cyclonedx.model.impact_analysis
This set of classes represents the data about Impact Analysis.
Impact Analysis is new for CycloneDX schema version 1.
Note
See the CycloneDX Schema extension definition https://cyclonedx.org/docs/1.6
Classes
Enum object that defines the permissible impact analysis affected states. |
|
Enum object that defines the rationale of why the impact analysis state was asserted. |
|
Enum object that defines the valid rationales as to why the impact analysis state was asserted. |
|
Enum object that defines the permissible impact analysis states. |
Module Contents
- class cyclonedx.model.impact_analysis.ImpactAnalysisAffectedStatus
Bases:
str
,enum.Enum
Enum object that defines the permissible impact analysis affected states.
The vulnerability status of a given version or range of versions of a product.
The statuses ‘affected’ and ‘unaffected’ indicate that the version is affected or unaffected by the vulnerability.
The status ‘unknown’ indicates that it is unknown or unspecified whether the given version is affected. There can be many reasons for an ‘unknown’ status, including that an investigation has not been undertaken or that a vendor has not disclosed the status.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.6/#type_impactAnalysisAffectedStatusType
- AFFECTED = 'affected'
- UNAFFECTED = 'unaffected'
- UNKNOWN = 'unknown'
- class cyclonedx.model.impact_analysis.ImpactAnalysisJustification
Bases:
str
,enum.Enum
Enum object that defines the rationale of why the impact analysis state was asserted.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.6/#type_impactAnalysisJustificationType
- CODE_NOT_PRESENT = 'code_not_present'
- CODE_NOT_REACHABLE = 'code_not_reachable'
- PROTECTED_AT_PERIMITER = 'protected_at_perimeter'
- PROTECTED_AT_RUNTIME = 'protected_at_runtime'
- PROTECTED_BY_COMPILER = 'protected_by_compiler'
- PROTECTED_BY_MITIGATING_CONTROL = 'protected_by_mitigating_control'
- REQUIRES_CONFIGURATION = 'requires_configuration'
- REQUIRES_DEPENDENCY = 'requires_dependency'
- REQUIRES_ENVIRONMENT = 'requires_environment'
- class cyclonedx.model.impact_analysis.ImpactAnalysisResponse
Bases:
str
,enum.Enum
Enum object that defines the valid rationales as to why the impact analysis state was asserted.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.6/#type_impactAnalysisResponsesType
- CAN_NOT_FIX = 'can_not_fix'
- ROLLBACK = 'rollback'
- UPDATE = 'update'
- WILL_NOT_FIX = 'will_not_fix'
- WORKAROUND_AVAILABLE = 'workaround_available'
- class cyclonedx.model.impact_analysis.ImpactAnalysisState
Bases:
str
,enum.Enum
Enum object that defines the permissible impact analysis states.
Note
See the CycloneDX Schema definition: https://cyclonedx.org/docs/1.6/#type_impactAnalysisStateType
- RESOLVED = 'resolved'
- RESOLVED_WITH_PEDIGREE = 'resolved_with_pedigree'
- EXPLOITABLE = 'exploitable'
- IN_TRIAGE = 'in_triage'
- FALSE_POSITIVE = 'false_positive'
- NOT_AFFECTED = 'not_affected'