我想解析一个JSON数组,下面是JSON示例
[
{"Vulnerabilities": [
{
"Id": "Cx35ef42d7-054c",
"CveName": "",
"Score": 9.8,
"Severity": "High",
"PublishDate": "2021-01-22T13:34:00",
"References": [
"https://github.com/mde/ejs/issues/571",
"https://github.com/mde/ejs/commit/abaee2be937236b1b8da9a1f55096c17dda905fd"
],
"Description": "ejs package before 3.1.6 is vulnerable to arbitrary code injection. The vulnerability exists due to improper input validation passed via the options parameter - the filename, compileDebug, and client option.",
"Cvss": {
"Score": 9.8,
"Severity": "High",
"AttackVector": "NETWORK",
"AttackComplexity": "LOW",
"Confidentiality": "HIGH",
"Availability": "HIGH",
"ExploitCodeMaturity": null,
"RemediationLevel": null,
"ReportConfidence": null,
"ConfidentialityRequirement": null,
"IntegrityRequirement": null,
"AvailabilityRequirement": null,
"Version": 3.0
},
"Recommendations": null,
"PackageId": "Npm-ejs-2.7.4",
"FixResolutionText": "3.1.7",
"IsIgnored": true,
"ExploitableMethods": [],
"Cwe": "CWE-94",
"IsViolatingPolicy": true,
"IsNewInRiskReport": false,
"Type": "Regular"
},
{
"Id": "CVE-2022-29078",
"CveName": "CVE-2022-29078",
"Score": 9.8,
"Severity": "High",
"PublishDate": "2022-04-25T15:15:00",
"References": [
"https://github.com/advisories/GHSA-phwq-j96m-2c2q",
"https://eslam.io/posts/ejs-server-side-template-injection-rce/",
"https://github.com/mde/ejs/commit/61b6616fd34ff4d21c38fe1dbaf2b3aa936bb749",
"https://github.com/mde/ejs/issues/451",
"https://github.com/mde/ejs/pull/601"
],
"Description": "The ejs (aka Embedded JavaScript templates) package up to 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation).",
"Cvss": {
"Score": 9.8,
"Severity": "High",
"AttackVector": "NETWORK",
"AttackComplexity": "LOW",
"Confidentiality": "HIGH",
"Availability": "HIGH",
"ExploitCodeMaturity": null,
"RemediationLevel": null,
"ReportConfidence": null,
"ConfidentialityRequirement": null,
"IntegrityRequirement": null,
"AvailabilityRequirement": null,
"Version": 3.0
},
"Recommendations": null,
"PackageId": "Npm-ejs-2.7.4",
"FixResolutionText": "3.1.7",
"IsIgnored": true,
"ExploitableMethods": [],
"Cwe": "CWE-74",
"IsViolatingPolicy": true,
"IsNewInRiskReport": false,
"Type": "Regular"
}
}
]我想解析JSON数组并在一个列表中获取Ids的值。
id = response.getBody.jsonPath.getList("vulnerabilities.Id");但这是一个JSON文件。我必须读取该文件,然后解析JSON以将id的值提取到List中。有人能帮忙吗?
1条答案
按热度按时间c2e8gylq1#
(假设您使用Java)
您可以执行以下操作(使用Google gson):
在此之后-有两种方法,
或者,
创建与对象匹配的POJO**(首选)**
在您的示例中,因为它是一个数组
然后从对象中提取所需字段。
或
使用JsonArray/JsonObject类