IOException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
/**
* Adds a CPE to the Lucene Document
* @param cpe a string representing a CPE
* @param doc a lucene document
* @throws CorruptIndexException is thrown if the CPE Index is corrupt
* @throws IOException is thrown if there is an IO Exception while writting to the CPE Index
*/
private void addVulnerableCpe(String cpe, Document doc) throws CorruptIndexException, IOException {
Field vulnerable = new StringField(Fields.VULNERABLE_CPE, cpe, Field.Store.NO);
doc.add(vulnerable);
//HACK - this has initially been placed here as a hack because not all
// of the CPEs listed in the NVD CVE are actually in the CPE xml file
// hosted by NIST.
Entry cpeEntry = new Entry();
try {
cpeEntry.parseName(cpe);
} catch (UnsupportedEncodingException ex) {
Logger.getLogger(NvdCveParser.class.getName()).log(Level.SEVERE, null, ex);
}
if (cpeIndex != null) {
cpeIndex.saveEntry(cpeEntry);
}
}
}

247
src/main/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveXmlFilter.java
View File

@@ -1,247 +0,0 @@
/*
* This file is part of DependencyCheck.
*
* DependencyCheck is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* DependencyCheck is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* DependencyCheck. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.IOException;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import javax.xml.bind.UnmarshallerHandler;
import org.apache.lucene.index.CorruptIndexException;
import org.codesecure.dependencycheck.data.nvdcve.generated.VulnerabilityType;
import org.xml.sax.Attributes;
import org.xml.sax.Locator;
import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;
import org.xml.sax.helpers.NamespaceSupport;
import org.xml.sax.helpers.XMLFilterImpl;
/**
*
* <p>This filter uses partial-unmarshalling to unmarshall single NVD CVE
* entries for use with a SAX Parser.</p>
*
* <p>This code was based off of an example found on <a
* href="http://stackoverflow.com/questions/6484681/jaxb-partial-unmarshalling-elements-without-xmlrootelement">stackoverflow</a></p>
*
* @author Jeremy
*/
@Deprecated
public class NvdCveXmlFilter extends XMLFilterImpl {
EntrySaveDelegate saveDelegate = null;
/**
* Register a EntrySaveDelegate object. When the last node of an entry is
* reached if a save delegate has been registered the save method will be
* invoked.
*
* @param delegate the delegate used to save an entry
*/
public void registerSaveDelegate(EntrySaveDelegate delegate) {
this.saveDelegate = delegate;
}
/**
* The JAXBContext
*/
private final JAXBContext context;
/**
* Constructs a new NvdCveXmlFilter
*
* @param context a JAXBContext
*/
public NvdCveXmlFilter(JAXBContext context) {
this.context = context;
}
/**
* The locator object used for unmarshalling
*/
private Locator locator = null;
/**
* Sets the document locator.
*
* @param loc the locator to use.
*/
@Override
public void setDocumentLocator(Locator loc) {
this.locator = loc;
super.setDocumentLocator(loc);
}
/**
* Used to keep track of namespace bindings.
*/
private NamespaceSupport nsSupport = new NamespaceSupport();
/**
* Stores the namespace prefix for use during unmarshalling.
*
* @param prefix the namespace prefix.
* @param uri the namespace.
* @throws SAXException is thrown is there is a SAXException.
*/
@Override
public void startPrefixMapping(String prefix, String uri) throws SAXException {
nsSupport.pushContext();
nsSupport.declarePrefix(prefix, uri);
super.startPrefixMapping(prefix, uri);
}
/**
* Removes the namespace prefix from the local support object so that
* unmarshalling works correctly.
*
* @param prefix the prefix to remove.
* @throws SAXException is thrown is there is a SAXException.
*/
@Override
public void endPrefixMapping(String prefix) throws SAXException {
nsSupport.popContext();
super.endPrefixMapping(prefix);
}
/**
* The UnmarshallerHandler.
*/
private UnmarshallerHandler unmarshallerHandler;
/**
* Used to track how deep the SAX parser is in nested XML.
*/
private int depth;
/**
* Fired when the SAX parser starts an element. This will either forward the
* event to the unmarshaller or create an unmarshaller if it is at the start
* of a new "entry".
*
* @param uri uri
* @param localName localName
* @param qName qName
* @param atts atts
* @throws SAXException is thrown if there is a SAXException.
*/
@Override
public void startElement(String uri, String localName, String qName, Attributes atts) throws SAXException {
if (depth != 0) {
// we are in the middle of forwarding events.
// continue to do so.
depth += 1;
super.startElement(uri, localName, qName, atts);
return;
}
//old - for cve 1.2 uri.equals("http://nvd.nist.gov/feeds/cve/1.2")
if (uri.equals("http://scap.nist.gov/schema/feed/vulnerability/2.0") && localName.equals("entry")) {
Unmarshaller unmarshaller;
try {
unmarshaller = context.createUnmarshaller();
} catch (JAXBException e) {
throw new SAXException(e);
}
unmarshallerHandler = unmarshaller.getUnmarshallerHandler();
setContentHandler(unmarshallerHandler);
// fire SAX events to emulate the start of a new document.
unmarshallerHandler.startDocument();
unmarshallerHandler.setDocumentLocator(locator);
Enumeration e = nsSupport.getPrefixes();
while (e.hasMoreElements()) {
String prefix = (String) e.nextElement();
String uriToUse = nsSupport.getURI(prefix);
unmarshallerHandler.startPrefixMapping(prefix, uriToUse);
}
String defaultURI = nsSupport.getURI("");
if (defaultURI != null) {
unmarshallerHandler.startPrefixMapping("", defaultURI);
}
super.startElement(uri, localName, qName, atts);
// count the depth of elements and we will know when to stop.
depth = 1;
}
}
/**
* Processes the end of an element. If we are at depth 0 we unmarshall the
* Entry and pass it to the save delegate
*
* @param uri the uri of the current element
* @param localName the local name of the current element
* @param qName the qname of the current element
* @throws SAXException is thrown if there is a SAXException
*/
@Override
public void endElement(String uri, String localName, String qName) throws SAXException {
// forward this event
super.endElement(uri, localName, qName);
if (depth != 0) {
depth -= 1;
if (depth == 0) {
// emulate the end of a document.
Enumeration e = nsSupport.getPrefixes();
while (e.hasMoreElements()) {
String prefix = (String) e.nextElement();
unmarshallerHandler.endPrefixMapping(prefix);
}
String defaultURI = nsSupport.getURI("");
if (defaultURI != null) {
unmarshallerHandler.endPrefixMapping("");
}
unmarshallerHandler.endDocument();
// stop forwarding events by setting a dummy handler.
// XMLFilter doesn't accept null, so we have to give it something,
// hence a DefaultHandler, which does nothing.
setContentHandler(new DefaultHandler());
// then retrieve the fully unmarshalled object
try {
if (saveDelegate != null) {
JAXBElement<VulnerabilityType> result = (JAXBElement<VulnerabilityType>) unmarshallerHandler.getResult();
VulnerabilityType entry = result.getValue();
saveDelegate.saveEntry(entry);
}
} catch (JAXBException je) { //we can continue with this exception.
//TODO can I get the filename somewhere?
Logger.getLogger(NvdCveXmlFilter.class.getName()).log(Level.SEVERE,
"Unable to unmarshall NvdCVE (line " + locator.getLineNumber() + ").", je);
} catch (CorruptIndexException ex) {
Logger.getLogger(NvdCveXmlFilter.class.getName()).log(Level.SEVERE, null, ex);
throw new SAXException(ex);
} catch (IOException ex) {
Logger.getLogger(NvdCveXmlFilter.class.getName()).log(Level.SEVERE, null, ex);
throw new SAXException(ex);
} finally {
unmarshallerHandler = null;
}
}
}
}
}

