uswid.vex_statement
¶
- class uswid.vex_statement.uSwidVexStatement¶
Represents a VEX statement
- __init__()¶
- impact_statement: str | None¶
Impact statement
- justification: uSwidVexStatementJustification | None¶
Justification
- products: List[uSwidVexProduct]¶
Affected products
- status: uSwidVexStatementStatus | None¶
Status
- property trusted_entity: uSwidEntity | None¶
The entity that produced the document that contained this statement
- vulnerability_name: str | None¶
Vulnerability name, e.g. CVE-2022-40982
- class uswid.vex_statement.uSwidVexStatementJustification(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)¶
Represents an enumerated status justification
- COMPONENT_NOT_PRESENT = 'component_not_present'¶
- INLINE_MITIGATIONS_ALREADY_EXIST = 'inline_mitigations_already_exist'¶
- UNKNOWN = 'unknown'¶
- VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY = 'vulnerable_code_cannot_be_controlled_by_adversary'¶
- VULNERABLE_CODE_NOT_IN_EXECUTE_PATH = 'vulnerable_code_not_in_execute_path'¶
- VULNERABLE_CODE_NOT_PRESENT = 'vulnerable_code_not_present'¶
- classmethod from_string(status: str) uSwidVexStatementJustification ¶
Creates a uSwidVexStatementStatus from a string identifier
- class uswid.vex_statement.uSwidVexStatementStatus(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)¶
Represents an enumerated status label
- AFFECTED = 'affected'¶
- FIXED = 'fixed'¶
- NOT_AFFECTED = 'not_affected'¶
- UNDER_INVESTIGATION = 'under_investigation'¶
- UNKNOWN = 'unknown'¶
- classmethod from_string(status: str) uSwidVexStatementStatus ¶
Creates a uSwidVexStatementStatus from a string identifier