pulumi-google-native-kotlin/com.pulumi.googlenative.containeranalysis.v1.kotlin.outputs/VulnerabilityOccurrenceResponse

VulnerabilityOccurrenceResponse

data class VulnerabilityOccurrenceResponse(val cvssScore: Double, val cvssV2: CVSSResponse, val cvssVersion: String, val cvssv3: CVSSResponse, val effectiveSeverity: String, val fixAvailable: Boolean, val longDescription: String, val packageIssue: List<PackageIssueResponse>, val relatedUrls: List<RelatedUrlResponse>, val severity: String, val shortDescription: String, val type: String, val vexAssessment: VexAssessmentResponse)

An occurrence of a severity vulnerability on a resource.

Constructors

Link copied to clipboard
constructor(cvssScore: Double, cvssV2: CVSSResponse, cvssVersion: String, cvssv3: CVSSResponse, effectiveSeverity: String, fixAvailable: Boolean, longDescription: String, packageIssue: List<PackageIssueResponse>, relatedUrls: List<RelatedUrlResponse>, severity: String, shortDescription: String, type: String, vexAssessment: VexAssessmentResponse)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val cvssScore: Double

The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

Link copied to clipboard
val cvssV2: CVSSResponse

The cvss v2 score for the vulnerability.

Link copied to clipboard
val cvssv3: CVSSResponse

The cvss v3 score for the vulnerability.

Link copied to clipboard
val cvssVersion: String

CVSS version used to populate cvss_score and severity.

Link copied to clipboard
val effectiveSeverity: String

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.

Link copied to clipboard
val fixAvailable: Boolean

Whether at least one of the affected packages has a fix available.

Link copied to clipboard
val longDescription: String

A detailed description of this vulnerability.

Link copied to clipboard
val packageIssue: List<PackageIssueResponse>

The set of affected locations and their fixes (if available) within the associated resource.

Link copied to clipboard
val relatedUrls: List<RelatedUrlResponse>

URLs related to this vulnerability.

Link copied to clipboard
val severity: String

The note provider assigned severity of this vulnerability.

Link copied to clipboard
val shortDescription: String

A one sentence description of this vulnerability.

Link copied to clipboard
val type: String

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Link copied to clipboard