44
src/main/java/org/codesecure/dependencycheck/dependency/Vulnerability.java
View File

@@ -19,8 +19,8 @@
package org.codesecure.dependencycheck.dependency;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import java.util.HashSet;
import java.util.Set;
/**
* Contains the information about a vulnerability.
@@ -77,14 +77,14 @@ public class Vulnerability implements Serializable {
/**
* References for this vulnerability
*/
private List<Reference> references = new ArrayList<Reference>();
private Set<Reference> references = new HashSet<Reference>();
/**
* Get the value of references
*
* @return the value of references
*/
public List<Reference> getReferences() {
public Set<Reference> getReferences() {
return references;
}
@@ -93,7 +93,7 @@ public class Vulnerability implements Serializable {
*
* @param references new value of references
*/
public void setReferences(List<Reference> references) {
public void setReferences(Set<Reference> references) {
this.references = references;
}
@@ -120,16 +120,16 @@ public class Vulnerability implements Serializable {
this.references.add(ref);
}
/**
* a list of vulnerable software
* a set of vulnerable software
*/
protected List<VulnerableSoftware> vulnerableSoftware;
protected Set<VulnerableSoftware> vulnerableSoftware = new HashSet<VulnerableSoftware>();
/**
* Get the value of vulnerableSoftware
*
* @return the value of vulnerableSoftware
*/
public List<VulnerableSoftware> getVulnerableSoftware() {
public Set<VulnerableSoftware> getVulnerableSoftware() {
return vulnerableSoftware;
}
@@ -138,29 +138,45 @@ public class Vulnerability implements Serializable {
*
* @param vulnerableSoftware new value of vulnerableSoftware
*/
public void setVulnerableSoftware(List<VulnerableSoftware> vulnerableSoftware) {
public void setVulnerableSoftware(Set<VulnerableSoftware> vulnerableSoftware) {
this.vulnerableSoftware = vulnerableSoftware;
}
/**
* Adds an entry for vulnerable software
* @param cpe string representation of a CPE entry
* @return if the add succeeded
*/
public boolean addVulnerableSoftware(String cpe) {
return addVulnerableSoftware(cpe, null);
}
/**
* Adds an entry for vulnerable software
* @param cpe string representation of a cpe
* @param previousVersion the previous version (previousVersion - cpe would be considered vulnerable)
* @return if the add succeeded
*/
public void addVulnerableSoftware(String cpe, String previousVersion) {
public boolean addVulnerableSoftware(String cpe, String previousVersion) {
VulnerableSoftware vs = new VulnerableSoftware();
vs.setCpe(cpe);
if (previousVersion != null) {
vs.setPreviousVersion(previousVersion);
}
return updateVulnerableSoftware(vs);
}
/**
* Adds an entry for vulnerable software
* @param cpe string representation of a CPE entry
* Adds or updates a vulnerable software entry
* @param vulnSoftware the vulnerable software
* @return if the update succeeded
*/
public void addVulnerableSoftware(String cpe) {
addVulnerableSoftware(cpe, null);
public boolean updateVulnerableSoftware(VulnerableSoftware vulnSoftware) {
if (vulnerableSoftware.contains(vulnSoftware)) {
vulnerableSoftware.remove(vulnSoftware);
}
return vulnerableSoftware.add(vulnSoftware);
}
@Override

