Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.
The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.
↳ cvss_version
int
CVSS version used to populate cvss_score and severity.
Windows details get their own format because the information format and
model don't match a normal detail. Specifically Windows updates are done as
patches, thus Windows vulnerabilities really are a missing package, rather
than a package being at an incorrect version.
Windows details get their own format because the information format and
model don't match a normal detail. Specifically Windows updates are done as
patches, thus Windows vulnerabilities really are a missing package, rather
than a package being at an incorrect version.
The time this information was last changed at the source. This is an
upstream timestamp from the underlying information source - e.g. Ubuntu
security tracker.
The time this information was last changed at the source. This is an
upstream timestamp from the underlying information source - e.g. Ubuntu
security tracker.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Grafeas V1 Client - Class VulnerabilityNote (1.2.2)\n\nVersion latestkeyboard_arrow_down\n\n- [1.2.2 (latest)](/php/docs/reference/grafeas/latest/V1.VulnerabilityNote)\n- [1.2.1](/php/docs/reference/grafeas/1.2.1/V1.VulnerabilityNote)\n- [1.1.3](/php/docs/reference/grafeas/1.1.3/V1.VulnerabilityNote)\n- [1.0.0](/php/docs/reference/grafeas/1.0.0/V1.VulnerabilityNote)\n- [0.10.3](/php/docs/reference/grafeas/0.10.3/V1.VulnerabilityNote)\n- [0.9.0](/php/docs/reference/grafeas/0.9.0/V1.VulnerabilityNote)\n- [0.8.3](/php/docs/reference/grafeas/0.8.3/V1.VulnerabilityNote)\n- [0.7.1](/php/docs/reference/grafeas/0.7.1/V1.VulnerabilityNote)\n- [0.6.0](/php/docs/reference/grafeas/0.6.0/V1.VulnerabilityNote)\n- [0.5.0](/php/docs/reference/grafeas/0.5.0/V1.VulnerabilityNote)\n- [0.4.4](/php/docs/reference/grafeas/0.4.4/V1.VulnerabilityNote) \nReference documentation and code samples for the Grafeas V1 Client class VulnerabilityNote.\n\nA security vulnerability that can be found in resources.\n\nGenerated from protobuf message `grafeas.v1.VulnerabilityNote`\n\nNamespace\n---------\n\nGrafeas \\\\ V1\n\nMethods\n-------\n\n### __construct\n\nConstructor.\n\n### getCvssScore\n\nThe CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10\nwhere 0 indicates low severity and 10 indicates high severity.\n\n### setCvssScore\n\nThe CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10\nwhere 0 indicates low severity and 10 indicates high severity.\n\n### getSeverity\n\nThe note provider assigned severity of this vulnerability.\n\n### setSeverity\n\nThe note provider assigned severity of this vulnerability.\n\n### getDetails\n\nDetails of all known distros and packages affected by this vulnerability.\n\n### setDetails\n\nDetails of all known distros and packages affected by this vulnerability.\n\n### getCvssV3\n\nThe full description of the CVSSv3 for this vulnerability.\n\n### hasCvssV3\n\n### clearCvssV3\n\n### setCvssV3\n\nThe full description of the CVSSv3 for this vulnerability.\n\n### getWindowsDetails\n\nWindows details get their own format because the information format and\nmodel don't match a normal detail. Specifically Windows updates are done as\npatches, thus Windows vulnerabilities really are a missing package, rather\nthan a package being at an incorrect version.\n\n### setWindowsDetails\n\nWindows details get their own format because the information format and\nmodel don't match a normal detail. Specifically Windows updates are done as\npatches, thus Windows vulnerabilities really are a missing package, rather\nthan a package being at an incorrect version.\n\n### getSourceUpdateTime\n\nThe time this information was last changed at the source. This is an\nupstream timestamp from the underlying information source - e.g. Ubuntu\nsecurity tracker.\n\n### hasSourceUpdateTime\n\n### clearSourceUpdateTime\n\n### setSourceUpdateTime\n\nThe time this information was last changed at the source. This is an\nupstream timestamp from the underlying information source - e.g. Ubuntu\nsecurity tracker.\n\n### getCvssVersion\n\nCVSS version used to populate cvss_score and severity.\n\n### setCvssVersion\n\nCVSS version used to populate cvss_score and severity.\n\n### getCvssV2\n\nThe full description of the v2 CVSS for this vulnerability.\n\n### hasCvssV2\n\n### clearCvssV2\n\n### setCvssV2\n\nThe full description of the v2 CVSS for this vulnerability."]]
