pulumi-google-native-kotlin/com.pulumi.googlenative.containeranalysis.v1alpha1.kotlin.inputs/VulnerabilityDetailsArgs

VulnerabilityDetailsArgs

data class VulnerabilityDetailsArgs(val cvssV2: Output<CVSSArgs>? = null, val cvssV3: Output<CVSSArgs>? = null, val effectiveSeverity: Output<VulnerabilityDetailsEffectiveSeverity>? = null, val packageIssue: Output<List<PackageIssueArgs>>? = null, val type: Output<String>? = null, val vexAssessment: Output<VexAssessmentArgs>? = null) : ConvertibleToJava<VulnerabilityDetailsArgs>

Used by Occurrence to point to where the vulnerability exists and how to fix it.

Constructors

Link copied to clipboard
fun VulnerabilityDetailsArgs(cvssV2: Output<CVSSArgs>? = null, cvssV3: Output<CVSSArgs>? = null, effectiveSeverity: Output<VulnerabilityDetailsEffectiveSeverity>? = null, packageIssue: Output<List<PackageIssueArgs>>? = null, type: Output<String>? = null, vexAssessment: Output<VexAssessmentArgs>? = null)

Functions

Link copied to clipboard
open override fun toJava(): VulnerabilityDetailsArgs

Properties

Link copied to clipboard
val cvssV2: Output<CVSSArgs>? = null

The CVSS v2 score of this vulnerability.

Link copied to clipboard
val cvssV3: Output<CVSSArgs>? = null

The CVSS v3 score of this vulnerability.

Link copied to clipboard
val effectiveSeverity: Output<VulnerabilityDetailsEffectiveSeverity>? = null

The distro assigned severity for this vulnerability when that is available and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple package issues for this vulnerability, they can have different effective severities because some might come from the distro and some might come from installed language packs (e.g. Maven JARs or Go binaries). For this reason, it is advised to use the effective severity on the PackageIssue level, as this field may eventually be deprecated. In the case where multiple PackageIssues have different effective severities, the one set here will be the highest severity of any of the PackageIssues.

Link copied to clipboard
val packageIssue: Output<List<PackageIssueArgs>>? = null

The set of affected locations and their fixes (if available) within the associated resource.

Link copied to clipboard
val type: Output<String>? = null

The type of package; whether native or non native(ruby gems, node.js packages etc). This may be deprecated in the future because we can have multiple PackageIssues with different package types.

Link copied to clipboard
val vexAssessment: Output<VexAssessmentArgs>? = null

VexAssessment provides all publisher provided Vex information that is related to this vulnerability for this resource.