5
src/main/java/org/codesecure/dependencycheck/dependency/VulnerableSoftware.java
View File

@@ -59,7 +59,7 @@ public class VulnerableSoftware extends Entry implements Serializable {
* @return if previous versions of this software are vulnerable
*/
public boolean hasPreviousVersion() {
return previousVersion == null;
return previousVersion != null;
}
/**
@@ -80,7 +80,7 @@ public class VulnerableSoftware extends Entry implements Serializable {
this.previousVersion = previousVersion;
}
@Override
@Override
public boolean equals(Object obj) {
if (obj == null) {
return false;
@@ -99,7 +99,6 @@ public class VulnerableSoftware extends Entry implements Serializable {
public int hashCode() {
int hash = 7;
hash = 83 * hash + (this.name != null ? this.name.hashCode() : 0);
hash = 83 * hash + (this.previousVersion != null ? this.previousVersion.hashCode() : 0);
return hash;
}
}

2
src/main/java/org/codesecure/dependencycheck/utils/Settings.java
View File

@@ -59,7 +59,7 @@ public class Settings {
*/
public static final String CPE_META_URL = "cpe.meta.url";
/**
* The properties key for the path where the CCE Lucene Index will be
* The properties key for the path where the CVE Lucene Index will be
* stored.
*/
public static final String CVE_INDEX = "cve";

2
src/main/resources/META-INF/services/org.codesecure.dependencycheck.data.CachedWebDataSource
View File

@@ -1 +1 @@
org.codesecure.dependencycheck.data.nvdcve.xml.IndexUpdater
org.codesecure.dependencycheck.data.nvdcve.xml.DatabaseUpdater

