The vulnerability may be directly or indirectly exploitable.
from enum value: IMPACT_ANALYSIS_STATE_EXPLOITABLE = 3;
The vulnerability is not specific to the component or service and was falsely identified or associated.
from enum value: IMPACT_ANALYSIS_STATE_FALSE_POSITIVE = 5;
The vulnerability is being investigated.
from enum value: IMPACT_ANALYSIS_STATE_IN_TRIAGE = 4;
The component or service is not affected by the vulnerability. Justification should be specified for all not_affected cases.
from enum value: IMPACT_ANALYSIS_STATE_NOT_AFFECTED = 6;
An undefined impact analysis state
buf:lint:ignore ENUM_ZERO_VALUE_SUFFIX -- null
is our fallback, doubling unspecified
from enum value: IMPACT_ANALYSIS_STATE_NULL = 0;
The vulnerability has been remediated.
from enum value: IMPACT_ANALYSIS_STATE_RESOLVED = 1;
The vulnerability has been remediated, and evidence of the changes is provided in the affected components pedigree containing verifiable commit history and/or diff(s).
from enum value: IMPACT_ANALYSIS_STATE_RESOLVED_WITH_PEDIGREE = 2;
Generated
from enum cyclonedx.v1_6.ImpactAnalysisState