match
Matches a certain property (of type PropertyType) from a vulnerable product against a property from a component. The property is provided by a ProviderType.
The matching is done by comparing the properties with each other and returning the highest confidence. The idea is that we can potentially match the properties coming from different sources. For example, we might be able to obtain a DefiniteMatch on a ProductNameProperty by matching their names in an CpeProperty (e.g., linux_kernel) and a CaseInsensitiveIgnoreDashMatch when comparing the human-readable name (Linux Kernel) against it. In this case, we only return the DefiniteMatch.
It follows the following steps:
Gather the properties from the vulnerable product (using gatherVulnerableProperties)
Gather the properties from the component (using gatherComponentProperties)
Calculate a confidence for each possible pair of properties and store them in a list
Return the highest confidence from the list
Parameters
The provider that provides the properties.
The vulnerable product to match against.
The component to match against.
The default confidence to return if no match is found.