498
src/main/resources/schema/nvdcve/1_2/nvdcve.xsd Normal file
View File

@@ -0,0 +1,498 @@
<?xml version="1.0"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://nvd.nist.gov/feeds/cve/1.2"
xmlns:cve="http://nvd.nist.gov/feeds/cve/1.2"
elementFormDefault="qualified" attributeFormDefault="unqualified"
version="1.2">
<xs:annotation>
<xs:documentation>This schema defines the structure of the National
Vulnerability Database XML feed files version: 1.2. The elements and
attribute in this document are described by xs:annotation tags. This
file is kept at http://nvd.nist.gov/schema/nvdcve.xsd. The NVD XML
feeds are available at http://nvd.nist.gov/download.cfm.
Release Notes:
Version 1.2:
* CVSS version 2 scores and vectors have been added. Please see
http://nvd.nist.gov/cvss.cfm?vectorinfo and
http://www.first.org/cvss/cvss-guide.html for more information on
how to interpret this data. </xs:documentation>
</xs:annotation>
<xs:element name="nvd">
<xs:annotation>
<xs:documentation>The root element of the NVD CVE feed. Multiple "entry" child elements describe specific NVD CVE entries.</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="cve:entry" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
<xs:attribute name="nvd_xml_version" type="xs:NMTOKEN" use="required">
<xs:annotation>
<xs:documentation>The schema version number supported by the feed.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="pub_date" type="cve:dateType" use="required">
<xs:annotation>
<xs:documentation>The date the feed was generated.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
</xs:element>
<xs:element name="entry" type="cve:entryType">
<xs:annotation>
<xs:documentation>A CVE entry.</xs:documentation>
</xs:annotation>
</xs:element>
<!-- ******************************************************************* -->
<!-- * Complex Types * -->
<!-- ******************************************************************* -->
<xs:complexType name="entryType">
<xs:annotation>
<xs:documentation> Documents one CVE entry. The child elements should always
appear in the sequence defined below. These elements are compatible with
entry elements from the CVE XML feeds.</xs:documentation>
</xs:annotation>
<xs:sequence>
<xs:element name="desc">
<xs:annotation>
<xs:documentation>Description wrapper tag, parent to any
documented descriptions of this CVE entry. While the "desc"
tag will always be present, there may be no "descript" child
tags. Only one "descript" tag will exist for each
description source (i.e. CVE, NVD, ...). </xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="descript" type="cve:descriptType" minOccurs="0" maxOccurs="2">
<xs:annotation>
<xs:documentation>A description of a CVE entry
from the source indicated by the "source"
attribute.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="impacts" minOccurs="0">
<xs:annotation>
<xs:documentation> Impact wrapper tag (may or may not be
present). Only one "impact" tag will exist for each impact
explanation source. </xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="impact" type="cve:impactType">
<xs:annotation>
<xs:documentation> Contains a specific impact
explanation of this CVE entry from source
indicated by the "source" attribute.
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="sols" type="cve:solsType" minOccurs="0">
<xs:annotation>
<xs:documentation> Solution wrapper tag (may or may not be
present). Only one "sol" tag will exist for each solution
explanation source. </xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="loss_types" type="cve:lossTypeType" minOccurs="0">
<xs:annotation>
<xs:documentation> Loss type tag (may or may not be present).
Contains one loss type child for each loss type of this CVE
entry. Potential loss types are: "avail" => availability
"conf" => confidentiality "int" => integrity "sec_prot" =>
security protection </xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="vuln_types" type="cve:vulnType" minOccurs="0">
<xs:annotation>
<xs:documentation> Vulnerability type tag (may or may not be
present). Contains one vulnerability type child for each
vulnerability type of this CVE entry. Potential
vulnerability types are: "access" => Access validation error
"input" => Input validation error "design" => Design error
"exception" => Exceptional condition error "env" =>
Environmental error "config" => Configuration error "race"
=> Race condition error "other" => other </xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="range" type="cve:rangeType" minOccurs="0">
<xs:annotation>
<xs:documentation> Vulnerability range tag (may or may not be
present). Contains one vulnerability range child for each
vulnerability range of this CVE entry. Potential
vulnerability ranges are: "local" => Locally exploitable
"local_network" => Local network exploitable "network" =>
Network exploitable "user_init" => User accesses attacker
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="refs">
<xs:annotation>
<xs:documentation> Reference wrapper tag (always present).
External references to this CVE entry are contained within
this tag. </xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="ref" type="cve:refType" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation> Individual reference to this CVE
entry. Text is the name of this vulnerability at
this particular reference. Attributes: "source"
(required) => Name of reference source "url"
(required) => hyperlink to reference "sig" =>
indicates this reference includes a tool
signature "adv" => indicates this reference is a
Security Advisory "patch" => indicates this
reference includes a patch for this
vulnerability </xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="vuln_soft" type="cve:vulnSoftType" minOccurs="0">
<xs:annotation>
<xs:documentation> Vulnerable software wrapper tag (may or may
not be present). Software affected by this CVE entry are
listed within this tag. </xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
<xs:attribute name="type" use="required">
<xs:annotation>
<xs:documentation>CVE or CAN</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:NMTOKEN">
<xs:enumeration value="CAN"/>
<xs:enumeration value="CVE"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="name" use="required">
<xs:annotation>
<xs:documentation>the full CVE name</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:ID">
<xs:pattern value="(CAN|CVE)\-\d\d\d\d\-\d\d\d\d"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="seq" use="required">
<xs:annotation>
<xs:documentation>the sequence number from CVE name</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:NMTOKEN">
<xs:pattern value="\d\d\d\d\-\d\d\d\d"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="nvd_name" type="xs:string">
<xs:annotation>
<xs:documentation>the NVD name (if it exists)</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="discovered" type="cve:dateType">
<xs:annotation>
<xs:documentation>the date this entry was discovered</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="published" type="cve:dateType" use="required">
<xs:annotation>
<xs:documentation>the date this entry was published</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="modified" type="cve:dateType">
<xs:annotation>
<xs:documentation>the date this entry was last modified</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="severity">
<xs:annotation>
<xs:documentation>the entry's severity as determined by the NVD analysts: High, Medium, or Low</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:NMTOKEN">
<xs:enumeration value="High"/>
<xs:enumeration value="Medium"/>
<xs:enumeration value="Low"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="reject" type="cve:trueOnlyAttribute">
