Reference documentation and code samples for the Grafeas V1 Client class VulnerabilityOccurrence.
An occurrence of a severity vulnerability on a resource.
Generated from protobuf message grafeas.v1.VulnerabilityOccurrence
Namespace
Grafeas \ V1Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ type |
string
The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.). |
↳ severity |
int
Output only. The note provider assigned severity of this vulnerability. |
↳ cvss_score |
float
Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity. |
↳ cvssv3 |
Grafeas\V1\CVSS
The cvss v3 score for the vulnerability. |
↳ package_issue |
array<Grafeas\V1\VulnerabilityOccurrence\PackageIssue>
Required. The set of affected locations and their fixes (if available) within the associated resource. |
↳ short_description |
string
Output only. A one sentence description of this vulnerability. |
↳ long_description |
string
Output only. A detailed description of this vulnerability. |
↳ related_urls |
array<Grafeas\V1\RelatedUrl>
Output only. URLs related to this vulnerability. |
↳ effective_severity |
int
The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues. |
↳ fix_available |
bool
Output only. Whether at least one of the affected packages has a fix available. |
↳ cvss_version |
int
Output only. CVSS version used to populate cvss_score and severity. |
↳ cvss_v2 |
Grafeas\V1\CVSS
The cvss v2 score for the vulnerability. |
↳ vex_assessment |
Grafeas\V1\VulnerabilityOccurrence\VexAssessment
|
↳ extra_details |
string
Occurrence-specific extra details about the vulnerability. |
getType
The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
Returns | |
---|---|
Type | Description |
string |
setType
The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getSeverity
Output only. The note provider assigned severity of this vulnerability.
Returns | |
---|---|
Type | Description |
int |
setSeverity
Output only. The note provider assigned severity of this vulnerability.
Parameter | |
---|---|
Name | Description |
var |
int
|
Returns | |
---|---|
Type | Description |
$this |
getCvssScore
Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
Returns | |
---|---|
Type | Description |
float |
setCvssScore
Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.
Parameter | |
---|---|
Name | Description |
var |
float
|
Returns | |
---|---|
Type | Description |
$this |
getCvssv3
The cvss v3 score for the vulnerability.
Returns | |
---|---|
Type | Description |
Grafeas\V1\CVSS|null |
hasCvssv3
clearCvssv3
setCvssv3
The cvss v3 score for the vulnerability.
Parameter | |
---|---|
Name | Description |
var |
Grafeas\V1\CVSS
|
Returns | |
---|---|
Type | Description |
$this |
getPackageIssue
Required. The set of affected locations and their fixes (if available) within the associated resource.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setPackageIssue
Required. The set of affected locations and their fixes (if available) within the associated resource.
Parameter | |
---|---|
Name | Description |
var |
array<Grafeas\V1\VulnerabilityOccurrence\PackageIssue>
|
Returns | |
---|---|
Type | Description |
$this |
getShortDescription
Output only. A one sentence description of this vulnerability.
Returns | |
---|---|
Type | Description |
string |
setShortDescription
Output only. A one sentence description of this vulnerability.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getLongDescription
Output only. A detailed description of this vulnerability.
Returns | |
---|---|
Type | Description |
string |
setLongDescription
Output only. A detailed description of this vulnerability.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getRelatedUrls
Output only. URLs related to this vulnerability.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setRelatedUrls
Output only. URLs related to this vulnerability.
Parameter | |
---|---|
Name | Description |
var |
array<Grafeas\V1\RelatedUrl>
|
Returns | |
---|---|
Type | Description |
$this |
getEffectiveSeverity
The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity.
When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
Returns | |
---|---|
Type | Description |
int |
setEffectiveSeverity
The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity.
When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.
Parameter | |
---|---|
Name | Description |
var |
int
|
Returns | |
---|---|
Type | Description |
$this |
getFixAvailable
Output only. Whether at least one of the affected packages has a fix available.
Returns | |
---|---|
Type | Description |
bool |
setFixAvailable
Output only. Whether at least one of the affected packages has a fix available.
Parameter | |
---|---|
Name | Description |
var |
bool
|
Returns | |
---|---|
Type | Description |
$this |
getCvssVersion
Output only. CVSS version used to populate cvss_score and severity.
Returns | |
---|---|
Type | Description |
int |
setCvssVersion
Output only. CVSS version used to populate cvss_score and severity.
Parameter | |
---|---|
Name | Description |
var |
int
|
Returns | |
---|---|
Type | Description |
$this |
getCvssV2
The cvss v2 score for the vulnerability.
Returns | |
---|---|
Type | Description |
Grafeas\V1\CVSS|null |
hasCvssV2
clearCvssV2
setCvssV2
The cvss v2 score for the vulnerability.
Parameter | |
---|---|
Name | Description |
var |
Grafeas\V1\CVSS
|
Returns | |
---|---|
Type | Description |
$this |
getVexAssessment
Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;
Returns | |
---|---|
Type | Description |
Grafeas\V1\VulnerabilityOccurrence\VexAssessment|null |
hasVexAssessment
clearVexAssessment
setVexAssessment
Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;
Parameter | |
---|---|
Name | Description |
var |
Grafeas\V1\VulnerabilityOccurrence\VexAssessment
|
Returns | |
---|---|
Type | Description |
$this |
getExtraDetails
Occurrence-specific extra details about the vulnerability.
Returns | |
---|---|
Type | Description |
string |
setExtraDetails
Occurrence-specific extra details about the vulnerability.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |