Class: Google::Apis::WebsecurityscannerV1beta::Finding

Inherits:

Object

• Object
• Google::Apis::WebsecurityscannerV1beta::Finding

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

generated/google/apis/websecurityscanner_v1beta/classes.rb,
generated/google/apis/websecurityscanner_v1beta/representations.rb,
generated/google/apis/websecurityscanner_v1beta/representations.rb

Overview

A Finding resource represents a vulnerability instance identified during a ScanRun.

Instance Attribute Summary

• #body ⇒ String

  The body of the request that triggered the vulnerability.

• #description ⇒ String

  The description of the vulnerability.

• #final_url ⇒ String

  The URL where the browser lands when the vulnerability is detected.

• #finding_type ⇒ String

  The type of the Finding.

• #form ⇒ Google::Apis::WebsecurityscannerV1beta::Form

  ! Information about a vulnerability with an HTML.

• #frame_url ⇒ String

  If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

• #fuzzed_url ⇒ String

  The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

• #http_method ⇒ String

  The http method of the request that triggered the vulnerability, in uppercase.

• #name ⇒ String

  The resource name of the Finding.

• #outdated_library ⇒ Google::Apis::WebsecurityscannerV1beta::OutdatedLibrary

  Information reported for an outdated library.

• #reproduction_url ⇒ String

  The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

• #severity ⇒ String

  The severity level of the reported vulnerability.

• #tracking_id ⇒ String

  The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

• #violating_resource ⇒ Google::Apis::WebsecurityscannerV1beta::ViolatingResource

  Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

• #vulnerable_headers ⇒ Google::Apis::WebsecurityscannerV1beta::VulnerableHeaders

  Information about vulnerable or missing HTTP Headers.

• #vulnerable_parameters ⇒ Google::Apis::WebsecurityscannerV1beta::VulnerableParameters

  Information about vulnerable request parameters.

• #xss ⇒ Google::Apis::WebsecurityscannerV1beta::Xss

  Information reported for an XSS.

Instance Method Summary

• #initialize(**args) ⇒ Finding constructor

  A new instance of Finding.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ Finding

Returns a new instance of Finding.

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 237

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#body ⇒ String

The body of the request that triggered the vulnerability. Corresponds to the JSON property body

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 146

def body
  @body
end

#description ⇒ String

The description of the vulnerability. Corresponds to the JSON property description

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 151

def description
  @description
end

#final_url ⇒ String

The URL where the browser lands when the vulnerability is detected. Corresponds to the JSON property finalUrl

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 156

def final_url
  @final_url
end

#finding_type ⇒ String

The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to- remediate-web-security-scanner Corresponds to the JSON property findingType

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 163

def finding_type
  @finding_type
end

#form ⇒ Google::Apis::WebsecurityscannerV1beta::Form

! Information about a vulnerability with an HTML. Corresponds to the JSON property form

Returns:

• (Google::Apis::WebsecurityscannerV1beta::Form)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 168

def form
  @form
end

#frame_url ⇒ String

If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported. Corresponds to the JSON property frameUrl

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 174

def frame_url
  @frame_url
end

#fuzzed_url ⇒ String

The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability. Corresponds to the JSON property fuzzedUrl

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 180

def fuzzed_url
  @fuzzed_url
end

#http_method ⇒ String

The http method of the request that triggered the vulnerability, in uppercase. Corresponds to the JSON property httpMethod

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 185

def http_method
  @http_method
end

#name ⇒ String

The resource name of the Finding. The name follows the format of 'projects/ projectId/scanConfigs/scanConfigId/scanruns/scanRunId/findings/findingId '. The finding IDs are generated by the system. Corresponds to the JSON property name

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 192

def name
  @name
end

#outdated_library ⇒ Google::Apis::WebsecurityscannerV1beta::OutdatedLibrary

Information reported for an outdated library. Corresponds to the JSON property outdatedLibrary

Returns:

• (Google::Apis::WebsecurityscannerV1beta::OutdatedLibrary)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 197

def outdated_library
  @outdated_library
end

#reproduction_url ⇒ String

The URL containing human-readable payload that user can leverage to reproduce the vulnerability. Corresponds to the JSON property reproductionUrl

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 203

def reproduction_url
  @reproduction_url
end

#severity ⇒ String

The severity level of the reported vulnerability. Corresponds to the JSON property severity

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 208

def severity
  @severity
end

#tracking_id ⇒ String

The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns. Corresponds to the JSON property trackingId

Returns:

• (String)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 214

def tracking_id
  @tracking_id
end

#violating_resource ⇒ Google::Apis::WebsecurityscannerV1beta::ViolatingResource

Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. Corresponds to the JSON property violatingResource

Returns:

• (Google::Apis::WebsecurityscannerV1beta::ViolatingResource)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 220

def violating_resource
  @violating_resource
end

#vulnerable_headers ⇒ Google::Apis::WebsecurityscannerV1beta::VulnerableHeaders

Information about vulnerable or missing HTTP Headers. Corresponds to the JSON property vulnerableHeaders

Returns:

• (Google::Apis::WebsecurityscannerV1beta::VulnerableHeaders)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 225

def vulnerable_headers
  @vulnerable_headers
end

#vulnerable_parameters ⇒ Google::Apis::WebsecurityscannerV1beta::VulnerableParameters

Information about vulnerable request parameters. Corresponds to the JSON property vulnerableParameters

Returns:

• (Google::Apis::WebsecurityscannerV1beta::VulnerableParameters)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 230

def vulnerable_parameters
  @vulnerable_parameters
end

#xss ⇒ Google::Apis::WebsecurityscannerV1beta::Xss

Information reported for an XSS. Corresponds to the JSON property xss

Returns:

• (Google::Apis::WebsecurityscannerV1beta::Xss)

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 235

def xss
  @xss
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/websecurityscanner_v1beta/classes.rb', line 242

def update!(**args)
  @body = args[:body] if args.key?(:body)
  @description = args[:description] if args.key?(:description)
  @final_url = args[:final_url] if args.key?(:final_url)
  @finding_type = args[:finding_type] if args.key?(:finding_type)
  @form = args[:form] if args.key?(:form)
  @frame_url = args[:frame_url] if args.key?(:frame_url)
  @fuzzed_url = args[:fuzzed_url] if args.key?(:fuzzed_url)
  @http_method = args[:http_method] if args.key?(:http_method)
  @name = args[:name] if args.key?(:name)
  @outdated_library = args[:outdated_library] if args.key?(:outdated_library)
  @reproduction_url = args[:reproduction_url] if args.key?(:reproduction_url)
  @severity = args[:severity] if args.key?(:severity)
  @tracking_id = args[:tracking_id] if args.key?(:tracking_id)
  @violating_resource = args[:violating_resource] if args.key?(:violating_resource)
  @vulnerable_headers = args[:vulnerable_headers] if args.key?(:vulnerable_headers)
  @vulnerable_parameters = args[:vulnerable_parameters] if args.key?(:vulnerable_parameters)
  @xss = args[:xss] if args.key?(:xss)
end