<xs:annotation>
<xs:documentation>indicates that this CVE entry has been rejected by CVE or NVD</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="CVSS_version" type="xs:string">
<xs:annotation>
<xs:documentation>the CVSS Version Indicator</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="CVSS_score" type="cve:zeroToTen">
<xs:annotation>
<xs:documentation>Same as the CVSS_base_score to provide backwards compatability with the previous CVE XML feed format. This field is deprecated an may be removed at a future date.</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="CVSS_base_score" type="cve:zeroToTen">
<xs:annotation>
<xs:documentation>CVSS version 2 Base Score</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="CVSS_impact_subscore" type="cve:zeroToTen">
<xs:annotation>
<xs:documentation>CVSS version 2 Impact Score</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="CVSS_exploit_subscore" type="cve:zeroToTen">
<xs:annotation>
<xs:documentation>CVSS version 2 Exploit Score</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="CVSS_vector" type="cve:CVSSVector">
<xs:annotation>
<xs:documentation>the CVSS version 2 Vector string</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="descriptType">
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="source" type="cve:descriptSourceType" use="required">
<xs:annotation>
<xs:documentation>The source of the CVE description.</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:complexType name="impactType">
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="source" type="cve:impactSourceType" use="required">
</xs:attribute>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:complexType name="vulnType">
<xs:sequence>
<xs:element name="access" minOccurs="0"/>
<xs:element name="input" minOccurs="0">
<xs:annotation>
<xs:documentation> Input validation error tag with
one attribute for each input validation error
type. Potential input validation error types
are: "bound" => Boundary condition error
"buffer" => Buffer overflow </xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attribute name="bound" type="cve:trueOnlyAttribute"/>
<xs:attribute name="buffer" type="cve:trueOnlyAttribute"
/>
</xs:complexType>
</xs:element>
<xs:element name="design" minOccurs="0"/>
<xs:element name="exception" minOccurs="0"/>
<xs:element name="env" minOccurs="0"/>
<xs:element name="config" minOccurs="0"/>
<xs:element name="race" minOccurs="0"/>
<xs:element name="other" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="solsType">
<xs:sequence>
<xs:element name="sol">
<xs:annotation>
<xs:documentation> Contains a specific solution
explanation of this CVE entry from source
indicated by the "source" attribute.
</xs:documentation>
</xs:annotation>
<xs:complexType mixed="true">
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="source" type="cve:solsSourceType" use="required">
</xs:attribute>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="lossTypeType">
<xs:sequence>
<xs:element name="avail" minOccurs="0"/>
<xs:element name="conf" minOccurs="0"/>
<xs:element name="int" minOccurs="0"/>
<xs:element name="sec_prot" minOccurs="0">
<xs:annotation>
<xs:documentation> Security Protection tag with one
attribute for each security protection type.
Potential security protection types are: "admin"
=> gain administrative access "user" => gain
user access "other" => other </xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attribute name="admin" type="cve:trueOnlyAttribute"/>
<xs:attribute name="user" type="cve:trueOnlyAttribute"/>
<xs:attribute name="other" type="cve:trueOnlyAttribute"
/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="rangeType">
<xs:sequence>
<xs:element name="local" minOccurs="0"/>
<xs:element name="local_network" minOccurs="0"/>
<xs:element name="network" minOccurs="0"/>
<xs:element name="user_init" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="refType">
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="source" type="xs:string" use="required"/>
<xs:attribute name="url" type="cve:urlType" use="required"/>
<xs:attribute name="sig" type="cve:trueOnlyAttribute"/>
<xs:attribute name="adv" type="cve:trueOnlyAttribute"/>
<xs:attribute name="patch" type="cve:trueOnlyAttribute"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:complexType name="vulnSoftType">
<xs:sequence>
<xs:element name="prod" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation> Product wrapper tag. Versions of
this product that are affected by this
vulnerability are listed within this tag.
Attributes: "name" => Product name "vendor" =>
Vendor of this product </xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="vers" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation> Represents a version
of this product that is affected by
this vulnerability. Attributes:
"num" => This version number "prev"
=> Indicates that versions previous
to this version number are also
affected by this vulnerability
"edition" => Indicates the edition
associated with the version number
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attribute name="num"
type="xs:string" use="required"/>
<xs:attribute name="prev"
type="cve:trueOnlyAttribute"/>
<xs:attribute name="edition"
type="xs:string"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="name" type="xs:string"
use="required"/>
<xs:attribute name="vendor" type="xs:string"
use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<!-- ******************************************************************* -->
<!-- * Simple Types * -->
<!-- ******************************************************************* -->
<xs:simpleType name="descriptSourceType">
<xs:restriction base="xs:NMTOKEN">
<xs:enumeration value="cve"/>
<xs:enumeration value="nvd"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="impactSourceType">
<xs:restriction base="xs:NMTOKEN">
<xs:enumeration value="nvd"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="solsSourceType">
<xs:restriction base="xs:NMTOKEN">
<xs:enumeration value="nvd"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="dateType">
<xs:annotation>
<xs:documentation> Defines date format for NVD. Dates follow the mask "yyyy-mm-dd"
</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:pattern
value="(19|20)\d\d-((01|03|05|07|08|10|12)-(0[1-9]|[1-2]\d|3[01])|(04|06|09|11)-(0[1-9]|[1-2]\d|30)|02-(0[1-9]|1\d|2\d))"
/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="urlType">
<xs:annotation>
<xs:documentation> Restricts urls in NVD beyond the xs:anyURI restrictions.
</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:anyURI">
<xs:whiteSpace value="collapse"/>
<xs:pattern value="(news|(ht|f)tp(s)?)://.+"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="trueOnlyAttribute">
<xs:annotation>
<xs:documentation> simpleType used for attributes that are only present when they are
true. Such attributes appear only in the form attribute_name="1".
</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:NMTOKEN">
<xs:enumeration value="1"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="zeroToTen">
<xs:annotation>
<xs:documentation> simpleType used when scoring on a scale of 0-10, inclusive
</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:decimal">
<xs:minInclusive value="0" fixed="true"/>
<xs:maxInclusive value="10" fixed="true"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="CVSSVector">
<xs:annotation>
<xs:documentation>simpleType to describe the CVSS Base Vector </xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:pattern
value="\(AV:[LAN]/AC:[HML]/Au:[NSM]/C:[NPC]/I:[NPC]/A:[NPC]\)"/>
</xs:restriction>
</xs:simpleType>
</xs:schema>

