Grafeas V1 Client - Class VulnerabilityOccurrence (1.1.0)

Reference documentation and code samples for the Grafeas V1 Client class VulnerabilityOccurrence.

An occurrence of a severity vulnerability on a resource.

Generated from protobuf message grafeas.v1.VulnerabilityOccurrence

Namespace

Grafeas \ V1

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ type string

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

↳ severity int

Output only. The note provider assigned severity of this vulnerability.

↳ cvss_score float

Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

↳ cvssv3 Grafeas\V1\CVSS

The cvss v3 score for the vulnerability.

↳ package_issue array<Grafeas\V1\VulnerabilityOccurrence\PackageIssue>

Required. The set of affected locations and their fixes (if available) within the associated resource.

↳ short_description string

Output only. A one sentence description of this vulnerability.

↳ long_description string

Output only. A detailed description of this vulnerability.

↳ related_urls array<Grafeas\V1\RelatedUrl>

Output only. URLs related to this vulnerability.

↳ effective_severity int

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.

↳ fix_available bool

Output only. Whether at least one of the affected packages has a fix available.

↳ cvss_version int

Output only. CVSS version used to populate cvss_score and severity.

↳ cvss_v2 Grafeas\V1\CVSS

The cvss v2 score for the vulnerability.

↳ vex_assessment Grafeas\V1\VulnerabilityOccurrence\VexAssessment
↳ extra_details string

Occurrence-specific extra details about the vulnerability.

getType

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Returns
Type Description
string

setType

The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).

Parameter
Name Description
var string
Returns
Type Description
$this

getSeverity

Output only. The note provider assigned severity of this vulnerability.

Returns
Type Description
int

setSeverity

Output only. The note provider assigned severity of this vulnerability.

Parameter
Name Description
var int
Returns
Type Description
$this

getCvssScore

Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

Returns
Type Description
float

setCvssScore

Output only. The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10 where 0 indicates low severity and 10 indicates high severity.

Parameter
Name Description
var float
Returns
Type Description
$this

getCvssv3

The cvss v3 score for the vulnerability.

Returns
Type Description
Grafeas\V1\CVSS|null

hasCvssv3

clearCvssv3

setCvssv3

The cvss v3 score for the vulnerability.

Parameter
Name Description
var Grafeas\V1\CVSS
Returns
Type Description
$this

getPackageIssue

Required. The set of affected locations and their fixes (if available) within the associated resource.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setPackageIssue

Required. The set of affected locations and their fixes (if available) within the associated resource.

Parameter
Name Description
var array<Grafeas\V1\VulnerabilityOccurrence\PackageIssue>
Returns
Type Description
$this

getShortDescription

Output only. A one sentence description of this vulnerability.

Returns
Type Description
string

setShortDescription

Output only. A one sentence description of this vulnerability.

Parameter
Name Description
var string
Returns
Type Description
$this

getLongDescription

Output only. A detailed description of this vulnerability.

Returns
Type Description
string

setLongDescription

Output only. A detailed description of this vulnerability.

Parameter
Name Description
var string
Returns
Type Description
$this

getRelatedUrls

Output only. URLs related to this vulnerability.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setRelatedUrls

Output only. URLs related to this vulnerability.

Parameter
Name Description
var array<Grafeas\V1\RelatedUrl>
Returns
Type Description
$this

getEffectiveSeverity

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity.

When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.

Returns
Type Description
int

setEffectiveSeverity

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity.

When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.

Parameter
Name Description
var int
Returns
Type Description
$this

getFixAvailable

Output only. Whether at least one of the affected packages has a fix available.

Returns
Type Description
bool

setFixAvailable

Output only. Whether at least one of the affected packages has a fix available.

Parameter
Name Description
var bool
Returns
Type Description
$this

getCvssVersion

Output only. CVSS version used to populate cvss_score and severity.

Returns
Type Description
int

setCvssVersion

Output only. CVSS version used to populate cvss_score and severity.

Parameter
Name Description
var int
Returns
Type Description
$this

getCvssV2

The cvss v2 score for the vulnerability.

Returns
Type Description
Grafeas\V1\CVSS|null

hasCvssV2

clearCvssV2

setCvssV2

The cvss v2 score for the vulnerability.

Parameter
Name Description
var Grafeas\V1\CVSS
Returns
Type Description
$this

getVexAssessment

Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;

Returns
Type Description
Grafeas\V1\VulnerabilityOccurrence\VexAssessment|null

hasVexAssessment

clearVexAssessment

setVexAssessment

Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;

Parameter
Name Description
var Grafeas\V1\VulnerabilityOccurrence\VexAssessment
Returns
Type Description
$this

getExtraDetails

Occurrence-specific extra details about the vulnerability.

Returns
Type Description
string

setExtraDetails

Occurrence-specific extra details about the vulnerability.

Parameter
Name Description
var string
Returns
Type Description
$this