Grafeas v1 API - Class VulnerabilityNote (3.5.0)

public sealed class VulnerabilityNote : IMessage<VulnerabilityNote>, IEquatable<VulnerabilityNote>, IDeepCloneable<VulnerabilityNote>, IBufferMessage, IMessage

Reference documentation and code samples for the Grafeas v1 API class VulnerabilityNote.

A security vulnerability that can be found in resources.

Inheritance

object > VulnerabilityNote

Namespace

Grafeas.V1

Assembly

Grafeas.V1.dll

Constructors

VulnerabilityNote()

public VulnerabilityNote()

VulnerabilityNote(VulnerabilityNote)

public VulnerabilityNote(VulnerabilityNote other)
Parameter
NameDescription
otherVulnerabilityNote

Properties

CvssScore

public float CvssScore { get; set; }

The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

Property Value
TypeDescription
float

CvssV2

public CVSS CvssV2 { get; set; }

The full description of the v2 CVSS for this vulnerability.

Property Value
TypeDescription
CVSS

CvssV3

public CVSSv3 CvssV3 { get; set; }

The full description of the CVSSv3 for this vulnerability.

Property Value
TypeDescription
CVSSv3

CvssVersion

public CVSSVersion CvssVersion { get; set; }

CVSS version used to populate cvss_score and severity.

Property Value
TypeDescription
CVSSVersion

Details

public RepeatedField<VulnerabilityNote.Types.Detail> Details { get; }

Details of all known distros and packages affected by this vulnerability.

Property Value
TypeDescription
RepeatedFieldVulnerabilityNoteTypesDetail

Severity

public Severity Severity { get; set; }

The note provider assigned severity of this vulnerability.

Property Value
TypeDescription
Severity

SourceUpdateTime

public Timestamp SourceUpdateTime { get; set; }

The time this information was last changed at the source. This is an upstream timestamp from the underlying information source - e.g. Ubuntu security tracker.

Property Value
TypeDescription
Timestamp

WindowsDetails

public RepeatedField<VulnerabilityNote.Types.WindowsDetail> WindowsDetails { get; }

Windows details get their own format because the information format and model don't match a normal detail. Specifically Windows updates are done as patches, thus Windows vulnerabilities really are a missing package, rather than a package being at an incorrect version.

Property Value
TypeDescription
RepeatedFieldVulnerabilityNoteTypesWindowsDetail