0
src/main/resources/schema/nvdcve/cce_0.1.xsd → src/main/resources/schema/nvdcve/2_0/cce_0.1.xsd
View File

0
src/main/resources/schema/nvdcve/cpe-language_2.1.xsd → src/main/resources/schema/nvdcve/2_0/cpe-language_2.1.xsd
View File

0
src/main/resources/schema/nvdcve/cve_0.1.xsd → src/main/resources/schema/nvdcve/2_0/cve_0.1.xsd
View File

0
src/main/resources/schema/nvdcve/cvss-v2_0.2.xsd → src/main/resources/schema/nvdcve/2_0/cvss-v2_0.2.xsd
View File

0
src/main/resources/schema/nvdcve/nvd-cve-feed_2.0.xsd → src/main/resources/schema/nvdcve/2_0/nvd-cve-feed_2.0.xsd
View File

0
src/main/resources/schema/nvdcve/patch_0.1.xsd → src/main/resources/schema/nvdcve/2_0/patch_0.1.xsd
View File

0
src/main/resources/schema/nvdcve/scap-core_0.1.xsd → src/main/resources/schema/nvdcve/2_0/scap-core_0.1.xsd
View File

0
src/main/resources/schema/nvdcve/vulnerability_0.4.xsd → src/main/resources/schema/nvdcve/2_0/vulnerability_0.4.xsd
View File

20
src/main/resources/schema/nvdcve/bindings.xml
View File

@@ -1,20 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<jxb:bindings version="2.1"
xmlns:jxb="http://java.sun.com/xml/ns/jaxb"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc"
jxb:extensionBindingPrefixes="xjc">
<jxb:globalBindings>
<xjc:simple/>
</jxb:globalBindings>
<jxb:bindings schemaLocation="cpe-language_2.1.xsd">
<jxb:bindings node="//xs:complexType[@name='TextType']">
<jxb:class name="TextType1"/>
</jxb:bindings>
</jxb:bindings>
<jxb:bindings schemaLocation="scap-core_0.1.xsd">
<jxb:bindings node="//xs:complexType[@name='textType']">
<jxb:class name="TextType2"/>
</jxb:bindings>
</jxb:bindings>
</jxb:bindings>

18
src/main/resources/schema/nvdcve/generateBindings.bat
View File

@@ -1,18 +0,0 @@
if not "%JAVA_HOME%" == "" goto JAVA_HOME_DEFINED
:NO_JAVA_HOME
set XJC=xjc.exe
goto LAUNCH
:JAVA_HOME_DEFINED
set XJC="%JAVA_HOME%\bin\xjc.exe"
goto LAUNCH
:LAUNCH
%XJC% -extension -d ..\..\..\java -b "bindings.xml" -p "org.codesecure.dependencycheck.data.nvdcve.generated" -mark-generated "nvd-cve-feed_2.0.xsd"
echo --------------------------------------------------------------
echo IMPORTANT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
echo You must add the following annotation to the VulnerabilityType
echo @XmlRootElement(name = "vulnerabilityType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")
echo --------------------------------------------------------------

16
src/main/resources/schema/nvdcve/generateBindings.sh
View File

@@ -1,16 +0,0 @@
#!/bin/sh
if [ -n "$JAVA_HOME" ]
then
XJC="$JAVA_HOME/bin/xjc.exe"
else
XJC=xjc.exe
fi
exec "$XJC" -extension -d ../../../java -b "bindings.xml" -p "org.codesecure.dependencycheck.data.nvdcve.generated" -mark-generated "nvd-cve-feed_2.0.xsd"
echo '--------------------------------------------------------------'
echo 'IMPORTANT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'
echo 'You must add the following annotation to the VulnerabilityType'
echo '@XmlRootElement(name = "vulnerabilityType", namespace = "http://scap.nist.gov/schema/vulnerability/0.4")'
echo '--------------------------------------------------------------'

2
src/test/java/org/codesecure/dependencycheck/EngineIntegrationTest.java
View File

@@ -19,7 +19,7 @@ import static org.junit.Assert.*;
public class EngineIntegrationTest {
public EngineIntegrationTest() throws Exception {
org.codesecure.dependencycheck.data.nvdcve.BaseIndexTestCase.ensureIndexExists();
org.codesecure.dependencycheck.data.nvdcve.BaseDBTestCase.ensureDBExists();
org.codesecure.dependencycheck.data.cpe.BaseIndexTestCase.ensureIndexExists();
}

1
src/test/java/org/codesecure/dependencycheck/data/cpe/IndexTest.java
View File

@@ -65,7 +65,6 @@ public class IndexTest extends BaseIndexTestCase {
Directory result = index.getDirectory();
String exp = File.separatorChar + "target" + File.separatorChar + "data" + File.separatorChar + "cpe";
// TODO review the generated test code and remove the default call to fail.
assertTrue(result.toString().contains(exp));
}
}

