Class VulnerabilityDetails
Used by Occurrence to point to where the vulnerability exists and how to fix it.
Implements
Inherited Members
Namespace: Google.Apis.ContainerAnalysis.v1alpha1.Data
Assembly: Google.Apis.ContainerAnalysis.v1alpha1.dll
Syntax
public class VulnerabilityDetails : IDirectResponseSchemaProperties
CvssScore
Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0-10 where 0 indicates low severity and 10 indicates high severity.
Declaration
[JsonProperty("cvssScore")]
public virtual float? CvssScore { get; set; }Property Value
| Type | Description |
|---|---|
| float? |
CvssV2
The CVSS v2 score of this vulnerability.
Declaration
[JsonProperty("cvssV2")]
public virtual CVSS CvssV2 { get; set; }Property Value
| Type | Description |
|---|---|
| CVSS |
CvssV3
The CVSS v3 score of this vulnerability.
Declaration
[JsonProperty("cvssV3")]
public virtual CVSS CvssV3 { get; set; }Property Value
| Type | Description |
|---|---|
| CVSS |
CvssVersion
Output only. CVSS version used to populate cvss_score and severity.
Declaration
[JsonProperty("cvssVersion")]
public virtual string CvssVersion { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }Property Value
| Type | Description |
|---|---|
| string |
EffectiveSeverity
The distro assigned severity for this vulnerability when that is available and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple package issues for this vulnerability, they can have different effective severities because some might come from the distro and some might come from installed language packs (e.g. Maven JARs or Go binaries). For this reason, it is advised to use the effective severity on the PackageIssue level, as this field may eventually be deprecated. In the case where multiple PackageIssues have different effective severities, the one set here will be the highest severity of any of the PackageIssues.
Declaration
[JsonProperty("effectiveSeverity")]
public virtual string EffectiveSeverity { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ExtraDetails
Occurrence-specific extra details about the vulnerability.
Declaration
[JsonProperty("extraDetails")]
public virtual string ExtraDetails { get; set; }Property Value
| Type | Description |
|---|---|
| string |
PackageIssue
The set of affected locations and their fixes (if available) within the associated resource.
Declaration
[JsonProperty("packageIssue")]
public virtual IList<PackageIssue> PackageIssue { get; set; }Property Value
| Type | Description |
|---|---|
| IList<PackageIssue> |
Severity
Output only. The note provider assigned Severity of the vulnerability.
Declaration
[JsonProperty("severity")]
public virtual string Severity { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Type
The type of package; whether native or non native(ruby gems, node.js packages etc). This may be deprecated in the future because we can have multiple PackageIssues with different package types.
Declaration
[JsonProperty("type")]
public virtual string Type { get; set; }Property Value
| Type | Description |
|---|---|
| string |
VexAssessment
VexAssessment provides all publisher provided Vex information that is related to this vulnerability for this resource.
Declaration
[JsonProperty("vexAssessment")]
public virtual VexAssessment VexAssessment { get; set; }Property Value
| Type | Description |
|---|---|
| VexAssessment |