public sealed class VulnerabilityNote : IMessage<VulnerabilityNote>, IEquatable<VulnerabilityNote>, IDeepCloneable<VulnerabilityNote>, IBufferMessage, IMessage
Reference documentation and code samples for the Grafeas v1 API class VulnerabilityNote.
A security vulnerability that can be found in resources.
Implements
IMessage VulnerabilityNote , IEquatable VulnerabilityNote , IDeepCloneable VulnerabilityNote , IBufferMessage , IMessageNamespace
Grafeas.V1Assembly
Grafeas.V1.dll
Constructors
VulnerabilityNote()
public VulnerabilityNote()
VulnerabilityNote(VulnerabilityNote)
public VulnerabilityNote(VulnerabilityNote other)
Properties
CvssScore
public float CvssScore { get; set; }
The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
CvssV2
public CVSS CvssV2 { get; set; }
The full description of the v2 CVSS for this vulnerability.
CvssV3
public CVSSv3 CvssV3 { get; set; }
The full description of the CVSSv3 for this vulnerability.
CvssVersion
public CVSSVersion CvssVersion { get; set; }
CVSS version used to populate cvss_score and severity.
Details
public RepeatedField<VulnerabilityNote.Types.Detail> Details { get; }
Details of all known distros and packages affected by this vulnerability.
Severity
public Severity Severity { get; set; }
The note provider assigned severity of this vulnerability.
SourceUpdateTime
public Timestamp SourceUpdateTime { get; set; }
The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
WindowsDetails
public RepeatedField<VulnerabilityNote.Types.WindowsDetail> WindowsDetails { get; }
Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.