49
src/test/java/org/codesecure/dependencycheck/data/nvdcve/BaseIndexTestCase.java → src/test/java/org/codesecure/dependencycheck/data/nvdcve/BaseDBTestCase.java
View File

@@ -21,19 +21,18 @@ import org.codesecure.dependencycheck.utils.Settings;
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public abstract class BaseIndexTestCase extends TestCase {
public BaseIndexTestCase(String testName) {
public abstract class BaseDBTestCase extends TestCase {
public BaseDBTestCase(String testName) {
super(testName);
}
@Override
protected void setUp() throws Exception {
super.setUp();
ensureIndexExists();
ensureDBExists();
}
protected static File getDataDirectory() throws IOException {
String fileName = Settings.getString(Settings.KEYS.CVE_INDEX);
String filePath = Index.class.getProtectionDomain().getCodeSource().getLocation().getPath();
@@ -42,14 +41,14 @@ public abstract class BaseIndexTestCase extends TestCase {
if (exePath.getName().toLowerCase().endsWith(".jar")) {
exePath = exePath.getParentFile();
} else {
exePath = new File( "." );
exePath = new File(".");
}
File path = new File(exePath.getCanonicalFile() + File.separator + fileName);
path = new File(path.getCanonicalPath());
return path;
}
public static void ensureIndexExists() throws Exception {
public static void ensureDBExists() throws Exception {
//String indexPath = Settings.getString(Settings.KEYS.CVE_INDEX);
String indexPath = getDataDirectory().getCanonicalPath();
java.io.File f = new File(indexPath);
@@ -58,7 +57,7 @@ public abstract class BaseIndexTestCase extends TestCase {
FileInputStream fis = null;
ZipInputStream zin = null;
try {
File path = new File(BaseIndexTestCase.class.getClassLoader().getResource("index.nvdcve.zip").getPath());
File path = new File(BaseDBTestCase.class.getClassLoader().getResource("db.nvdcve.zip").getPath());
fis = new FileInputStream(path);
zin = new ZipInputStream(new BufferedInputStream(fis));
ZipEntry entry;
@@ -77,40 +76,48 @@ public abstract class BaseIndexTestCase extends TestCase {
// oPath.mkdir();
// }
o.createNewFile();
fos = new FileOutputStream(o,false);
fos = new FileOutputStream(o, false);
dest = new BufferedOutputStream(fos, BUFFER);
byte data[] = new byte[BUFFER];
int count;
while ((count = zin.read(data, 0, BUFFER)) != -1) {
dest.write(data, 0, count);
dest.write(data, 0, count);
}
} catch (Exception ex) {
String ignore = ex.getMessage();
} catch (Exception ex) {
String ignore = ex.getMessage();
} finally {
try {
dest.flush();
dest.close();
dest = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
} catch (Throwable ex) {
String ignore = ex.getMessage();
}
try {
fos.close();
fos = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
} catch (Throwable ex) {
String ignore = ex.getMessage();
}
}
}
} finally {
try {
if (zin!=null) {
if (zin != null) {
zin.close();
}
zin = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
} catch (Throwable ex) {
String ignore = ex.getMessage();
}
try {
if (fis!=null) {
if (fis != null) {
fis.close();
}
fis = null;
} catch (Throwable ex) { String ignore = ex.getMessage(); }
} catch (Throwable ex) {
String ignore = ex.getMessage();
}
}
}
}

50
src/test/java/org/codesecure/dependencycheck/data/nvdcve/IndexTest.java
View File

@@ -1,50 +0,0 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.nvdcve;
import java.io.File;
import org.apache.lucene.store.Directory;
import static org.junit.Assert.assertTrue;
import org.junit.*;
/**
*
* @author Jeremy
*/
public class IndexTest extends BaseIndexTestCase {
public IndexTest(String testName) {
super(testName);
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of getDirectory method, of class Index.
*/
@Test
public void testGetDirectory() throws Exception {
System.out.println("getDirectory");
Index instance = new Index();
String exp = File.separatorChar + "target" + File.separatorChar + "data" + File.separatorChar + "cve";
Directory result = instance.getDirectory();
assertTrue(result.toString().contains(exp));
}
}

48
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/DatabaseUpdaterIntegrationTest.java Normal file
View File

@@ -0,0 +1,48 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class DatabaseUpdaterIntegrationTest {
public DatabaseUpdaterIntegrationTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of update method, of class DatabaseUpdater.
* @throws Exception
*/
@Test
public void testUpdate() throws Exception {
System.out.println("update");
DatabaseUpdater instance = new DatabaseUpdater();
instance.update();
}
}

70
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/IndexUpdaterIntegrationTest.java
View File

@@ -1,70 +0,0 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.util.Map;
import org.codesecure.dependencycheck.data.nvdcve.BaseIndexTestCase;
import org.junit.*;
/**
*
* @author Jeremy
*/
public class IndexUpdaterIntegrationTest extends BaseIndexTestCase {
public IndexUpdaterIntegrationTest(String testName) {
super(testName);
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of retrieveCurrentTimestampFromWeb method, of class Index.
*/
@Test
public void testRetrieveCurrentTimestampFromWeb() throws Exception {
System.out.println("retrieveCurrentTimestampFromWeb");
IndexUpdater instance = new IndexUpdater();
Map<String, IndexUpdater.NvdCveUrl> result = instance.retrieveCurrentTimestampsFromWeb();
assertEquals(12, result.size());
}
/**
* Test of update method, of class Index.
*/
@Test
public void testUpdate() throws Exception {
System.out.println("update");
IndexUpdater instance = new IndexUpdater();
instance.update();
}
/**
* Test of updateNeeded method, of class Index.
*/
@Test
public void testUpdateNeeded() throws Exception {
System.out.println("updateNeeded");
IndexUpdater instance = new IndexUpdater();
instance.updateNeeded();
//if an exception is thrown this test fails. However, because it depends on the
// order of the tests what this will return I am just testing for the exception.
}
}

66
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveParserTest.java
View File

@@ -1,66 +0,0 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
import java.io.File;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.lucene.index.CorruptIndexException;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@gmail.com)
*/
public class NvdCveParserTest {
public NvdCveParserTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of parse method, of class NvdCveParser.
*/
@Test
public void testParse() throws InvalidDataException {
NvdCveParser instance = null;
try {
System.out.println("parse");
File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2.0-2012.xml").getPath());
instance = new NvdCveParser();
instance.openIndexWriter();
instance.parse(file);
} catch (CorruptIndexException ex) {
throw new InvalidDataException("corrupt index", ex);
} catch (IOException ex) {
throw new InvalidDataException("IO Exception", ex);
} finally {
if (instance != null) {
instance.close();
}
}
}
}

103
src/test/java/org/codesecure/dependencycheck/data/nvdcve/xml/NvdCveXmlFilterTest.java
View File

@@ -1,103 +0,0 @@
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package org.codesecure.dependencycheck.data.nvdcve.xml;
//
//import java.io.BufferedInputStream;
//import java.io.DataInputStream;
//import java.io.File;
//import java.io.FileReader;
//import java.io.IOException;
//import java.io.InputStream;
//import java.io.Reader;
//import java.net.MalformedURLException;
//import java.util.logging.Level;
//import java.util.logging.Logger;
//import javax.xml.bind.JAXBContext;
//import javax.xml.bind.JAXBException;
//import javax.xml.parsers.ParserConfigurationException;
//import javax.xml.parsers.SAXParserFactory;
//import org.apache.lucene.index.CorruptIndexException;
//import org.codesecure.dependencycheck.data.nvdcve.InvalidDataException;
//import org.codesecure.dependencycheck.data.nvdcve.generated.VulnerabilityType;
//import org.junit.After;
//import org.junit.AfterClass;
//import org.junit.Before;
//import org.junit.BeforeClass;
//import org.junit.Test;
//import static org.junit.Assert.*;
//import org.xml.sax.Attributes;
//import org.xml.sax.InputSource;
//import org.xml.sax.Locator;
//import org.xml.sax.SAXException;
//import org.xml.sax.XMLReader;
//
///**
// *
// * @author Jeremy
// */
//public class NvdCveXmlFilterTest {
//
// public NvdCveXmlFilterTest() {
// }
//
// @BeforeClass
// public static void setUpClass() {
// }
//
// @AfterClass
// public static void tearDownClass() {
// }
//
// @Before
// public void setUp() {
// }
//
// @After
// public void tearDown() {
// }
//
// /**
// * Test of process method, of class NvdCveXmlFilter.
// */
// @Test
// public void testFilter() throws InvalidDataException {
// Indexer indexer = null;
// try {
// System.out.println("filter");
//
// SAXParserFactory factory = SAXParserFactory.newInstance();
// factory.setNamespaceAware(true);
// XMLReader reader = factory.newSAXParser().getXMLReader();
//
// JAXBContext context = JAXBContext.newInstance("org.codesecure.dependencycheck.data.nvdcve.generated");
// NvdCveXmlFilter filter = new NvdCveXmlFilter(context);
//
// indexer = new Indexer();
// indexer.openIndexWriter();
//
// filter.registerSaveDelegate(indexer);
//
// reader.setContentHandler(filter);
// File file = new File(this.getClass().getClassLoader().getResource("nvdcve-2.0-2012.xml").getPath());
// Reader fileReader = new FileReader(file);
// InputSource is = new InputSource(fileReader);
// reader.parse(is);
// } catch (JAXBException ex) {
// throw new InvalidDataException("JAXBException", ex);
// } catch (SAXException ex) {
// throw new InvalidDataException("SAXException", ex);
// } catch (ParserConfigurationException ex) {
// throw new InvalidDataException("ParserConfigurationException", ex);
// } catch (CorruptIndexException ex) {
// throw new InvalidDataException("CorruptIndexException", ex);
// } catch (IOException ex) {
// throw new InvalidDataException("IOException", ex);
// } finally {
// if (indexer != null) {
// indexer.close();
// }
// }
// }
//}

Some files were not shown because too many files have changed in this diff Show More